settrogens.com/link?z=4479469&var=7GQ79dKWK6c2YDxGB&ymid=novZVV57mP60kb578Rd7YGO5ce
139.45.197.238302 Found 0 B URL HTTP/1.1 settrogens.com/link?z=4479469&var=7GQ79dKWK6c2YDxGB&ymid=novZVV57mP60kb578Rd7YGO5ce
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /link?z=4479469&var=7GQ79dKWK6c2YDxGB&ymid=novZVV57mP60kb578Rd7YGO5ce HTTP/1.1
Host: settrogens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 24 Sep 2022 23:07:32 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id: 6e966385d7247a70c5b7545c5f2e2426
Link: <https://tagstaticx.com>; rel="dns-prefetch preconnect"
Location: https://tagstaticx.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4479469&axcusid1=7GQ79dKWK6c2YDxGB&clid={ymid}&r=http%3A%2F%2Fsettrogens.com%2Flink%3Fz%3D4479469%26var%3D7GQ79dKWK6c2YDxGB%26ymid%3DnovZVV57mP60kb578Rd7YGO5ce%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=3378
Set-Cookie: OAID=2c6339dfbb6e4cc2a3687306158a0ee8; expires=Sun, 24 Sep 2023 23:07:32 GMT
oaidts=1664060852; expires=Sun, 24 Sep 2023 23:07:32 GMT
phpckd4479469=true; expires=Sun, 25 Sep 2022 23:07:32 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 22:14:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D6ZButyH6qbm75LzoSYy4jYbBf9XvPXGr8VNfAFG35vpQmSZiTl_EA==
Age: 3173
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6642
Expires: Sun, 25 Sep 2022 00:58:14 GMT
Date: Sat, 24 Sep 2022 23:07:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AWaKYUH4VC3TTY-CxlJyPkYm-9WEUUbvRR8fa6E9c3XfQFyQ3orfjA==
age: 66738
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 23:07:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 656fbeebba0bede30e15114af05971fe
bedb5c959485c318ee3fddcda2ee0e7251b32596
11024e081ab5e9bd1f1d1fb1d58718bb7b8c4b32c189d6506673e54b6f6252b7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 23:07:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 21:40:14 GMT
Expires: Thu, 29 Sep 2022 21:40:13 GMT
Etag: "bedb5c959485c318ee3fddcda2ee0e7251b32596"
Cache-Control: max-age=426159,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ff2d4cec090afe-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 656fbeebba0bede30e15114af05971fe
bedb5c959485c318ee3fddcda2ee0e7251b32596
11024e081ab5e9bd1f1d1fb1d58718bb7b8c4b32c189d6506673e54b6f6252b7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 23:07:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 21:40:14 GMT
Expires: Thu, 29 Sep 2022 21:40:13 GMT
Etag: "bedb5c959485c318ee3fddcda2ee0e7251b32596"
Cache-Control: max-age=426159,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ff2d4cfc3efac0-OSL
tagdatax.com/ir/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
139.45.195.253200 OK 2 B URL HTTP/1.1 tagdatax.com/ir/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
IP 139.45.195.253:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /ir/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853 HTTP/1.1
Host: tagdatax.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tagstaticx.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://tagstaticx.com
Content-Length: 374
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 24 Sep 2022 23:07:33 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://tagstaticx.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
tagdatax.com/version.js?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
139.45.195.253200 OK 57 B URL HTTP/1.1 tagdatax.com/version.js?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
IP 139.45.195.253:0
File type ASCII text, with no line terminators
Hash 644118478936fbeb5bfb06e13718299b
498d44b393fb48cbaa41d48e7376eeb23f8e41ea
e9fab05aac7a21c1f16253c2d678faa3179eb80367953983d8316a58c505d903
GET /version.js?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853 HTTP/1.1
Host: tagdatax.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tagstaticx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 24 Sep 2022 23:07:33 GMT
Content-Type: application/javascript
Content-Length: 57
Connection: keep-alive
Cache-Control: private, max-age=63072000
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 24 Sep 2022 23:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sat, 24 Sep 2022 23:55:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KAxBjreKdocpTMQ-yLsl8bWHhl3fPUrzlO7_HdDPCo2jzgOkYTMSmA==
Age: 196
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 23:07:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=414467,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ff2d4cea9cb505-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 656fbeebba0bede30e15114af05971fe
bedb5c959485c318ee3fddcda2ee0e7251b32596
11024e081ab5e9bd1f1d1fb1d58718bb7b8c4b32c189d6506673e54b6f6252b7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 23:07:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 21:40:14 GMT
Expires: Thu, 29 Sep 2022 21:40:13 GMT
Etag: "bedb5c959485c318ee3fddcda2ee0e7251b32596"
Cache-Control: max-age=426159,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ff2d4cfca1b51b-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 656fbeebba0bede30e15114af05971fe
bedb5c959485c318ee3fddcda2ee0e7251b32596
11024e081ab5e9bd1f1d1fb1d58718bb7b8c4b32c189d6506673e54b6f6252b7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 23:07:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 21:40:14 GMT
Expires: Thu, 29 Sep 2022 21:40:13 GMT
Etag: "bedb5c959485c318ee3fddcda2ee0e7251b32596"
Cache-Control: max-age=426159,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ff2d4d1e070b61-OSL
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3a305cbbffa9f84d64298ac8b12c56c4
3c875347378650b3514ca70bf6ca308a35da52ce
d1ec7208678b162990c1f783d9615c0f27d63a6ad3217fbbfa7f93d7c7e345c5
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tagstaticx.com/
Origin: https://tagstaticx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 23:07:33 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://tagstaticx.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=89fa048a59d34706b05fd0d4078e5567; expires=Sun, 24 Sep 2023 23:07:33 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
tagdatax.com/pix.jpg?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
139.45.195.253200 OK 28 B URL HTTP/1.1 tagdatax.com/pix.jpg?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
IP 139.45.195.253:0
File type ASCII text, with no line terminators
Hash 160988f32f3a9fc12fd2958350f5a758
ea0e78c6b9e28345b0c69748ed7b4a6dca96c711
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18
GET /pix.jpg?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853 HTTP/1.1
Host: tagdatax.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tagstaticx.com/
Origin: https://tagstaticx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 24 Sep 2022 23:07:33 GMT
Content-Type: image/jpeg
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Origin: https://tagstaticx.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: ETag
Etag: cdd0a338-1bf4-4399-aed1-53b2f9effabf
Cache-Control: private, must-revalidate, proxy-revalidate
tagdatax.com/ws?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
139.45.195.253101 Switching Protocols 0 B URL HTTP/1.1 tagdatax.com/ws?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
IP 139.45.195.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853 HTTP/1.1
Host: tagdatax.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://tagstaticx.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: edOZBxoTHauYIt4QorAAiA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.19.10
Date: Sat, 24 Sep 2022 23:07:33 GMT
Connection: upgrade
Upgrade: websocket
Sec-Websocket-Accept: VernbIDt+m8AN3LXSaczyTdpY2Q=
tagdatax.com/etag?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
139.45.195.253200 OK 2 B URL HTTP/1.1 tagdatax.com/etag?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
IP 139.45.195.253:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /etag?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853 HTTP/1.1
Host: tagdatax.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tagstaticx.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://tagstaticx.com
Content-Length: 395
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 24 Sep 2022 23:07:33 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://tagstaticx.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23ba09c14e337ac70d877d2ed33dc795
175d5155889b45711d0a9050116591ad25e74891
cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23ba09c14e337ac70d877d2ed33dc795
175d5155889b45711d0a9050116591ad25e74891
cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23ba09c14e337ac70d877d2ed33dc795
175d5155889b45711d0a9050116591ad25e74891
cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23ba09c14e337ac70d877d2ed33dc795
175d5155889b45711d0a9050116591ad25e74891
cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23ba09c14e337ac70d877d2ed33dc795
175d5155889b45711d0a9050116591ad25e74891
cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.98200 OK 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tagstaticx.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sat, 24 Sep 2022 23:07:33 GMT
expires: Sat, 24 Sep 2022 23:07:33 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16311623534707208408
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
142.250.74.164200 OK 6.0 kB URL HTTP/2 www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
IP 142.250.74.164:0
File type PNG image data, 272 x 92, 8-bit/color RGBA, non-interlaced\012- data
Hash 8f9327db2597fa57d2f42b4a6c5a9855
1737d3dfb411c07b86ed8bd30f5987a4dc397cc1
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
GET /images/branding/googlelogo/1x/googlelogo_color_272x92dp.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tagstaticx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 5969
date: Sat, 24 Sep 2022 23:07:33 GMT
expires: Sat, 24 Sep 2022 23:07:33 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
IP 142.250.74.164:0
File type PNG image data, 544 x 184, 8-bit/color RGBA, non-interlaced\012- data
Hash 80fa4bcab0351fdccb69c66fb55dcd00
26f471f6ebe3b11557506f6ae96156e0a3852e5b
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
GET /images/branding/googlelogo/2x/googlelogo_color_272x92dp.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tagstaticx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 13504
date: Sat, 24 Sep 2022 23:07:33 GMT
expires: Sat, 24 Sep 2022 23:07:33 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
142.250.74.164200 OK 7.0 kB URL HTTP/2 www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
IP 142.250.74.164:0
File type PNG image data, 320 x 112, 8-bit/color RGBA, non-interlaced\012- data
Hash d6b993cd3a71d84e8dd51dc9bf01f537
41f57a52be2447b7b4ee458887e860a702150396
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
GET /images/branding/googlelogo/2x/googlelogo_color_160x56dp.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tagstaticx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7048
date: Sat, 24 Sep 2022 23:07:33 GMT
expires: Sat, 24 Sep 2022 23:07:33 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
142.250.74.164200 OK 5.1 kB URL HTTP/2 www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
IP 142.250.74.164:0
File type PNG image data, 240 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash 8d2b7f3d00f50b8aebb7d1c002c64ca1
b3d5a78c18020868d322a0ac54c9d8e45a59a3b3
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
GET /images/branding/googlelogo/2x/googlelogo_color_120x44dp.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tagstaticx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 5087
date: Sat, 24 Sep 2022 23:07:33 GMT
expires: Sat, 24 Sep 2022 23:07:33 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
142.250.74.164200 OK 3.9 kB URL HTTP/2 www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
IP 142.250.74.164:0
File type PNG image data, 180 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash c198051c3b22e6fa2e26712e855da980
6cac1226aff75d94809534c373f43a28253879da
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
GET /images/branding/googlelogo/2x/googlelogo_color_90x40dp.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tagstaticx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3934
date: Sat, 24 Sep 2022 23:07:33 GMT
expires: Sat, 24 Sep 2022 23:07:33 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4168
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:33 GMT
Last-Modified: Sat, 24 Sep 2022 21:58:05 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 267300d587831dda7559c30c40cc614e
d7ff0b9754e61f5d4178eddb5e63c3390ab559c8
ec7aad1a3116ce8ef5258b49de87cf3456c8c4890206fa5d46c8e510ded80ac0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tagdatax.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
139.45.195.253200 OK 2 B URL HTTP/1.1 tagdatax.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
IP 139.45.195.253:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853 HTTP/1.1
Host: tagdatax.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tagstaticx.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://tagstaticx.com
Content-Length: 2004
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 24 Sep 2022 23:07:33 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://tagstaticx.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
settrogens.com/link?z=4479469&var=7GQ79dKWK6c2YDxGB&ymid=novZVV57mP60kb578Rd7YGO5ce&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=3378
139.45.197.238200 OK 3.0 kB URL HTTP/1.1 settrogens.com/link?z=4479469&var=7GQ79dKWK6c2YDxGB&ymid=novZVV57mP60kb578Rd7YGO5ce&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=3378
IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5402)
Hash 875df62c094dffc8876c86ad1a645bbb
a7e0a4495225a7810504d5ae47ddd5f2dafa5f71
37642615ab441dff8edd6aec5e8f1be169c7136cd1393615098852f51f927ee3
Analyzer Verdict Alert quad9 Sinkholed
GET /link?z=4479469&var=7GQ79dKWK6c2YDxGB&ymid=novZVV57mP60kb578Rd7YGO5ce&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=3378 HTTP/1.1
Host: settrogens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=2c6339dfbb6e4cc2a3687306158a0ee8; oaidts=1664060852; phpckd4479469=true
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 23:07:33 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 766cedd8286deda4f3bc027299023542
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=2c6339dfbb6e4cc2a3687306158a0ee8; expires=Sun, 24 Sep 2023 23:07:33 GMT; path=/
oaidts=1664060852; expires=Sun, 24 Sep 2023 23:07:33 GMT; path=/
allcnt=1; expires=Sun, 24 Sep 2023 23:07:33 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
push.services.mozilla.com/
35.165.143.157101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.143.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NMUBdngCQoxv6v+xE4io2Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BHBRkuxh+kJC8Lm5VPzCIlIKKYs=
settrogens.com/favicon.ico
139.45.197.238204 No Content 0 B URL HTTP/1.1 settrogens.com/favicon.ico
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: settrogens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://settrogens.com/link?z=4479469&var=7GQ79dKWK6c2YDxGB&ymid=novZVV57mP60kb578Rd7YGO5ce&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=3378
Cookie: OAID=2c6339dfbb6e4cc2a3687306158a0ee8; oaidts=1664060852; phpckd4479469=true; allcnt=1
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 24 Sep 2022 23:07:33 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 23:07:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=414466,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ff2d50fdb70afe-OSL
my.rtmark.net/img.gif?f=merge&userId=2c6339dfbb6e4cc2a3687306158a0ee8
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=2c6339dfbb6e4cc2a3687306158a0ee8
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=2c6339dfbb6e4cc2a3687306158a0ee8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://settrogens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 23:07:34 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=2c6339dfbb6e4cc2a3687306158a0ee8; expires=Sun, 24 Sep 2023 23:07:34 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
moksoxos.com/?z=4479470&syncedCookie=true&rhd=false
139.45.197.239302 Found 0 B URL HTTP/1.1 moksoxos.com/?z=4479470&syncedCookie=true&rhd=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /?z=4479470&syncedCookie=true&rhd=false HTTP/1.1
Host: moksoxos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 625
Origin: http://settrogens.com
Connection: keep-alive
Referer: http://settrogens.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 24 Sep 2022 23:07:34 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 30e081060cf72d5823e793f6c3050808
Link: <https://toapodazoay.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://toapodazoay.com/?l=qCqekRDLtEBTXwP&s=597677140141675203&z=4479470&g=NO&svar=1664060854&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1664060854&ssk=96e053e7c6d391299042d6a4d5107a98&svarok=1&b=79056&oaid=aa3de3c98243405cbaa851ad96c05772&rdk=rk3
Access-Control-Allow-Origin: http://settrogens.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=aa3de3c98243405cbaa851ad96c05772; expires=Sun, 24 Sep 2023 23:07:34 GMT; path=/
oaidts=1664060854; expires=Sun, 24 Sep 2023 23:07:34 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 94f236ff0825782ec8ec19a27aa1ab90
458cc5f2e776ab3ca804d7816dd70b9c7196f598
18c7816a2b06b781feabb0da564fbfc202cb4be23f91c4acbc4098ab7fbf3122
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18C7816A2B06B781FEABB0DA564FBFC202CB4BE23F91C4ACBC4098AB7FBF3122"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7251
Expires: Sun, 25 Sep 2022 01:08:25 GMT
Date: Sat, 24 Sep 2022 23:07:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 25d70d65d5bc10622267e606913a4ed3
62a344bb98df03646481535e9ca48a996fa318a5
24ce9bff219f1e7d5de54793ead2119bc4d82ac9b86f99a9ab1c67cec02402b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24CE9BFF219F1E7D5DE54793EAD2119BC4D82AC9B86F99A9AB1C67CEC02402B9"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12872
Expires: Sun, 25 Sep 2022 02:42:06 GMT
Date: Sat, 24 Sep 2022 23:07:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d3ea37777b24ad3132f8bc92164c608e
5701e444a0be8384b9e5e6e04b0c53d5753f638a
167cf989b2eb81bfcba5079d5216c0d83a019938bf47c8b67cbf633fc0070e4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "167CF989B2EB81BFCBA5079D5216C0D83A019938BF47C8B67CBF633FC0070E4B"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2674
Expires: Sat, 24 Sep 2022 23:52:08 GMT
Date: Sat, 24 Sep 2022 23:07:34 GMT
Connection: keep-alive
unphionetor.com/vctx?t=56193
139.45.197.236200 OK 72 B URL HTTP/2 unphionetor.com/vctx?t=56193
IP 139.45.197.236:0
File type JSON data\012- , ASCII text
Hash f2132de9e23a055f5ea96e5939c5c95c
04a9c69f3487abe37d905eec1c8714fb90d8da97
7ab4886e5344a3c071785e8db5a9c9a3b49d32dc4ac9c6ecc563d636506fbbd5
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=56193 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toapodazoay.com
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 23:07:34 GMT
content-type: text/plain; charset=utf-8
content-length: 72
access-control-allow-origin: https://toapodazoay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: ece0f5fb617dbf32161aa7a7bbb71f7a
set-cookie: PRIT[56193]=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
toapodazoay.com/favicon.ico
139.45.197.153204 No Content 0 B URL HTTP/2 toapodazoay.com/favicon.ico
IP 139.45.197.153:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: toapodazoay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toapodazoay.com/?rzi=4479470&rsz=4479470&rid=
Cookie: reverse=ygqI61LkXA5-MRvmeN5yvYQZ-uRjepY-OWB2HVpw7E4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 24 Sep 2022 23:07:34 GMT
strict-transport-security: max-age=60
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=56193&bid=79056&aid=597677140141675203
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=56193&bid=79056&aid=597677140141675203
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=56193&bid=79056&aid=597677140141675203 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toapodazoay.com
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 24 Sep 2022 23:07:34 GMT
access-control-allow-origin: https://toapodazoay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 407524b486863b8bfcfb1b41e0a171b0
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10449
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sat, 24 Sep 2022 23:07:35 GMT
Connection: keep-alive
ptauxofi.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=qCqekRDLtEBTXwP&z=3683319
139.45.197.250200 OK 40 kB URL HTTP/2 ptauxofi.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=qCqekRDLtEBTXwP&z=3683319
IP 139.45.197.250:0
Hash 841de8688c99eaaf87ab99b4cc70508a
ccfef39f8ec58840179d97cc513f34609e8cec02
b1ccdc8f4290eb4379d6daccb3c57a46d0968733e349ef012ddf54d8cd454613
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=qCqekRDLtEBTXwP&z=3683319 HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 23:07:34 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-1a407"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3056f6d6-1a08-46ac-94a1-eb08e1b784e1.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3056f6d6-1a08-46ac-94a1-eb08e1b784e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bbdad67489e993cebd23ffb04ebd02c
3a69c08b4d25d1dae1abbabd103d6d295a2f5425
ee3839246f3bada3e3190c240c8ac64d8012a87c062c5e006ed80a7edcd773a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3056f6d6-1a08-46ac-94a1-eb08e1b784e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7404
x-amzn-requestid: ef623ade-f397-40a9-b88d-0394f22a8d8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJPGYyoAMFVEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-2da73ceb54b36ade5bf4ce1a;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jqPyyJr0H9dHTBuQb9Z8bNBwMXhBz5pz09u_j1R0Qpp-iGUGFXm0VQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 02:52:44 GMT
age: 72891
etag: "3a69c08b4d25d1dae1abbabd103d6d295a2f5425"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
toapodazoay.com/?l=qCqekRDLtEBTXwP&s=597677140141675203&z=4479470&g=NO&svar=1664060854&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1664060854&ssk=96e053e7c6d391299042d6a4d5107a98&svarok=1&b=79056&oaid=aa3de3c98243405cbaa851ad96c05772&rdk=rk3
139.45.197.153200 OK 17 kB URL HTTP/2 toapodazoay.com/?l=qCqekRDLtEBTXwP&s=597677140141675203&z=4479470&g=NO&svar=1664060854&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1664060854&ssk=96e053e7c6d391299042d6a4d5107a98&svarok=1&b=79056&oaid=aa3de3c98243405cbaa851ad96c05772&rdk=rk3
IP 139.45.197.153:0
Hash 880f2981b67148df1e1ceb6721636a6a
f096c112fe8e03cb03836cd947e94493e0cb672e
be1be38c2ac08836171445ad7f7667b19dfc74b5105e88a7460acc952dfd636b
GET /?l=qCqekRDLtEBTXwP&s=597677140141675203&z=4479470&g=NO&svar=1664060854&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1664060854&ssk=96e053e7c6d391299042d6a4d5107a98&svarok=1&b=79056&oaid=aa3de3c98243405cbaa851ad96c05772&rdk=rk3 HTTP/1.1
Host: toapodazoay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 23:07:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
set-cookie: reverse=ygqI61LkXA5-MRvmeN5yvYQZ-uRjepY-OWB2HVpw7E4; expires=Sun, 25-Sep-2022 00:07:34 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78aaf154-de5d-4fec-94c5-4e185b4c0cc1.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78aaf154-de5d-4fec-94c5-4e185b4c0cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7eba9d4ed7413abb8e8824cc86071b50
1ec47b0f11a2b1173a1dcd32d541e5680b0088b1
399622d6099137974fa30a332c145b45182a7be272523a325418c63bfe70e5a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78aaf154-de5d-4fec-94c5-4e185b4c0cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4320
x-amzn-requestid: 72d102a6-8552-473f-b3f8-99450722017d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmHEgIAMFXvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-7e4789b1723913e2500ea5f2;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4XK0s7000jxVbsu88-3ze_Mg_SqTKMDgAWKiLkc3ZCiiqGhS02Cn5w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:12:06 GMT
age: 3329
etag: "1ec47b0f11a2b1173a1dcd32d541e5680b0088b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d4989e-b390-4a8b-be36-820e0256c211.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d4989e-b390-4a8b-be36-820e0256c211.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b247d936b6e75a5075e09d9d2f7c3b1
7d3650b77b7f501d2f94592b8a4c0e02a75feb70
165d5ef729be431744228c7f1791141536db476811a3e9c7ab5958c6e38a781a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d4989e-b390-4a8b-be36-820e0256c211.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7977
x-amzn-requestid: 6d6cbdf9-91f4-4fb5-8afe-cb8dea476e8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EoFjtIAMFjcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7883-5681f08725a5ce7e36c27d75;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:07 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0H0AT4oKoQUzJWzgfJuK9M_bisrd4bhX6jVfbj3VZ5IPp8u2opEuOA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:25 GMT
etag: "7d3650b77b7f501d2f94592b8a4c0e02a75feb70"
content-type: image/jpeg
age: 5290
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30df3bb6-8eae-49ae-ba75-f6dd462463ac.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30df3bb6-8eae-49ae-ba75-f6dd462463ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8abddb2cad9c262667f358ecb9b084ae
2d97861b35e3d0ffe6a614037e4ff7946018b4ef
9b4878cf451b7bc5c7467d1e35e2fa12f54e516c878dd54d0293a4ef4947ba5b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30df3bb6-8eae-49ae-ba75-f6dd462463ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4237
x-amzn-requestid: 9e56dfd3-fa01-4f17-88fd-524f6385b515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQHZDoAMFayQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-41be4896776c43940ec21f10;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8nuwiFa5MQt6e3rfHwJlWcVejM-299WEDNFiscddW4iOVQjazIabtQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:27 GMT
age: 5288
etag: "2d97861b35e3d0ffe6a614037e4ff7946018b4ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0693f3eb-ed7b-4594-b2db-7432590f4d49.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0693f3eb-ed7b-4594-b2db-7432590f4d49.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d35df1f57d0736995615b0d8f50b8a3
8324b383c89771a2b1155ec6d069bf5a47338acd
9f381d59d2e4b086d43d784d7660e27f6f7760dc2b4eb9beee4b6e94801cb6db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0693f3eb-ed7b-4594-b2db-7432590f4d49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4723
x-amzn-requestid: 4be5e73a-e648-40a4-8566-cb3417e5843b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EKHYcoAMFgMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7880-4682134275162910149d09ec;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 67JgCuzx90IROr0JQJq0jbsntmkbD0dReobbS4G1V6pPD22qOosLrg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:15:14 GMT
age: 3141
etag: "8324b383c89771a2b1155ec6d069bf5a47338acd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
go.ad2upapp.com/afu.php?id=792658&rt=1
139.45.197.237302 Moved Temporarily 138 B URL HTTP/1.1 go.ad2upapp.com/afu.php?id=792658&rt=1
IP 139.45.197.237:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /afu.php?id=792658&rt=1 HTTP/1.1
Host: go.ad2upapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 24 Sep 2022 23:07:36 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: http://go.deliverymodo.com/afu.php?id=792658&rt=1
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
go.deliverymodo.com/afu.php?id=792658&rt=1
139.45.197.236200 OK 737 B URL HTTP/1.1 go.deliverymodo.com/afu.php?id=792658&rt=1
IP 139.45.197.236:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ca3e585ec02a42d182f73583abaf2949
94967fa7e12da6683085e9c9a437af8fb1f06640
e63b26b76b8b3e26c6e7a67bdd75347ef3fbc2435b3f34a59d8d493d3f96b2e7
GET /afu.php?id=792658&rt=1 HTTP/1.1
Host: go.deliverymodo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 23:07:36 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 7515208273d0e7ba40dc2e06fc3b1f1a
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://www.lyca-mobile.no>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=dfc821ebe27b4edb85d1ad2b1b48348d; expires=Sun, 24 Sep 2023 23:07:36 GMT; path=/
oaidts=1664060856; expires=Sun, 24 Sep 2023 23:07:36 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
unphionetor.com/vb?t=56193&bid=79056&aid=597677140141675203&tp=1968
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vb?t=56193&bid=79056&aid=597677140141675203&tp=1968
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vb?t=56193&bid=79056&aid=597677140141675203&tp=1968 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toapodazoay.com
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 24 Sep 2022 23:07:36 GMT
access-control-allow-origin: https://toapodazoay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 20632ea38cdcc844b5df88255cbe5c1e
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
go.deliverymodo.com/favicon.ico
139.45.197.236204 No Content 0 B URL HTTP/1.1 go.deliverymodo.com/favicon.ico
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: go.deliverymodo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=dfc821ebe27b4edb85d1ad2b1b48348d; oaidts=1664060856
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 24 Sep 2022 23:07:36 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 23:07:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=414464,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ff2d5fbb1efac0-OSL
ocsp.netsolssl.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ec259583ee64fbe885d5d828b6dc89c2
27421c01a859494c303783c42df3dc7b8c6d34ea
2b6cf4d1b90580c59b7f1b3d65efccfffac8603ac34c02f8010e6556f554dc0e
POST / HTTP/1.1
Host: ocsp.netsolssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 23:07:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 13:06:07 GMT
Expires: Thu, 29 Sep 2022 13:06:06 GMT
Etag: "27421c01a859494c303783c42df3dc7b8c6d34ea"
Cache-Control: max-age=395309,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ff2d5feeee0b4d-OSL
my.rtmark.net/img.gif?f=merge&userId=dfc821ebe27b4edb85d1ad2b1b48348d
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=dfc821ebe27b4edb85d1ad2b1b48348d
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=dfc821ebe27b4edb85d1ad2b1b48348d HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 23:07:36 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dfc821ebe27b4edb85d1ad2b1b48348d; expires=Sun, 24 Sep 2023 23:07:36 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
3.120.194.163200 OK 32 kB URL HTTP/1.1 www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
IP 3.120.194.163:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1692), with CRLF, LF line terminators
Hash f340cedfb87ae89b8f7c7e598501c3bf
90362f0cac7e9267ebfcb25fbe51d25b6f0adaaf
d972428e9107d54e4cf6d48e98272d4e49d0ab1052f71c882476e211ea404a99
GET /nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1 HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 24 Sep 2022 23:07:36 GMT
Link: <https://www.lyca-mobile.no/nb/?p=170722>; rel=shortlink
Server: Apache
Set-Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; path=/; domain=.lyca-mobile.no; secure; HttpOnly;HttpOnly; Secure; SameSite=None;HttpOnly; Secure; SameSite=None;SameSite=None;Secure
newsim_tab=0; expires=Sat, 24-Sep-2022 23:17:36 GMT; Max-Age=600; path=/;HttpOnly; Secure; SameSite=None;HttpOnly; Secure; SameSite=None;SameSite=None;Secure
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 31919
Connection: keep-alive
unphionetor.com/fv.js?t=56193&cb=1720556581
139.45.197.236200 OK 3.9 kB URL HTTP/2 unphionetor.com/fv.js?t=56193&cb=1720556581
IP 139.45.197.236:0
File type ASCII text, with very long lines (5238)
Hash be4885a1b6e70d18864068b038ec512f
597acf9d125a3e4bc583253e5bef9bfacea23b20
0716fdfa7a889df10c7f34adad12daf07849f716bcb6ea42c22eedef42664243
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=56193&cb=1720556581 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 23:07:34 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 9342a12197589902217027c2237fb9a4
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/vendor/flat-icon/flaticon.css
143.204.42.114200 OK 417 B URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/vendor/flat-icon/flaticon.css
IP 143.204.42.114:0
File type ASCII text, with very long lines (1000), with no line terminators
Hash 5e5c8838d3f45e076213445010a63eb8
6aedac1cb54fd087ea16c8bae11c0687bef29ce8
653364905a7234231046bf7134bfb1d2f8f957e10463e74d636e4465bf1b8139
GET /wp-content/themes/Divi-child/vendor/flat-icon/flaticon.css HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 13:13:31 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:43 GMT
ETag: W/"944296da525e8552632efd1dc0fd0480"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mf-p4ApAi72ZIuns9ccTBT4C0wZfalAKByy8FZBJVxgzetlfUeBwFw==
Age: 35648
www.lyca-mobile.no/wp-content/plugins/custom-search-plugin/css/style.css
3.120.194.163200 OK 251 B URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/custom-search-plugin/css/style.css
IP 3.120.194.163:0
Hash 90fe42aaed8e5c04b824b1ca3cf3ea34
737cfe50f07686fb94ca84b3e836ac7d85d425d9
2a50c1b8ad7b97eea3b52d13f8623eeffe389262e3eccfb676eaacd15619345b
GET /wp-content/plugins/custom-search-plugin/css/style.css HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/css
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:25:56 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 251
Connection: keep-alive
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/css/student-style.css
143.204.42.114200 OK 966 B URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/css/student-style.css
IP 143.204.42.114:0
File type ASCII text, with CR line terminators
Hash 64eaec02b035ad1628a7890becee905c
d9a7cd1dd7d3400c09e341e4bba580b80b0a41d9
370ce3c5280f78beb793f8773f3f74b225a2e54f35449df02aa8e181a4842255
GET /wp-content/themes/Divi-child/css/student-style.css HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 966
Connection: keep-alive
Date: Sat, 24 Sep 2022 08:44:53 GMT
Last-Modified: Thu, 18 Nov 2021 11:11:57 GMT
ETag: "64eaec02b035ad1628a7890becee905c"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: o1iKuObuvJ7CvwAxMXj52DeRxubH-HgiLLnIxCTygERvIgiwO98xLg==
Age: 51766
d3uayxmzbnco7f.cloudfront.net/wp-includes/css/dist/block-library/style.css
143.204.42.114200 OK 9.3 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-includes/css/dist/block-library/style.css
IP 143.204.42.114:0
Hash 6b4d5c93a96759a5b205c8ed08ee80f3
f2dd476e35046dd5ff2c5721482a4774f7c54eec
ae76162dfc835fe16c95fe5dabb6732d6a5894a483511f74dcd1648f8b1550c6
GET /wp-includes/css/dist/block-library/style.css HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 12:53:41 GMT
Last-Modified: Thu, 06 Aug 2020 03:32:13 GMT
ETag: W/"ff1e4526d778743bf4370b47ff17e7c7"
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Zbj4ViYumNvISdS8xNc-_6FN2nn8lN8uj2Vh2HDHKlhEvKUS_m91uw==
Age: 36838
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/vendor/bootstrap/css/bootstrap.min.css
143.204.42.114200 OK 20 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/vendor/bootstrap/css/bootstrap.min.css
IP 143.204.42.114:0
File type ASCII text, with very long lines (65371)
Hash 7d237e65cd0e396d2d92feda09933cb5
2f6a4a2dfb24d45fada38fb05fcd0450cacdee55
b24bdd06537c109909c4a7c7c6f6dbf6367e199e0837dcdf021cc6c154650e2b
GET /wp-content/themes/Divi-child/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Aug 2019 08:27:42 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 09:59:38 GMT
Cache-Control: 2592000
ETag: W/"ac9de5b47373547a27390517f13fe21a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: goQQvwTmNxbLGAVjzqNZGAH2dFTPU66olT_Fc1NhCx4kC5w83zUyMQ==
Age: 47281
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/vendor/linear-icons/style.css
143.204.42.114200 OK 1.6 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/vendor/linear-icons/style.css
IP 143.204.42.114:0
File type ASCII text, with very long lines (7000), with no line terminators
Hash e77b4c5adc36759a673b6b76cbf6a196
d311136f4aea1048b139fa65ee46e4c14db9e72e
d773b8cc485d6b33e888f1e52ae212f8489899e922ef3757d8c293ec46976a76
GET /wp-content/themes/Divi-child/vendor/linear-icons/style.css HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 13:33:29 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:44 GMT
ETag: W/"e93b8e4cf5dc750d2d02a5b9d19f9706"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2ZaeJ3O9qeyXLV0KvqLjffqn_m1eEw9PKdCa_IXavVTOrfe3-bQN-Q==
Age: 34450
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/css/countries.css
143.204.42.114200 OK 1.6 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/css/countries.css
IP 143.204.42.114:0
File type ASCII text, with very long lines (15687), with no line terminators
Hash d6aedadf39b09ad0f7e249d8f47541af
a9fc307f06c3083441b893c8eee58400b8de3044
dab2023ee5fd522d05752cc08a5e69cea03725d9ae60e467c832b52bef2347f4
GET /wp-content/themes/Divi-child/css/countries.css HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 08:54:02 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:32 GMT
ETag: W/"31ec7a36deac6eda43f22dd60a421a40"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: caVXUtQq-Z2ZVqZtcSY-kHSWrdADYOJXtyg6qHXXSKfmzEo02y56nw==
Age: 51217
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/vendor/font-awesome/css/font-awesome.min.css
143.204.42.114200 OK 6.5 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/vendor/font-awesome/css/font-awesome.min.css
IP 143.204.42.114:0
File type ASCII text, with very long lines (28877), with no line terminators
Hash 69b2a18f3d45117625296935e4e8ad8d
5ef6d53bfb4fb94ed290d0bb11cfd20665c4ad94
4b3518f58456c486f821e74cd2bae230d97949eec451957c3ef0302957e1182a
GET /wp-content/themes/Divi-child/vendor/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 13:44:37 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:43 GMT
ETag: W/"4f0c935c3631f777ea790a05a44c1744"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cr2O32FKb7QoOhqv8yBdmCwAZDpEux7VASk0Qu-WzQ7sXPFU7sXh6g==
Age: 33782
www.lyca-mobile.no/wp-content/plugins/wpml-translation-management/res/css/admin-bar-style.css
3.120.194.163200 OK 113 B URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/wpml-translation-management/res/css/admin-bar-style.css
IP 3.120.194.163:0
Hash 8bd858d224c135ea74666d7f05df248e
5ef009ed8087ce73a4912d9749d7f041bc16961b
77e5f04f2f5d3a83c50b55652151182633e799d0daf2280c85e4650a0b06d8ab
GET /wp-content/plugins/wpml-translation-management/res/css/admin-bar-style.css HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/css
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:25:57 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 113
Connection: keep-alive
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/vendor/line-awesome/css/line-awesome.min.css
143.204.42.114200 OK 6.1 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/vendor/line-awesome/css/line-awesome.min.css
IP 143.204.42.114:0
File type ASCII text, with very long lines (27557)
Hash ac611134faf8cd91ed2956c5d38ae2ce
7bf64bba6bfd6f05b1518992c53fa7c9872da3a5
5525129dbc14bf7ea2d19bede01558eb40435b10d7167085ddc7554838e1c134
GET /wp-content/themes/Divi-child/vendor/line-awesome/css/line-awesome.min.css HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 11:37:35 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:44 GMT
ETag: W/"4334c8c70998d81bde3e6765828811a6"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bwQsgS2KgD66SOlNUkN2ncYOcnPtOdYXRaNvme4KjjfNZM7acNT65Q==
Age: 41404
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi/style.css
143.204.42.114200 OK 44 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi/style.css
IP 143.204.42.114:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6f782435396b8bef6f536a56264bee14
dd7d3f3fd31abb1b80deff136ed25c944c91a700
b48c54112c0df13f905648d87e072312296aa49df000967ab17f7d314a46f3ad
GET /wp-content/themes/Divi/style.css HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 13:44:15 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:55 GMT
ETag: W/"817303872fd1f4d16b34fcd79ab7d2d3"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wT00tpOSbPcKwCOD2G2Wtjf5zLaqTqKXdWEDe6OyVU3fpNbeCq2NKA==
Age: 33803
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/style.css
143.204.42.114200 OK 118 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/style.css
IP 143.204.42.114:0
File type ASCII text, with very long lines (505)
Size 118 kB (117680 bytes)
Hash 9c17463dfeb43f853c6ef5526e126732
0f75be0a7cd4283c9a2d4baa6d1a99ec6cd83b9a
a4c57789bf7d91d06f12d2d1ec7a3aaaf6b6a69ecc0d5b70c858bcc740e055ea
GET /wp-content/themes/Divi-child/style.css HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 07:34:28 GMT
Last-Modified: Fri, 15 Jul 2022 07:16:49 GMT
ETag: W/"07571e83ac07033388dffa6b348bc459"
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iP8JbyMV2LmZZ6VsAE4dp-ipCTJlDyiYwKLfDWuY7zPHXVp1UGWaVQ==
Age: 55991
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi/epanel/shortcodes/css/shortcodes.css
143.204.42.114200 OK 5.8 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi/epanel/shortcodes/css/shortcodes.css
IP 143.204.42.114:0
File type ASCII text, with very long lines (859)
Hash 98728de6d4670d911514bb42053bce07
6c02a150161855f9f979cc207ef47274b2c81f64
ab72d1795fc99a5b4a91b436e9655b95e5a6a481a1ab77aaab62ab7265cb178f
GET /wp-content/themes/Divi/epanel/shortcodes/css/shortcodes.css HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 13:21:54 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:49 GMT
ETag: W/"ea1a16f72cd2c8d66fdf5e8924f78eee"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4WmQrcKbgS53I7Q1tLIOuDrTvpe_UPLha3QA58abrdNKp-btva2VUg==
Age: 35145
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi/epanel/shortcodes/css/shortcodes_responsive.css
143.204.42.114200 OK 821 B URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi/epanel/shortcodes/css/shortcodes_responsive.css
IP 143.204.42.114:0
Hash 39586c05ed4972bad19bfa5961faa77a
492df4e0c5eba2050c7a2b1d1d95f713540ec22e
dbceeae75dc6e2b92d179b238ef4ffbc2286bd84ea0309d6abd3f087309015aa
GET /wp-content/themes/Divi/epanel/shortcodes/css/shortcodes_responsive.css HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Aug 2019 08:27:49 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 08:55:02 GMT
Cache-Control: 2592000
ETag: W/"58f7be607923d9296d5628a2d7469422"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZW9_2AUbz-uhGQW_0sacI5KqYJov7_ROk1a6ZUIeVVbb3njAej_Qyw==
Age: 51157
www.lyca-mobile.no/wp-content/plugins/registration-portin-facility/vendor/jquery-ui-1.12.1.custom/jquery-ui.css
3.120.194.163200 OK 8.4 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/registration-portin-facility/vendor/jquery-ui-1.12.1.custom/jquery-ui.css
IP 3.120.194.163:0
File type ASCII text, with very long lines (2363)
Hash 211e9acb7b08468bf462f3cc35d58dba
30b16e5f18fb53e5536e1dff154a4288dea94c41
a31c685f9330266e5b4a2fb4c7c6439f0550fefcdadebd2548f746387820359c
GET /wp-content/plugins/registration-portin-facility/vendor/jquery-ui-1.12.1.custom/jquery-ui.css HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/css
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:25:56 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 8384
Connection: keep-alive
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi/includes/builder/styles/magnific_popup.css
143.204.42.114200 OK 2.0 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi/includes/builder/styles/magnific_popup.css
IP 143.204.42.114:0
File type ASCII text, with very long lines (311)
Hash 22fdf819d26d31cfbfec1d7cff7371bf
50741511e1cd53b0ba2abe08b8da08e22bf24b66
1bee554f87601922cd1d398cfaa6467560409a03f916bd7cf98c2e9791d8a21f
GET /wp-content/themes/Divi/includes/builder/styles/magnific_popup.css HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 11:58:08 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:54 GMT
ETag: W/"6e30bbc36a055e4e39e3b1fe966ba0b2"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: H_wAM9lWedJb4kujB5NUAFKd3KERrWSXY69NGdgInTty46-yJxZBYw==
Age: 40171
d3uayxmzbnco7f.cloudfront.net/wp-includes/js/jquery/jquery.js
143.204.42.114200 OK 34 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-includes/js/jquery/jquery.js
IP 143.204.42.114:0
File type ASCII text, with very long lines (31997)
Hash b03517cbeab62804d112b4be5384cfa0
07590c8584758b38b9b7b8f0d8f85586e390022d
3e9a88d20ce59e238da47489f30c8b8dab0b3dbc47d6e4b32cf2baccb266d7c0
GET /wp-includes/js/jquery/jquery.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 11:46:35 GMT
Last-Modified: Thu, 06 Aug 2020 03:32:44 GMT
ETag: W/"49edccea2e7ba985cadc9ba0531cbed1"
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PU0KbKZwP6TpvSt3Lx3L6dQCTFOWioDNTx2_3EVtk-JRgoX1lw8IVw==
Age: 40864
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/my-account.css
143.204.42.114200 OK 2.7 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/my-account.css
IP 143.204.42.114:0
File type ASCII text, with very long lines (12687)
Hash d3ff672944c1aeaee7b472e5d9f40edc
31a10749d5afe70dc04b53d5c35d8464c38bfda8
242a4532fe2f0579adea21357e6302a5b62d50b32e1f8a6ef9f11fa7722174dc
GET /wp-content/themes/Divi-child/my-account.css HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 08:14:03 GMT
Last-Modified: Thu, 18 Nov 2021 11:11:57 GMT
ETag: W/"5e2d79452ec87ed86924ea2519c341ef"
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6MAG35NWrL_6Z_thldipe7S1pT5Q_1OqF08s-3Y88g7mn0YZ4nkSbA==
Age: 53616
d3uayxmzbnco7f.cloudfront.net/wp-includes/js/jquery/ui/core.min.js
143.204.42.114200 OK 1.8 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-includes/js/jquery/ui/core.min.js
IP 143.204.42.114:0
File type ASCII text, with very long lines (3706)
Hash a06aa215ce143f7be68824125a347f55
10b1fc71ae94dc2ecf893aa6450a4ef799f941fd
4156ae401c639c0a9ef49a1d158c6705e8a8381bdfe7d25e3f410384f16bbf7c
GET /wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 10:44:09 GMT
Last-Modified: Thu, 06 Aug 2020 03:32:47 GMT
ETag: W/"96ff65c925bbaf3e4e7891a7ca1f2b1f"
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qppI5X9viPr8_fh4NeoQ1Urgg7oLTTuw9lguQc5rGr_oDEODLliU_A==
Age: 44610
d3uayxmzbnco7f.cloudfront.net/wp-includes/js/jquery/ui/widget.min.js
143.204.42.114200 OK 2.6 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-includes/js/jquery/ui/widget.min.js
IP 143.204.42.114:0
File type ASCII text, with very long lines (6614)
Hash 5d609f2d805ca69f7f14502617212122
3bbc539c41315a02a1451b01cbf8554f77cb6978
28a69a083b70cc1a254060e82da56c170b96e0d158f251e3c231c01b7c02fa17
GET /wp-includes/js/jquery/ui/widget.min.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 15:10:09 GMT
Last-Modified: Thu, 06 Aug 2020 03:32:47 GMT
ETag: W/"00dedd56324da186973a3b2cc5e8023c"
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JjXrZkVZoPUa-ElDZdp9M1Cpg_6GWR2DijHgAzrdPcV7MkpMTwXQWA==
Age: 28650
www.lyca-mobile.no/wp-content/plugins/registration-portin-facility/public/css/registration_portin_facility-public.css
3.120.194.163200 OK 5.3 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/registration-portin-facility/public/css/registration_portin_facility-public.css
IP 3.120.194.163:0
File type ASCII text, with very long lines (1963)
Hash 724d0ef3e346ba677dd5987ce62cb5dc
e73088909d38fc9a932e679f3a4545297899f26e
0021049ab8e09b826fbef1cc74d8ce9794a2a9baa88a793e0773ac3e67f43073
GET /wp-content/plugins/registration-portin-facility/public/css/registration_portin_facility-public.css HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/css
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Mon, 18 Oct 2021 05:15:42 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 5306
Connection: keep-alive
www.lyca-mobile.no/wp-content/plugins/email-subscribers/widget/es-widget.css
3.120.194.163200 OK 150 B URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/email-subscribers/widget/es-widget.css
IP 3.120.194.163:0
File type ASCII text, with no line terminators
Hash 641533dacb82a11aa947513a4892de5a
b77427d8626d847a80a762456f98beb3e64764b1
a9316286d70257c135d2a0aacf0bf2bc6acba8c1b5e487c97086459c04849155
GET /wp-content/plugins/email-subscribers/widget/es-widget.css HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/css
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:16 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 150
Connection: keep-alive
d3uayxmzbnco7f.cloudfront.net/wp-includes/js/jquery/ui/mouse.min.js
143.204.42.114200 OK 999 B URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-includes/js/jquery/ui/mouse.min.js
IP 143.204.42.114:0
File type ASCII text, with very long lines (2927)
Hash e466629bfa82c6f1dc466ac4a5b5e495
45cc7d9457ef090a9c3cb044a5e3ce2115aa7bcd
a95eb8bd20eab719947faa4cec36315c50e21652801f14cb0581afac05aa2c47
GET /wp-includes/js/jquery/ui/mouse.min.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 04:15:59 GMT
Last-Modified: Thu, 06 Aug 2020 03:32:45 GMT
ETag: W/"b317c4ccc9aa140339ad72fa27c77266"
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QWjiw_mX2XYsgvJ1N2qjY9DU97akiiPHNDEPQPNoUgSDKOlcuABzww==
Age: 67900
d3uayxmzbnco7f.cloudfront.net/wp-includes/js/jquery/ui/sortable.min.js
143.204.42.114200 OK 6.5 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-includes/js/jquery/ui/sortable.min.js
IP 143.204.42.114:0
File type HTML document, ASCII text, with very long lines (24670)
Hash e639718faff21c9f92bfd32e6d67ac39
9e6c6166549c95a6d3977a689bcac4d3b3a67872
38407b2aad4a94c965422a2bc5ae63fd63cf81fae44549cc4fe3ddb52847bc0c
GET /wp-includes/js/jquery/ui/sortable.min.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 10:04:16 GMT
Last-Modified: Thu, 06 Aug 2020 03:32:47 GMT
ETag: W/"efa8171f2226a422003417095d8549dd"
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0DHrJ4A2yjRIfGdHsoCoCzmmCZ8IMaKO-N5tB4NmEtFVTPAJV7eymg==
Age: 47003
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/theme.js
143.204.42.114200 OK 12 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/theme.js
IP 143.204.42.114:0
File type ASCII text, with very long lines (348)
Hash 500f4940666c7a2d86bcef83a87c27cf
576d34ffc5f72a3437436ec4f3d60d0802a98b4c
a883028e4232b5ed3799b57178364f7df9366774f0523d88d97272e7f0b4aeea
GET /wp-content/themes/Divi-child/js/theme.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Feb 2022 04:49:45 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 07:34:48 GMT
ETag: W/"d056838fef7522c86d80206e3384d0d3"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dU7afmwGT1BX0vi9WpUZONDldZH6bOrbvzEYaC9xndeNyBmYvHuD4A==
Age: 55971
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/countries.js
143.204.42.114200 OK 3.4 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/countries.js
IP 143.204.42.114:0
File type ASCII text, with very long lines (7323), with no line terminators
Hash 849d149f0aa54e89c9ae4914da58f058
ad57bd889ad286cf1485de4cf90c43f6fc3de3c4
e9366f725516c092c539b6badc887906cd3ad71ea2a72b32e317dd7bf2b91cf9
GET /wp-content/themes/Divi-child/js/countries.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 16:29:28 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:41 GMT
ETag: W/"41a7f1d63de5dc564de5d2e96ba33db8"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HfkImUgYg5vkarEZJh7qP_StrfXZRgd7D2GZ_iEK6GKSfvagEXckNQ==
Age: 23891
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/jquery.validate.js
143.204.42.114200 OK 7.4 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/jquery.validate.js
IP 143.204.42.114:0
File type Unicode text, UTF-8 text, with very long lines (22821)
Hash 0b995d527b8a6da73804c99c9295eebb
de1a05d0a238042d0c8e30a1c8871ea29a6149a0
418b337044bb4900803c0d68f84801ac84ca552a04d3ed9b9231c49805cbb7b4
GET /wp-content/themes/Divi-child/js/jquery.validate.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Aug 2019 08:27:41 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 09:29:22 GMT
Cache-Control: 2592000
ETag: W/"50d37feba6afb8e8ee322a7b7871550e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tc3b9579DLhbfMoBwPgXyBE4qLJOZb-aIqbnzFgQjdz5qeUO8E9Jww==
Age: 49097
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/jquery.marquee.js
143.204.42.114200 OK 2.3 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/jquery.marquee.js
IP 143.204.42.114:0
File type ASCII text, with very long lines (1219)
Hash 951037766e2281b8091afae4d43094dc
71d0680da431135f4b61f7e4ce6600480b632fba
0be16d4ec106cf60c6e5dad835eaf4e94b8467916f132f57c6d9014ce5f32d40
GET /wp-content/themes/Divi-child/js/jquery.marquee.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 15:07:00 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:41 GMT
ETag: W/"a2ac3fef53d651ac8562f1412b28b359"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jaJbK8Zmhpk7ctEng52NWYb--M4CHL9UhkLLQlsXMUSFOg5hZ9EgtA==
Age: 28839
cdnjs.cloudflare.com/ajax/libs/bootstrap-datetimepicker/4.17.37/js/bootstrap-datetimepicker.min.js
104.17.25.14200 OK 8.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/bootstrap-datetimepicker/4.17.37/js/bootstrap-datetimepicker.min.js
IP 104.17.25.14:0
File type HTML document, ASCII text, with very long lines (32010)
Hash 52b30dc893d14995df58d34ecc5a9f7f
e360fd76bd734011484ed559fd1780e31949353f
eab9dfacfbbb59d341c72a7fe6dd9c12ea4e87f20ccf78bf13bd98ffeab243d4
GET /ajax/libs/bootstrap-datetimepicker/4.17.37/js/bootstrap-datetimepicker.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 23:07:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 8256
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-9443"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 179094
expires: Thu, 14 Sep 2023 23:07:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZBWBrtAh5zCsKsgusXXUUHsSqFiR1Aj9L%2F9TrMEzX7IOjV6oNsY4NUle8zEQw5KRudDrWi7XwPcxpGX%2F9Szhipu%2BgpzzlGpfuyuP2Tf%2BbAP7iwbWes5stJewxgzSqQ47%2BNBLbYm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74ff2d6c1fbf0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/additional-methods.js
143.204.42.114200 OK 5.9 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/additional-methods.js
IP 143.204.42.114:0
File type Non-ISO extended-ASCII text, with very long lines (2940)
Hash dc8eeff78ec4cdbfd5c799d408ea4b48
3b01fbd01f355a3fb57670f53aac633dfe6d9fea
bdef234694b26eff14339654cb61d131ef1f5e41339585d15bf6055cd2498b72
GET /wp-content/themes/Divi-child/js/additional-methods.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 12:17:47 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:40 GMT
ETag: W/"074966e2db7e1caa07fd7d0bac25e844"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fcQF-5bypZYSssAr714YwKqnGsUNYfUZp7J5gRTuroXqo-bvLWfdUw==
Age: 38992
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/selectize.js
143.204.42.114200 OK 18 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/selectize.js
IP 143.204.42.114:0
File type Unicode text, UTF-8 text, with very long lines (3172)
Hash 06831b052b52431de1fb3ee65d7dea1d
e86338ed47d9a780a29bd58724747a5f0896a45a
820f841ce251373929c0e11a7d84b6dd15662d209775f5d53b2e387520782128
GET /wp-content/themes/Divi-child/js/selectize.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Aug 2019 08:27:41 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 11:54:43 GMT
Cache-Control: 2592000
ETag: W/"0941c2f6d545a74b27f2ccdbe7bdc931"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5jF7Z__8_aqBCXn6c0Xqux1jlcffpo7aooK4mQkQApjHPhouIdp5lQ==
Age: 40376
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/roaming_rates.js
143.204.42.114200 OK 8.3 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/roaming_rates.js
IP 143.204.42.114:0
Hash 2edb98793b88c8d6b71e5fd037d218da
905a605dfa0e6cbefb4ed6b27a7bb98159a9956b
77ded0daa9c54bcf7b3177a20bfe1cd01673dd75dd4089e78c0a02f7df2c31f4
GET /wp-content/themes/Divi-child/js/roaming_rates.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Feb 2022 04:49:50 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 09:19:45 GMT
ETag: W/"456f0e734f90e7e3ccc2835bf708306d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IwYUDvYXbUAvmKeOHd-jDFHrP7bGBi8diI4v6k__KxAW5JVAQixd-w==
Age: 49674
www.lyca-mobile.no/wp-content/plugins/testimonialslider/css/jquery.bxslider.css
3.120.194.163200 OK 885 B URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/testimonialslider/css/jquery.bxslider.css
IP 3.120.194.163:0
File type Unicode text, UTF-8 text, with very long lines (3002), with no line terminators
Hash 3a8400b070b74650e9c7927466b226cf
7669a8def8bca883fbbceed367b8037f35fd1968
0d23aabe78d874edcef092bcc9611dd3c3e8656a03c58ad6e01d6d98ad9165ed
GET /wp-content/plugins/testimonialslider/css/jquery.bxslider.css HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/css
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:17 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 885
Connection: keep-alive
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/register.js
143.204.42.114200 OK 2.8 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/register.js
IP 143.204.42.114:0
Hash deacf1a6348898cbaaa599a4c38c3ca5
5d817802af4b56aa89883ff72088206d8ee6860e
cc113bf3bd23d11500ca7bc14b549c92eeea3e70a073b13ba36ce5e6c2e7ed09
GET /wp-content/themes/Divi-child/js/register.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Feb 2020 06:59:06 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 09:19:46 GMT
ETag: W/"a4c47e49f1b792925db5d2ee23d17942"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WTUmER09aFFFMiGToilIG91IZwpMK9b5fftK_PIdm1qG5T18dzBdVg==
Age: 49673
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/bootstrap-datepicker.js
143.204.42.114200 OK 8.0 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/bootstrap-datepicker.js
IP 143.204.42.114:0
File type ASCII text, with very long lines (1634)
Hash c42f82bed32c27016d7802919303b323
3506f5ca9794cc19caa7a004a574c3f6238e6359
c92ee796bd97dc0d8783f913ab4148f9fb04c58fff600a212a7b431cfc7a7f63
GET /wp-content/themes/Divi-child/js/bootstrap-datepicker.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 10:44:09 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:40 GMT
ETag: W/"8260533cc46428d9b49e3f137ef2efe7"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wVpPrn3ArqQhXpo6dO1pXEKlvazxyTtmPSBF93OsjxRUcTnqeZe6JQ==
Age: 44609
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/bootstrap.min.js
143.204.42.114200 OK 9.8 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/bootstrap.min.js
IP 143.204.42.114:0
File type ASCII text, with very long lines (32033)
Hash 7978710ff734193a856869604072d4cb
3a5625360d99341fa537a6316bcd14486d5b4fbd
59b9f261ab1d6c557f628d399639ce9d627f1b3f7063a1063a39e70aca0f9bff
GET /wp-content/themes/Divi-child/js/bootstrap.min.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 14:24:35 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:40 GMT
ETag: W/"5869c96cc8f19086aee625d670d741f9"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KiQ3TUF74b3ofA88DTQHRJweZd9tbhgQ82PLXy-vG4fjMgLDxLNKCg==
Age: 31384
www.lyca-mobile.no/wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js
3.120.194.163200 OK 1.1 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js
IP 3.120.194.163:0
Hash d2c9e62ba741c5dc1cd388f4cb4322c1
57ad65e2ffdb51d2751763b8bee9ad67f372e2a7
0ad3c73c3eaf52b9deb1941a12db921002dbfb2326ca007c6838d9a936a31b02
GET /wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:17 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 1109
Connection: keep-alive
www.lyca-mobile.no/wp-content/plugins/wp-store-locator/css/styles.css
3.120.194.163200 OK 4.4 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/wp-store-locator/css/styles.css
IP 3.120.194.163:0
Hash 29d83f16ddcd51bb2d8e29cfa6f0d970
d8aa3982c0c288b37f78f81c34eabfd24bd6bf84
5d585c7bba79f48f5ceaca987c6b08fde3da899d8512e1bf13f81a747d8db56d
GET /wp-content/plugins/wp-store-locator/css/styles.css HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/css
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:25:57 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 4432
Connection: keep-alive
www.lyca-mobile.no/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css
3.120.194.163200 OK 933 B URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css
IP 3.120.194.163:0
Hash cb13db3c09d0076dc19a1dbf520c7827
c01159a4163902f3dc824ffade25949d3a9a4097
039804219c46536ac7cdc83d30e672a0467df803c5348a5733e18a687dc828b1
GET /wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/css
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:17 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 933
Connection: keep-alive
www.lyca-mobile.no/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css
3.120.194.163200 OK 645 B URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css
IP 3.120.194.163:0
Hash c98f02f1afd562a7288aa2dc828e6186
d0f42b73794b0d3ffb9e3eb2d79218d14c40dc88
9fb5a2a2bea5341dd17ec72403d66f0903278030092ae829fe6bb4e23e6af725
GET /wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/css
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:17 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 645
Connection: keep-alive
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/nc_ajax_script.js
143.204.42.114200 OK 7.1 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/nc_ajax_script.js
IP 143.204.42.114:0
Hash fd3a1e402e1db48d709a30b9700cf948
7fba68ea2ffee6e79b623fb4d7f2693ea66c48ad
13c1fc590216a9d739bfdc5fe87d8a925db49c1f02c5789a54a914d7b853e514
GET /wp-content/themes/Divi-child/js/nc_ajax_script.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 05 May 2022 06:47:46 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 09:19:45 GMT
ETag: W/"9353377fb1b76e466a7ac26634defc75"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nB6ohB_6P-n5gGguH7st0dgeF7iy-oZnNLajfqpEJT0qBn_RiZAIFg==
Age: 49674
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/custom_validate.js
143.204.42.114200 OK 391 B URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/custom_validate.js
IP 143.204.42.114:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 9f4e4bb98cbc4c5fe6ddfc05c7c48095
e87b52374a265e471462e297fad51a39763f2d3b
d48f2166d51e343d4d91b80bf04c970d3d10603d8a6fc5060a53b73c2a8b70cf
GET /wp-content/themes/Divi-child/js/custom_validate.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 391
Connection: keep-alive
Date: Sat, 24 Sep 2022 08:29:28 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:41 GMT
ETag: "9f4e4bb98cbc4c5fe6ddfc05c7c48095"
Cache-Control: 2592000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 62y3uJZ-zRRNZs1WEA2xYZR_3AoRU7t_y4xwA0cWrfVTyAG-d-vBOg==
Age: 52691
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/tab_custome_function.js
143.204.42.114200 OK 530 B URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/tab_custome_function.js
IP 143.204.42.114:0
File type ASCII text, with very long lines (1045)
Hash eebb1eaacabf179592ddcac233af3ee9
2bd491e8573d7787026b2471d2e7eb38b5b9ba2d
12ba34daa07aac78310d429110375145b3e1d554a0dcf904de195949e9a6f4c2
GET /wp-content/themes/Divi-child/js/tab_custome_function.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 12:32:21 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:41 GMT
ETag: W/"5ad0eb623e462948f1ac5a7f6174f22a"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cG94sRwh3uSdQ-D1salwBtjUwtv6Y3UkIDqLH-yso6P65zIsKZpJNw==
Age: 38118
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/custom-ajax-script.js
143.204.42.114200 OK 6.4 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/js/custom-ajax-script.js
IP 143.204.42.114:0
File type ASCII text, with very long lines (507)
Hash 1809b9df369bb75559f87d05970510cd
2e0b2a937c8ffd7ce4de29557613729d1fe91692
3e1040c015ca2cf5b6055af5415c577d40ccb867d0f3467f48a4d8325bc4e091
GET /wp-content/themes/Divi-child/js/custom-ajax-script.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 07:45:53 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 14:22:10 GMT
ETag: W/"2348f035e1ba7ad6b8df58dbbbd5818e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xtQOj4jcLrkKsgmK1ksRel6jsHzzV_ZimJjOSLcHGK7x7LRLeqRE4Q==
Age: 31529
d3uayxmzbnco7f.cloudfront.net/wp-includes/js/wp-embed.js
143.204.42.114200 OK 1.3 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-includes/js/wp-embed.js
IP 143.204.42.114:0
Hash 4a1cc74f79b40d7be9b3d382390a9bef
b7ae0a8a34c656fe77f6ddc14dc845e0ef8f3fb8
657baec7bafb059733b5ff12ab2d296ea07ed8b9d5a57856a8ad39bedaf3042e
GET /wp-includes/js/wp-embed.js HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 06 Aug 2020 03:32:49 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 08:00:10 GMT
ETag: W/"23e24e824f384c5eb11e73576b4ac93c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nJpVb43Z_cKEQScmXdhC41ET4Hfa0Sn8f8Ut7Lzw3RYVDgezX5hWYA==
Age: 54449
www.lyca-mobile.no/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js
3.120.194.163200 OK 155 B URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js
IP 3.120.194.163:0
Hash d3453f9d25d07fae0b6919f644988971
dba21fa483385a873ca38d99bf2433b77dd17fb0
f0fa5140f70a19702bdf6bbf7d495857cadc158e12975983212a36068cab241d
GET /wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:17 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 155
Connection: keep-alive
www.lyca-mobile.no/wp-content/plugins/custom-search-plugin/js/script.js
3.120.194.163200 OK 506 B URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/custom-search-plugin/js/script.js
IP 3.120.194.163:0
Hash 99ad164c48c30d4ea72bdb15d6efe582
f5186aa17398f4034199e9f58308fcf753dfe467
9fb201a9702f44e2d06fd910dc024bb0707badce77b09613754e3ff07038cee1
GET /wp-content/plugins/custom-search-plugin/js/script.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:25:56 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 506
Connection: keep-alive
www.lyca-mobile.no/wp-content/plugins/registration-portin-facility/vendor/moment.min.js
3.120.194.163200 OK 17 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/registration-portin-facility/vendor/moment.min.js
IP 3.120.194.163:0
File type ASCII text, with very long lines (51679), with no line terminators
Hash 174f71b5e532bbee86b7e51ed2d11a82
abbec602df1ebf647b88d18cbd1dd162d7f1f6ad
34084291d4c3f11af71b71f00c969a81380daa917e3e90ad1a08e836ced4e5f9
GET /wp-content/plugins/registration-portin-facility/vendor/moment.min.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:25:56 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 16804
Connection: keep-alive
www.lyca-mobile.no/wp-content/plugins/registration-portin-facility/public/js/registration_portin_facility-public.js
3.120.194.163200 OK 3.8 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/registration-portin-facility/public/js/registration_portin_facility-public.js
IP 3.120.194.163:0
Hash 01179df43b1213ab1106977745e9b906
9e3ea134dd317bc273af92dc88c44d52a3e73e64
1afad8260106e543ae55da914750a910dcf8bcf16327589f1d9d9ef21713ef2d
GET /wp-content/plugins/registration-portin-facility/public/js/registration_portin_facility-public.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:25:56 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 3837
Connection: keep-alive
www.lyca-mobile.no/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.js
3.120.194.163200 OK 383 B URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.js
IP 3.120.194.163:0
Hash 6c0ff919dd37f978ea0c1511f47c132c
86c6f73c7f81b5121d666d6968d7debd26c7ab17
790c5d96a9a9be889b5b7113a7b22868d8803355f7e215f8c7481945850b6de5
GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:17 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 383
Connection: keep-alive
www.lyca-mobile.no/wp-content/themes/Divi-child/js/lyca_login.js
3.120.194.163200 OK 2.9 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/themes/Divi-child/js/lyca_login.js
IP 3.120.194.163:0
Hash 139463c6855f901b3896c4958ef4392c
b0fb2a97f006267aae2924021731fe5527d8e2c7
2801af8987984312d4009ff3f665af9da6ad50faa59367fd9cb0405a03ab9fae
GET /wp-content/themes/Divi-child/js/lyca_login.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:25:57 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 2926
Connection: keep-alive
www.lyca-mobile.no/wp-content/plugins/testimonialslider/js/jquery.bxslider.min.js
3.120.194.163200 OK 5.0 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/testimonialslider/js/jquery.bxslider.min.js
IP 3.120.194.163:0
File type ASCII text, with very long lines (19040), with no line terminators
Hash e85a20dd54c74b8868f84e0a6bba50ea
bada9d0db6d46c9ec2d9b8c62fbcab76abe79aa8
127606d08299d86a42cff2be53731e7f2b437d64331bb2ed94b974bafac0fab0
GET /wp-content/plugins/testimonialslider/js/jquery.bxslider.min.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:17 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 4966
Connection: keep-alive
www.lyca-mobile.no/wp-content/themes/Divi-child/js/personal-details.js
3.120.194.163200 OK 1.1 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/themes/Divi-child/js/personal-details.js
IP 3.120.194.163:0
Hash 1be41f82152e3a9f3dfb3765d314e9a1
50f7c3ad307d0cedf238b0e373116943dd0e0d30
8c4b153673568490f76767839493b7011d1fc1befc88025df6c1a9f6b58dc747
GET /wp-content/themes/Divi-child/js/personal-details.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:25:57 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 1052
Connection: keep-alive
www.lyca-mobile.no/wp-content/themes/Divi-child/css/datepicker.min.css
3.120.194.163200 OK 1.9 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/themes/Divi-child/css/datepicker.min.css
IP 3.120.194.163:0
File type ASCII text, with very long lines (15319), with no line terminators
Hash 0cd6045269849e0f5ef595828d512ae4
35fa424ca6bfb09fa6b66d99edc3a22a7bda8f05
5b007aa8be84adf6a8a09166efcb085efdf4e252a834b13908a0d58708fa290b
GET /wp-content/themes/Divi-child/css/datepicker.min.css HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/css
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:17 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 1895
Connection: keep-alive
www.lyca-mobile.no/wp-content/themes/Divi/includes/builder/scripts/frontend-builder-global-functions.js
3.120.194.163200 OK 2.5 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/themes/Divi/includes/builder/scripts/frontend-builder-global-functions.js
IP 3.120.194.163:0
Hash 9d72b69bced27d34ea9ed566ecd17462
3649a5d95346ab4c1a5d5da15ecf8e05ab8ba9ed
4ac3bc0988ec7ebf426c9e152daf84e76eea339bc79a92981695bdaca5ed809e
GET /wp-content/themes/Divi/includes/builder/scripts/frontend-builder-global-functions.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:17 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 2477
Connection: keep-alive
www.lyca-mobile.no/wp-content/plugins/email-subscribers/widget/es-widget.js
3.120.194.163200 OK 1.2 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/email-subscribers/widget/es-widget.js
IP 3.120.194.163:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1311)
Hash 59066978220b7f1b7b925b47ff5e46ab
bab1c3c14f4b9649864cb46c1c96250ccdc95024
5fcbd0de5e51104006331763dcf23084505ea9d876e0904815e603e5e0230e90
GET /wp-content/plugins/email-subscribers/widget/es-widget.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:16 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 1182
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.lyca-mobile.no/wp-content/themes/Divi/js/custom.js
3.120.194.163200 OK 12 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/themes/Divi/js/custom.js
IP 3.120.194.163:0
File type ASCII text, with very long lines (372)
Hash fc1ad29248d5c0b974cca2d3687eadd1
854c8b173575abe5b2da21b079276788c31149ae
cef043ceda82b48795b26c0873caaeebbc5bbe7c3aa3d1bfd9339dd7010a208f
GET /wp-content/themes/Divi/js/custom.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:17 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 11702
Connection: keep-alive
www.lyca-mobile.no/wp-content/plugins/email-subscribers/widget/es-widget-page.js
3.120.194.163200 OK 1.2 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/email-subscribers/widget/es-widget-page.js
IP 3.120.194.163:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1362)
Hash 6bccf039385dadace241e9d47cdc2a0b
5cd85d67c6422cedfb4f5ac10df547928d37f7fb
c27abc361c9a25a87199ebfd36119491c278a33c46bbf06aff3c15d2a9560e0e
GET /wp-content/plugins/email-subscribers/widget/es-widget-page.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:16 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 1229
Connection: keep-alive
www.lyca-mobile.no/wp-content/plugins/lyca-marketing/assets/js/jquery.lazy.min.js
3.120.194.163200 OK 2.3 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/lyca-marketing/assets/js/jquery.lazy.min.js
IP 3.120.194.163:0
File type ASCII text, with very long lines (4890)
Hash a6cc20d3609181f768dc325025b32715
3911e55e11ce33370a2ec382aafb2447cdffc740
c676fc1d198ec9437a42cbfa639bf2bb95cd4502e49e897c922855e4d3d29bd4
GET /wp-content/plugins/lyca-marketing/assets/js/jquery.lazy.min.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:25:56 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 2331
Connection: keep-alive
www.lyca-mobile.no/wp-content/themes/Divi/includes/builder/scripts/jquery.mobile.custom.min.js
3.120.194.163200 OK 2.9 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/themes/Divi/includes/builder/scripts/jquery.mobile.custom.min.js
IP 3.120.194.163:0
File type ASCII text, with very long lines (7687)
Hash a7bc9bd6d7a143a13d7072ee406c8692
42a46eca1ae6c1b50602917cc52b4b61e13f24f7
63b52e7a859b8943c2d1255b30e1d3b8fa262285797a69098def3967d112ad5b
GET /wp-content/themes/Divi/includes/builder/scripts/jquery.mobile.custom.min.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:17 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 2872
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash d8d6bc2dbb6cdd64f0e17930da3a6e04
35757893a536dbf7504ecb8adbec14d737c61466
038340b46bb66e5323ccb543fb9ba00435fb57ace5d7a2cd74470e428ebb0bf3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Sat, 24 Sep 2022 22:29:17 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DAv92K4i0CqM82tPUJ4nrEED7bO-RwwKsCWPyys_Q0QbZL5t7ho1EQ==
Age: 2301
www.googletagmanager.com/gtm.js?id=GTM-PNQZL82
142.250.74.72200 OK 88 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PNQZL82
IP 142.250.74.72:0
File type Unicode text, UTF-8 text, with very long lines (40170)
Hash bb7d27db70f9602ee4dfaf8686a8bb92
8fb7abce539b7878cae4be889c2c8bfbe20a5e1d
5a7e79f77a84424759a9ae35a3ba9686a468abf749744a40348fd4e6eb3b4e17
GET /gtm.js?id=GTM-PNQZL82 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 23:07:38 GMT
expires: Sat, 24 Sep 2022 23:07:38 GMT
cache-control: private, max-age=900
last-modified: Sat, 24 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87818
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.lyca-mobile.no/wp-content/themes/Divi/includes/builder/scripts/jquery.magnific-popup.js
3.120.194.163200 OK 8.4 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/themes/Divi/includes/builder/scripts/jquery.magnific-popup.js
IP 3.120.194.163:0
File type ASCII text, with very long lines (21123)
Hash dc28e6a88fd9930fed07d0de45b3a0ea
6181203be9d6e425d138533edaf3121c1a1968b1
497c6f92880fe8e1e12aff1c833910958d7b46379980da1ded707c39a2ca33ee
GET /wp-content/themes/Divi/includes/builder/scripts/jquery.magnific-popup.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:17 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 8382
Connection: keep-alive
www.lyca-mobile.no/wp-content/themes/Divi/includes/builder/scripts/jquery.fitvids.js
3.120.194.163200 OK 1.3 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/themes/Divi/includes/builder/scripts/jquery.fitvids.js
IP 3.120.194.163:0
File type HTML document, ASCII text
Hash 31bd6f103266422712d7f21fd221259c
478fe2a563f8edd20468c878ad0c8dabcc506159
4f7cd006453252967505df8f72f72333de4ba5b2734773aaeca3f250fcf0b5e1
GET /wp-content/themes/Divi/includes/builder/scripts/jquery.fitvids.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:17 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 1298
Connection: keep-alive
www.lyca-mobile.no/wp-content/plugins/email-subscribers/widget/es-widget-customize.js
3.120.194.163200 OK 1.7 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/email-subscribers/widget/es-widget-customize.js
IP 3.120.194.163:0
Hash e5c46c336e35e9bd8dbf55e4d0fc96c4
e4c2bc6c99aade340b1c1484096c79a970b3f019
544db6899780bebc6a30b6e86f3c89023f2b67b9ad9509258739b5005d16c000
GET /wp-content/plugins/email-subscribers/widget/es-widget-customize.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:25:56 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 1657
Connection: keep-alive
www.lyca-mobile.no/wp-content/themes/Divi/includes/builder/scripts/waypoints.min.js
3.120.194.163200 OK 2.7 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/themes/Divi/includes/builder/scripts/waypoints.min.js
IP 3.120.194.163:0
File type Unicode text, UTF-8 text, with very long lines (8668)
Hash f7d4b6ef09365ba331dda4e3648c05fc
f852f915b87c84eb1c3590829e8d9f5c97fbe620
61e3dba589d367496e409a346677b89db66ee134e7370f06a8629ce0492eb6c6
GET /wp-content/themes/Divi/includes/builder/scripts/waypoints.min.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:17 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 2698
Connection: keep-alive
www.lyca-mobile.no/wp-content/plugins/lyca_cart/resources/functions.js
3.120.194.163200 OK 5.6 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/lyca_cart/resources/functions.js
IP 3.120.194.163:0
Hash 19623a96f7e8ef3b8ec858b256ebeb7e
ab3151c6eab5b8a97036a570a69ce5d3f50928e1
cba271af1e8eff52a65e1e7584c0e4a7f962c79839866f94924eaa84e6fa3762
GET /wp-content/plugins/lyca_cart/resources/functions.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Mon, 20 Sep 2021 04:57:09 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 5643
Connection: keep-alive
s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/05101008/logo-new-br.svg
52.219.75.119200 OK 3.9 kB URL HTTP/1.1 s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/05101008/logo-new-br.svg
IP 52.219.75.119:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3871), with no line terminators
Hash 600e6fd78377375dfc3cc9b9dadbfdfa
e3bb1098f191d2f9bc63a6402f5ae40d80edcd2c
b5260409c7187bbfd8d84eccf7bf1ccf96644798946c228af252775f7cb0cc13
GET /lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/05101008/logo-new-br.svg HTTP/1.1
Host: s3-eu-central-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: tBZJl5PAgYJj7tilBFmSAk1ry+fWH5ThL4ZTymBRutWx87tCyelxR5McUgvQ/JOeYxJchN7oB0E=
x-amz-request-id: 28WRFK7VQ78NRJTA
Date: Sat, 24 Sep 2022 23:07:39 GMT
Last-Modified: Thu, 06 Jan 2022 06:57:00 GMT
ETag: "600e6fd78377375dfc3cc9b9dadbfdfa"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 3871
www.lyca-mobile.no/wp-content/themes/Divi/includes/builder/scripts/frontend-builder-scripts.js
3.120.194.163200 OK 31 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/themes/Divi/includes/builder/scripts/frontend-builder-scripts.js
IP 3.120.194.163:0
Hash faf26a56e651031ab3c631961808985a
d6c1f352c66f23c36af8c32ffe09c8bda908285b
7cccf0da734eccae2b86e7638e6c6ca280bed97e23741dcdc3db06ca2b6cc707
GET /wp-content/themes/Divi/includes/builder/scripts/frontend-builder-scripts.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:19:17 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 31305
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.lyca-mobile.no/wp-content/themes/Divi-child/js/forget-password.js
3.120.194.163200 OK 1.3 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/themes/Divi-child/js/forget-password.js
IP 3.120.194.163:0
File type ASCII text, with very long lines (359)
Hash d9496518c9ca0e9e5de95991baffb89f
175543365d682ab41f7ec04640a5bd7a49312998
d224f7efdd43321dbd29ab5d128a5ab30e8eaca50879978ddbdb68a85647dafa
GET /wp-content/themes/Divi-child/js/forget-password.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 05 May 2022 06:42:29 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 1287
Connection: keep-alive
www.lyca-mobile.no/wp-content/plugins/rocket-lazy-load/assets/js/12.0/lazyload.js
3.120.194.163200 OK 3.6 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/rocket-lazy-load/assets/js/12.0/lazyload.js
IP 3.120.194.163:0
File type ASCII text, with very long lines (351)
Hash b53e31a064849939c6a41bb35108dbbe
6153863799c6e67ee3b6340ffca9574ebd995b31
790d3da167b670f0ba09a9f30368be07cdaeffc32f9cd79648be9c892c78fcd8
GET /wp-content/plugins/rocket-lazy-load/assets/js/12.0/lazyload.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:25:56 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 3633
Connection: keep-alive
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/fonts/RobotoCondensed-Regular.ttf
143.204.42.114200 OK 170 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/fonts/RobotoCondensed-Regular.ttf
IP 143.204.42.114:0
File type TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto CondensedRegularVersion 2.137; 2017RobotoC\012- data
Size 170 kB (170284 bytes)
Hash a5a6b71255dc832da585d5c94fa1a115
6a632e0244ae68e70aeb8c8a5d3b360e1648712b
6a2cfb7e61dd09d77526fd314b256894094f96e3a6f3149d9f8000c1132ef4b8
GET /wp-content/themes/Divi-child/fonts/RobotoCondensed-Regular.ttf HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lyca-mobile.no
Connection: keep-alive
Referer: https://d3uayxmzbnco7f.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.ms-opentype
Content-Length: 170284
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Tue, 27 Aug 2019 08:27:32 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 24 Sep 2022 20:29:50 GMT
Cache-Control: 2592000
ETag: "a5a6b71255dc832da585d5c94fa1a115"
Vary: Accept-Encoding,Origin
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vRXLaInOIWF8ZPxhRjPxvPWuA8c7uGaCJFcSUwtKZXNjJCJPYIjJrw==
Age: 9469
s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/08/30120503/germ-one.svg
52.219.75.119200 OK 2.0 kB URL HTTP/1.1 s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/08/30120503/germ-one.svg
IP 52.219.75.119:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 27398d9974a03682bca55a5d1c83cfc0
011509bac7ec598f0ba6ff215d92487fc8965bac
28a2f89175ec3599ef375767ea6996f5bb73d38e5a54025deb7f0370505c382f
GET /lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/08/30120503/germ-one.svg HTTP/1.1
Host: s3-eu-central-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d3uayxmzbnco7f.cloudfront.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: jGtgx31Cn+mu/EmlN6GkmnyblzZWJZlRLjCGynIO5Xh2cWugJrj7Fyc6UfK/DHL3tiXWYYfvPks=
x-amz-request-id: 28WP5X3VZY5KVNZM
Date: Sat, 24 Sep 2022 23:07:39 GMT
Last-Modified: Thu, 30 Aug 2018 12:03:58 GMT
ETag: "27398d9974a03682bca55a5d1c83cfc0"
Cache-Control: max-age=31536000
Content-Encoding: gzip
Expires: Fri, 30 Aug 2019 12:05:03 GMT
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 2016
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/fonts/RobotoCondensed-Bold.ttf
143.204.42.114200 OK 170 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/fonts/RobotoCondensed-Bold.ttf
IP 143.204.42.114:0
File type TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto CondensedBoldRoboto Condensed BoldVersion \012- data
Size 170 kB (169800 bytes)
Hash 36b5da0333389306669655a13f2209ad
8354979a1c3d7911df925e3b57d8c99398d54020
03b4e8042b9af4bf3349428fa734ed583f2d5d83287e1f42cf4d514c909146ef
GET /wp-content/themes/Divi-child/fonts/RobotoCondensed-Bold.ttf HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lyca-mobile.no
Connection: keep-alive
Referer: https://d3uayxmzbnco7f.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.ms-opentype
Content-Length: 169800
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Tue, 27 Aug 2019 08:27:32 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 24 Sep 2022 14:51:15 GMT
Cache-Control: 2592000
ETag: "36b5da0333389306669655a13f2209ad"
Vary: Accept-Encoding,Origin
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oReTv31q3mko95SLRD6KSYYzYFntFHIuYeFKFFOf3Uu5kYVFQpMJQw==
Age: 29784
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/vendor/linear-icons/Linearicons-Free.woff2?w118d
143.204.42.114200 OK 22 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/vendor/linear-icons/Linearicons-Free.woff2?w118d
IP 143.204.42.114:0
File type Web Open Font Format (Version 2), TrueType, length 21780, version 1.0\012- data
Hash 03e91f122aa5fd425abbe23c85546eb0
c87a3db06c5db4e75e639382f174eafa439aeb27
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33
GET /wp-content/themes/Divi-child/vendor/linear-icons/Linearicons-Free.woff2?w118d HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.lyca-mobile.no
Connection: keep-alive
Referer: https://d3uayxmzbnco7f.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 21780
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Tue, 27 Aug 2019 08:27:44 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 24 Sep 2022 20:12:03 GMT
Cache-Control: 2592000
ETag: "03e91f122aa5fd425abbe23c85546eb0"
Vary: Accept-Encoding,Origin
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Gix5xtDhes7Obde1zdHuK_Hpi7VAO96LgjTdZjB3uFFWP0Qa47K4sA==
Age: 10536
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi/core/admin/fonts/modules.ttf
143.204.42.114200 OK 83 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi/core/admin/fonts/modules.ttf
IP 143.204.42.114:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, modules \012- data
Hash 87a9fcfa516cd7576d52480b0bb21dae
7b2b31c6f1e91d53b76daad7fedea802592e4da4
c683211e591f2048ec4a840586e4f849894c8a57c147f23d7b5652d61c1260e2
GET /wp-content/themes/Divi/core/admin/fonts/modules.ttf HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lyca-mobile.no
Connection: keep-alive
Referer: https://d3uayxmzbnco7f.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.ms-opentype
Content-Length: 82920
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Tue, 27 Aug 2019 08:27:45 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 24 Sep 2022 09:41:15 GMT
Cache-Control: 2592000
ETag: "87a9fcfa516cd7576d52480b0bb21dae"
Vary: Accept-Encoding,Origin
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dae3T8AGZxkzxumja8s3roaKWXPjV4N6jES2Gwur4LAKzIj4qwcxSQ==
Age: 48384
s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/06075441/thumbnail_livechat-home-new.png
52.219.75.119200 OK 4.6 kB URL HTTP/1.1 s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/06075441/thumbnail_livechat-home-new.png
IP 52.219.75.119:0
File type PNG image data, 169 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash 997934aedeaea00686b8b3ddae955e3f
6f1ab00c2308c25108bd68368cbacfc6410bdc43
d9d42de448b8e9c5ba116ccd270456367179a295167174953421fafafb5a932b
GET /lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/06075441/thumbnail_livechat-home-new.png HTTP/1.1
Host: s3-eu-central-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d3uayxmzbnco7f.cloudfront.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: nDGDC1MbExXB43CrF4d2qjTT8PS7m5HWqxf6uZFPdAOKcIjbwyva/bsutKJ5SC5wS801GYwSzho=
x-amz-request-id: 28WM07KT3SKGHECD
Date: Sat, 24 Sep 2022 23:07:39 GMT
Last-Modified: Wed, 06 Oct 2021 07:51:37 GMT
ETag: "997934aedeaea00686b8b3ddae955e3f"
Cache-Control: max-age=31536000
Expires: Thu, 06 Oct 2022 07:54:41 GMT
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4589
s3-eu-central-1.amazonaws.com/lycamobilespain-website/lycamobile-es-cms/wp-content/uploads/2018/06/25105546/activate-your-sim.svg
52.219.75.119200 OK 1.9 kB URL HTTP/1.1 s3-eu-central-1.amazonaws.com/lycamobilespain-website/lycamobile-es-cms/wp-content/uploads/2018/06/25105546/activate-your-sim.svg
IP 52.219.75.119:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1914), with no line terminators
Hash f6081e075c11d4ee9be3b614cdcab433
5b46fc85e5698f59567f0446251f52e1207e8d72
6369d8666187a0119acd2ad3f3bff8472f2cc720649cfa8966fc23719078dd39
GET /lycamobilespain-website/lycamobile-es-cms/wp-content/uploads/2018/06/25105546/activate-your-sim.svg HTTP/1.1
Host: s3-eu-central-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d3uayxmzbnco7f.cloudfront.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Lkg8ylgO1Mvb9R/xBS3qvP16rdbQdgnUGihr/0PMFYWrMNfNJRNGG+OMVrr5Jrde8TZT4iVSjJQ=
x-amz-request-id: 28WT9CA0BAEJSWH6
Date: Sat, 24 Sep 2022 23:07:39 GMT
Last-Modified: Mon, 16 Jul 2018 16:00:42 GMT
ETag: "f6081e075c11d4ee9be3b614cdcab433"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1914
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/quick-topup.svg
143.204.42.114200 OK 794 B URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/quick-topup.svg
IP 143.204.42.114:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (568)
Hash cf1e3a7aa04f38e1620d798558f2d606
2c9ad3c5756a3992d80838aea679b7d13fe2e17b
aa9f77e1ebcb1a541bf88994cecc556f52cf27c8176ee8ae14789f38ff55de84
GET /wp-content/themes/Divi-child/img/quick-topup.svg HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Content-Length: 794
Connection: keep-alive
Date: Sat, 24 Sep 2022 09:14:08 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:38 GMT
ETag: "cf1e3a7aa04f38e1620d798558f2d606"
Cache-Control: 2592000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: R4DB3SyJpJQBJ5xEOCv7TDwqG-Emd-E_C9Ubc6mKeHMpITh-OpR0dw==
Age: 50012
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
143.204.42.114200 OK 1.2 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
IP 143.204.42.114:0
File type gzip compressed data, from Unix\012- data
Hash 85a478244d79ab2a1e7caa74f73e89f7
eb1209457084c01a4a6685a268d4e495ea67a5d0
cab3eb0e16aec816bf8f738a6fbe7de33f67f2703c00fd13213385314f497f60
GET /wp-content/themes/Divi-child/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.lyca-mobile.no
Connection: keep-alive
Referer: https://d3uayxmzbnco7f.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 71896
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Tue, 27 Aug 2019 08:27:43 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 24 Sep 2022 20:12:03 GMT
Cache-Control: 2592000
ETag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
Vary: Accept-Encoding,Origin
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G65KGHana4UdOzWjIASdmP2lkwUoa_taxBCrseOteuQaB-llpiV7ig==
Age: 10536
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/faq.svg
143.204.42.114200 OK 785 B URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/faq.svg
IP 143.204.42.114:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b97c7e4122996f575e68c944d87095d8
d8a4695fe27064b95e4918099aaa3c2be1821f32
42ab849ec5e04c9bad98c11a45f2363492238778f29a64b0a9dc5896dcc90892
GET /wp-content/themes/Divi-child/img/faq.svg HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 14:52:05 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:36 GMT
ETag: W/"6f426cc5e8b051ff22516894f385ff7b"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tZBDdTpjvcLvpad7vi8EMKtZkpT3e_o3zh7x1afSdNZH-zm_wb4l4A==
Age: 29735
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/buy-bundles.svg
143.204.42.114200 OK 543 B URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/buy-bundles.svg
IP 143.204.42.114:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ba7d021c2f8e721b33881a8b684fe07a
72106219769658a240a2b4c71467f7675edb4cfb
42607f1e678c5dca991eb7bb9ee65ba550444f1a5f8658be7ea61eb6ce7c5693
GET /wp-content/themes/Divi-child/img/buy-bundles.svg HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 08:49:41 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:33 GMT
ETag: W/"5fb98b5d9331ffac000aa38ccddcc058"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0pvfsoGK4Pj1A-tUwlNIeTEq-H9CCYlB44UKYIBzr46yBS_eYAJW1g==
Age: 51479
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/international-1.svg
143.204.42.114200 OK 2.0 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/international-1.svg
IP 143.204.42.114:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e241cbde90ecbd5a21a851ec1c0d806e
66e85e599a77f141b5b51f7f56fda9a05c348631
bfe76a79be638c8c32cc23e2cc26ac45743aeaf3c16c6851e10d3683f56d17be
GET /wp-content/themes/Divi-child/img/international-1.svg HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 16:13:13 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:37 GMT
ETag: W/"5056ce6c6883a123509cb1cca4031429"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FT81CuQgZ-sLvN_tfeGWc0j8KqxNYMxV7WNCL9YscIGGO3ZzOodv0w==
Age: 24867
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/mobile-settings.svg
143.204.42.114200 OK 1.2 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/mobile-settings.svg
IP 143.204.42.114:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3b9d0b16e49f983feb68c71c0c435ec4
e6d82cd2b529e1ec219aa8503080b5815a3d271f
9e17a9e0e46f86caaac0774b886dce68c39a3de44469efb7088200e449343d22
GET /wp-content/themes/Divi-child/img/mobile-settings.svg HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 08:14:04 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:37 GMT
ETag: W/"94e63e235909be075a2884c96906c941"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j63Lxo6nUZT3vNBJkkRhViIhaDSysu9AI3nZqmliXGJ2SAjGDsIxcg==
Age: 53616
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/store-locator.svg
143.204.42.114200 OK 958 B URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/store-locator.svg
IP 143.204.42.114:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e21443e37ca744aa7d29d2829b46591a
ca3158f56f1c6e1de9564583c398e78d097ed4c4
d07b478885d58c759e9494a4756dbec42b616fc46a14d5b5eed6bbc0dae35352
GET /wp-content/themes/Divi-child/img/store-locator.svg HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Content-Length: 958
Connection: keep-alive
Date: Sat, 24 Sep 2022 07:41:46 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:39 GMT
ETag: "e21443e37ca744aa7d29d2829b46591a"
Cache-Control: 2592000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xE-0rnaCqUNlkjsKmnUg4gRmvWGBCaKCR6sKjBkNbfNyTKbFNCmjFA==
Age: 55554
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/contactus.svg
143.204.42.114200 OK 646 B URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/contactus.svg
IP 143.204.42.114:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b127a283d70bf1c4ecbfab932da2aa69
90be95e05ee092b3b78059ec4d8451468c0f3b64
9d9ef67ed9cdf2eae32c4f8ffb5a1c154501573a36d37bfd0ca910e1e8ae5ca2
GET /wp-content/themes/Divi-child/img/contactus.svg HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Sep 2022 13:45:25 GMT
Last-Modified: Tue, 27 Aug 2019 08:27:36 GMT
ETag: W/"be5d61340a17d803b181cf8d2cee077c"
Cache-Control: 2592000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xiVPPmXvD7_wbC7fQEFtER8mhoTY1P3ndw3QRlvA3Mc17ixi8d5few==
Age: 33735
d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/favicon.ico
143.204.42.114200 OK 1.2 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/themes/Divi-child/img/favicon.ico
IP 143.204.42.114:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 2eed3e79d00bb4bc002d5cff16db207b
dc4cdaf71a4d8fa44eabfe5530403988de1d2bf8
0ed56bfe2a738fc69afc0c991d8c65abe9f5a2204c9a44fa0570e5bd8e47466f
GET /wp-content/themes/Divi-child/img/favicon.ico HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 1150
Connection: keep-alive
Last-Modified: Mon, 18 Oct 2021 07:31:03 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 24 Sep 2022 22:40:57 GMT
ETag: "2eed3e79d00bb4bc002d5cff16db207b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TyVdEgebjQ6Jdj0JQyzw29ttyiKgd9tGp7TYOCFLq9sgzjwKmdaWMQ==
Age: 1603
www.lyca-mobile.no/wp-content/uploads/json_uploads/errorhandle.json
3.120.194.163200 OK 4.1 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/uploads/json_uploads/errorhandle.json
IP 3.120.194.163:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1442)
Hash 9c8e140cc95739dfbfa7e6bb132e890c
6995f8ca8d9fb5a68cd8fae4460502bc73fa2c92
3906c7164353e4321efbc4637888bd17c95938e6329f2df1f19c444350f7bbad
GET /wp-content/uploads/json_uploads/errorhandle.json HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Type: application/json
Date: Sat, 24 Sep 2022 23:07:39 GMT
Last-Modified: Thu, 17 Jun 2021 16:25:58 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 4099
Connection: keep-alive
d3uayxmzbnco7f.cloudfront.net/wp-content/uploads/2017/04/Norway.png
143.204.42.114200 OK 3.1 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/uploads/2017/04/Norway.png
IP 143.204.42.114:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 9021ba1b169c443fcf1ef4205c66746b
57b448f98b746fdd70b85c2c3db3a692c59ed4e9
29be706a53e4348fc185d63ce98c4747e517c1371e9806be940e13637eeed375
GET /wp-content/uploads/2017/04/Norway.png HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3056
Connection: keep-alive
Date: Sat, 24 Sep 2022 09:31:21 GMT
Last-Modified: Tue, 27 Aug 2019 08:28:07 GMT
ETag: "9021ba1b169c443fcf1ef4205c66746b"
Cache-Control: 2592000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RpM98acorrFxeyZuWqL1X0SgXJH70lksjeUcazyDuTTP7vvlqaCm_w==
Age: 48979
s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/05102144/header-twitter-new.svg
52.219.75.119200 OK 15 kB URL HTTP/1.1 s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/05102144/header-twitter-new.svg
IP 52.219.75.119:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (20393)
Hash 1b0607b1b648a1f756b1419bbbfaacd9
fd5d74112b7172baffc62e024b91f398f0d280cd
2fedb7c9aad7c7e9473f4ce37fe4ffb0f23ed83dbc188a14aad73de5e858e542
GET /lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/05102144/header-twitter-new.svg HTTP/1.1
Host: s3-eu-central-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 0UEwE1o2nd6b7yBdPi4vajTfGypEunHMTf+2E3MBHqUKT01uhMkLok/EYYoY1SXnK6gBCsapPNQ=
x-amz-request-id: B15ZEYVS9P2F75ND
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Tue, 05 Oct 2021 10:18:42 GMT
ETag: "1b0607b1b648a1f756b1419bbbfaacd9"
Cache-Control: max-age=31536000
Content-Encoding: gzip
Expires: Wed, 05 Oct 2022 10:21:44 GMT
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 15288
s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/05102139/header-fb-new.svg
52.219.75.119200 OK 8.4 kB URL HTTP/1.1 s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/05102139/header-fb-new.svg
IP 52.219.75.119:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (11262)
Hash 852b81efbbae0dcfd857f87d6c98189a
d8022ff32daac638cb94b4bd15ec7e7891eaefcb
58480bbcf53220a5a596bebc793c65cd7a22b77f49e4329c0f5f7c8ed8da125a
GET /lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/05102139/header-fb-new.svg HTTP/1.1
Host: s3-eu-central-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: XCUq5HC7MyXUs5K0ymVOTuxaFqgoEaf59w3Uh9EsbR2cLvx3WiPGHuhc6TV9MEHTmgd3QpvUX44=
x-amz-request-id: B15T8NSA2XGZAE4W
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Tue, 05 Oct 2021 10:18:37 GMT
ETag: "852b81efbbae0dcfd857f87d6c98189a"
Cache-Control: max-age=31536000
Content-Encoding: gzip
Expires: Wed, 05 Oct 2022 10:21:39 GMT
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 8393
s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/05102142/header-insta-new.svg
52.219.75.119200 OK 18 kB URL HTTP/1.1 s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/05102142/header-insta-new.svg
IP 52.219.75.119:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (23958)
Hash 9a55d81cd439e49798109bd463dd1f1b
1afef555c1541124cc9b6c85ae258a72b6818ec1
61f9f838ab4dd5a633b7ae5329af4d2acae8045d2e0e667fd73a3f116b00dab6
GET /lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/05102142/header-insta-new.svg HTTP/1.1
Host: s3-eu-central-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: iXdziqnG+8J0or67/IwvEFXAn3oRXUx3C1mnL5FvwaCy90V77BoWZC2ZubALtvBbt6O4H4Q74h8=
x-amz-request-id: B15JM3ZXDC41JZZC
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Tue, 05 Oct 2021 10:18:40 GMT
ETag: "9a55d81cd439e49798109bd463dd1f1b"
Cache-Control: max-age=31536000
Content-Encoding: gzip
Expires: Wed, 05 Oct 2022 10:21:42 GMT
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 17998
s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/07072809/breadcrumb_newbrand_be.png
52.219.75.119200 OK 24 kB URL HTTP/1.1 s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/07072809/breadcrumb_newbrand_be.png
IP 52.219.75.119:0
File type PNG image data, 1920 x 140, 8-bit/color RGB, non-interlaced\012- data
Hash ad2b8da460e7f9706da7008773b132b3
5f7ddfbb68f26ba1fb5f0769dca8f88bc01d7829
a55b84d8174fc43917cae9c623df2b1758d7c05493b0881252a55ca87dcfdbf0
GET /lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/07072809/breadcrumb_newbrand_be.png HTTP/1.1
Host: s3-eu-central-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: KEP7IgjzUCveAf0nydO/kN8tw9JBdoLTAN6mfSrCf4NJpyJrk3wKkHT6vY4tv1m2k7UbMS2ZQWw=
x-amz-request-id: B15ZVZ94X0S3A1PE
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Thu, 07 Oct 2021 07:25:03 GMT
ETag: "ad2b8da460e7f9706da7008773b132b3"
Cache-Control: max-age=31536000
Expires: Fri, 07 Oct 2022 07:28:09 GMT
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 23600
s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/11065021/european-union_new.svg
52.219.75.119200 OK 726 B URL HTTP/1.1 s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/11065021/european-union_new.svg
IP 52.219.75.119:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2193), with no line terminators
Hash 300ca84c801a3dff40b9f85bd024669a
d6a6b760a33b8db7e552cb63ad7ca064ef4fae70
9de40f884583d6bc5bbd40bd5b74d0b20c853538aa6a3fabf4144c23ef674983
GET /lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/11065021/european-union_new.svg HTTP/1.1
Host: s3-eu-central-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: z4xNEMH8yp/LwffXXotwgHxYKSC7tQfzexnSazAi1jOK/ffha+Vhihx3fEuokmW2cQ0WH0Im6ME=
x-amz-request-id: B15TK0PZNP8JF285
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Mon, 11 Oct 2021 06:50:14 GMT
ETag: "300ca84c801a3dff40b9f85bd024669a"
Cache-Control: max-age=31536000
Content-Encoding: gzip
Expires: Tue, 11 Oct 2022 06:50:21 GMT
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 726
s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/05102146/header-youtube-new.svg
52.219.75.119200 OK 18 kB URL HTTP/1.1 s3-eu-central-1.amazonaws.com/lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/05102146/header-youtube-new.svg
IP 52.219.75.119:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (24655)
Hash 74d50291fad9e577ecbde522f9882145
7dcf477169f8d5a1d0ee5dd970c10da54cde13f1
a9fc0811ec1d0594b50275f6bb1e275a61144d25f8885333fd5172d34b7f8655
GET /lycamobile-norway-website/lycamobile-nor-cms/wp-content/uploads/2018/06/05102146/header-youtube-new.svg HTTP/1.1
Host: s3-eu-central-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 3SYl3/snxbBoKJM8zqrCBWw8qmap9MXePLxHLTligFLO5isfiXM5by1P5UkhJBX26Y8Lk7fAnFs=
x-amz-request-id: B15G5T2NDVQ3B5H8
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Tue, 05 Oct 2021 10:18:44 GMT
ETag: "74d50291fad9e577ecbde522f9882145"
Cache-Control: max-age=31536000
Content-Encoding: gzip
Expires: Wed, 05 Oct 2022 10:21:46 GMT
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 18504
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 6387723ef869c671bc073f0b7a31d27d
4ed409ed5821324de3c55eeffa7a4e96dc40627e
2d5f79d50d6b53c41bcba134f59c77fd0384aaa8554a90a624778229f0b09797
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 23:07:39 GMT
Last-Modified: Sat, 24 Sep 2022 22:38:45 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Fgv_HA_QtR3pONuAMniDph0YV_xO8Z90nTwDfiMMVuudca3y9F7Y3Q==
Age: 1734
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 6387723ef869c671bc073f0b7a31d27d
4ed409ed5821324de3c55eeffa7a4e96dc40627e
2d5f79d50d6b53c41bcba134f59c77fd0384aaa8554a90a624778229f0b09797
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 23:07:39 GMT
Last-Modified: Sat, 24 Sep 2022 22:07:18 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ocz1ACbBBh56Co94N5IECCmJ2yrcGHOKGn6v-Zjx-IfYFBh_tBk0Tg==
Age: 3621
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c6a4a8e3b18e562b4bed71eefd913481
9ed32697f78f7b72531decd850de97499c6f2574
54041ea6df222d529d39122b6e7d2e21b082b7c1f28f5565b088e3941b7788f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05111205/Denmark1.png
52.95.148.173200 OK 3.9 kB URL HTTP/1.1 s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05111205/Denmark1.png
IP 52.95.148.173:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 017dcaacabe7f7dfbf5b430b8188b614
f4cdef6d7cd166e354bcd343aac76dd867eac2eb
4b7007c107f881d48678205fd27f0fdd50d23088bdbf1c7b12af442630909a34
GET /lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05111205/Denmark1.png HTTP/1.1
Host: s3-eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: JO6dqKqgBoPsH7dhGftCPK1Rey2ISPi+5EOWzp8A71plaLt6Tj70jT92HXGOrK4Nlw6v3p48JNU=
x-amz-request-id: B15SKSJEF1T9CETJ
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Mon, 19 Apr 2021 09:38:32 GMT
ETag: "017dcaacabe7f7dfbf5b430b8188b614"
Cache-Control: max-age=31536000
Expires: Wed, 05 Dec 2018 11:12:05 GMT
x-amz-version-id: uiFsOj3HohBE.Jebck2oQOY6RiDfxk3Q
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3893
consent.cookiebot.com/uc.js
104.84.152.64200 OK 31 kB URL HTTP/2 consent.cookiebot.com/uc.js
IP 104.84.152.64:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Hash 1f7f6b319b01271a5c96673234d1997d
217522b7111ec672fcc593c5fcd9f6688e96241c
c22fe53aab4bcf40528aa983600a7580140b22624da715018aa274750bbfd84c
GET /uc.js HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 10:43:50 GMT
accept-ranges: bytes
etag: "1441fadeddccd81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 31445
cache-control: public, max-age=298
expires: Sat, 24 Sep 2022 23:12:37 GMT
date: Sat, 24 Sep 2022 23:07:39 GMT
X-Firefox-Spdy: h2
s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05112045/France1.png
52.95.148.173200 OK 3.8 kB URL HTTP/1.1 s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05112045/France1.png
IP 52.95.148.173:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash a77830776e897150a6ff71086e102b0d
d51b723d1070266baa7c5f7d7c848245791f7729
aef7056201ef0b57ad96204bca42e09d38886c1139ed77c6d4d102fcdac339fd
GET /lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05112045/France1.png HTTP/1.1
Host: s3-eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 39NUOP3o1G7Mnk9RD7KPvLlyn7HYWTanezdAMzgeC1emuKpLNoa086NOivYb4NvWGaZkC/WvbFM=
x-amz-request-id: B15SFH8XH6B0F8BD
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Mon, 19 Apr 2021 09:38:32 GMT
ETag: "a77830776e897150a6ff71086e102b0d"
Cache-Control: max-age=31536000
Expires: Wed, 05 Dec 2018 11:20:45 GMT
x-amz-version-id: pu8R6M7CKxBCciwISencqH_AybVJLBjI
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3805
s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05104722/Belgium1.png
52.95.148.173200 OK 3.1 kB URL HTTP/1.1 s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05104722/Belgium1.png
IP 52.95.148.173:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 05b0430105aa244028af3d4812cfa862
9eab0b05bd6168d57cce062705562be4feb82f6f
58c034ac6bd3419e05ea16f2ebfbc4682fb594f29a4e2d5d794bcfec5b0993fb
GET /lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05104722/Belgium1.png HTTP/1.1
Host: s3-eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: aqqD0E8bpq63bEAb3ziAoJ9V0xFO6B/oWHlZzAONHi2ZyCq21cY6xLZfpJMyTeHLsICZAxh05cM=
x-amz-request-id: B15K06D18ANH3CCP
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Mon, 19 Apr 2021 09:38:28 GMT
ETag: "05b0430105aa244028af3d4812cfa862"
Cache-Control: max-age=31536000
Expires: Wed, 05 Dec 2018 10:47:22 GMT
x-amz-version-id: xPo84QQnS78MMDy3NywneivcwR8deWQC
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3134
11029147.fls.doubleclick.net/activityi;src=11029147;type=invmedia;cat=nolyc0;ord=4815808030186;gtm=2wg9l0;auiddc=1897438616.1664060858;~oref=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1?
142.250.74.70200 OK 472 B URL HTTP/2 11029147.fls.doubleclick.net/activityi;src=11029147;type=invmedia;cat=nolyc0;ord=4815808030186;gtm=2wg9l0;auiddc=1897438616.1664060858;~oref=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (654), with no line terminators
Hash 068ae9f42c70ec2d255dd40b423687f4
244dc88d2f66649d8e4532f51e39d6d3feb5808b
1dc6dac0ba8d174832d96ab02376d32d90c335b699b4f6624c569b1b1040913b
GET /activityi;src=11029147;type=invmedia;cat=nolyc0;ord=4815808030186;gtm=2wg9l0;auiddc=1897438616.1664060858;~oref=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1? HTTP/1.1
Host: 11029147.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 23:07:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 472
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 24-Sep-2022 23:22:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 6387723ef869c671bc073f0b7a31d27d
4ed409ed5821324de3c55eeffa7a4e96dc40627e
2d5f79d50d6b53c41bcba134f59c77fd0384aaa8554a90a624778229f0b09797
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 23:07:39 GMT
Last-Modified: Sat, 24 Sep 2022 21:52:30 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: C9XE_uPP4zRFyoUVkeCzS-RL-mKsvgsIjMBXijGj9EV50kHkqX3q8A==
Age: 4509
s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05112541/greece1.png
52.95.148.173200 OK 4.4 kB URL HTTP/1.1 s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05112541/greece1.png
IP 52.95.148.173:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f96f9ec7e6c20ae3e2fffad9e2d5935
d20f275da48cf934daae0622fba00ac789996576
a5bf00e8fce671f3814258643082db0739a309e5c4f9900e34e08eb12203ab14
GET /lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05112541/greece1.png HTTP/1.1
Host: s3-eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 4YBo22MBGgJdmrmlKBnt5mHleVfrbAVQF1jwB0fdM2HOu9bogfyCoBTIhsqRR427BMs8iI4/DbY=
x-amz-request-id: B15T6DGYV5ECYRZB
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Mon, 19 Apr 2021 09:38:32 GMT
ETag: "9f96f9ec7e6c20ae3e2fffad9e2d5935"
Cache-Control: max-age=31536000
Expires: Wed, 05 Dec 2018 11:25:41 GMT
x-amz-version-id: Q7IT_DK9DqY8YXPoF3wYqidHHps8u5mo
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4373
s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05113518/Ireland1.png
52.95.148.173200 OK 2.4 kB URL HTTP/1.1 s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05113518/Ireland1.png
IP 52.95.148.173:0
File type PNG image data, 128 x 128, 8-bit colormap, non-interlaced\012- data
Hash 43d299857d925a89b5e9d9ed735137e6
98dfeb70ca2e020803d0bce2b702762856c1bbe9
f3582ced229071311c510cec9ec473bc624d73866c637def53b9156c8e0007a3
GET /lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05113518/Ireland1.png HTTP/1.1
Host: s3-eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 5nj3efhmB1Bx5xiTpgA63yt4JGa3+JCUUxbRgjkOe8plqUIeXXebXI4sauI77qhx8DIT559EiPc=
x-amz-request-id: B15NT74FEAH7T3RM
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Wed, 14 Jul 2021 12:18:42 GMT
ETag: "43d299857d925a89b5e9d9ed735137e6"
x-amz-version-id: 144H9sB0.wvoZ7J_SgDb17LmdFMdZ4mk
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 2353
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 6387723ef869c671bc073f0b7a31d27d
4ed409ed5821324de3c55eeffa7a4e96dc40627e
2d5f79d50d6b53c41bcba134f59c77fd0384aaa8554a90a624778229f0b09797
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 23:07:39 GMT
Last-Modified: Sat, 24 Sep 2022 21:45:39 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mn5XMC6bFg7OlpPNlaxb0yqFKOWs0LouFwsCqANWosbed7t2lw_wAw==
Age: 4920
s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05113718/Italy1.png
52.95.148.173200 OK 3.8 kB URL HTTP/1.1 s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05113718/Italy1.png
IP 52.95.148.173:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f891a07f54e96ad26eab45eff4a4ac4
4216d39a4d5d857a5043a74344e38fae2d57cbb4
b8b8229f776ee43d90df36e703367c559bbb484b837e824b87cd0d0667f96f68
GET /lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05113718/Italy1.png HTTP/1.1
Host: s3-eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 2myW4OeMpD9bxit5c7d+Gw5hhnOiNeJ71MW8rfXaEK9d1WIjLUoDutRiai5GSOu6ZnG+3RrBW3c=
x-amz-request-id: B15MQ95P1M0MRF60
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Mon, 19 Apr 2021 09:38:36 GMT
ETag: "0f891a07f54e96ad26eab45eff4a4ac4"
Cache-Control: max-age=31536000
Expires: Wed, 05 Dec 2018 11:37:18 GMT
x-amz-version-id: GTF1L1A9A6.2B4uTj.N2PdO2SsTH.sh1
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3807
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 6387723ef869c671bc073f0b7a31d27d
4ed409ed5821324de3c55eeffa7a4e96dc40627e
2d5f79d50d6b53c41bcba134f59c77fd0384aaa8554a90a624778229f0b09797
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 23:07:39 GMT
Last-Modified: Sat, 24 Sep 2022 21:44:32 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ALMGziBY6bNyT4qrsh8vnzknAN2i4PMW2zkW3RGiPplxad3R3NVyXg==
Age: 4987
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c6a4a8e3b18e562b4bed71eefd913481
9ed32697f78f7b72531decd850de97499c6f2574
54041ea6df222d529d39122b6e7d2e21b082b7c1f28f5565b088e3941b7788f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
consentcdn.cookiebot.com/sdk/bc-v4.min.html
104.110.3.72200 OK 392 B URL HTTP/2 consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP 104.110.3.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Hash e7268eccad39bd651697fa793a52cc5c
47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31175407
expires: Wed, 20 Sep 2023 18:57:46 GMT
date: Sat, 24 Sep 2022 23:07:39 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2
www.lyca-mobile.no/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.css
3.120.194.163200 OK 3.9 kB URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.css
IP 3.120.194.163:0
Hash 2bcea2869112db9a45348df3a5635c24
05f022a59b8e0a0973309ebceeef184f76387a81
f6b0d4241d0d93d79acb7f9037b4a279c28286fb30835b826afa11d2f486fdc7
GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.css HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/css
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:25:56 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 552
Connection: keep-alive
s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05112017/Finland1.png
52.95.148.173200 OK 3.6 kB URL HTTP/1.1 s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05112017/Finland1.png
IP 52.95.148.173:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 5e1cfce111a4d74a372c674d4cc37413
83f346da964635dea608a27d54f85df4477e1fb9
618376f66c76753dbe413321c2600f615d7a86cad126b13f07878c0af4d554d7
GET /lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05112017/Finland1.png HTTP/1.1
Host: s3-eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: dcWPn5ObFpUL0FynhyXy8GF4N9MgKudKP5Quzfh1za0KFresp/xz6yYPtvFTaacmglSJSrIt7Z4=
x-amz-request-id: B15HAWDZZW0AS9RT
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Mon, 19 Apr 2021 09:38:32 GMT
ETag: "5e1cfce111a4d74a372c674d4cc37413"
Cache-Control: max-age=31536000
Expires: Wed, 05 Dec 2018 11:20:17 GMT
x-amz-version-id: OwXKXGP8WQZs7BHDS_f4YevL7kKbeDCt
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3636
s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05114724/Latvia1.png
52.95.148.173200 OK 3.8 kB URL HTTP/1.1 s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05114724/Latvia1.png
IP 52.95.148.173:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash b9c786d407210d6bc0c2a86265d9f7b0
beb959603fc7cb94368ac2b0db83d5157fc3ed59
88cbf9a06a0e429b27afe129c11e2668cf4dc3cf61918e25b717546ba5f74cc8
GET /lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05114724/Latvia1.png HTTP/1.1
Host: s3-eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 5hvHO4EAbyf5JAqzbDOOBuvaG5PiINt1h704hW6HFXA/VexEP6f+u7BFeZGJCP1P725PqjuUnyI=
x-amz-request-id: B15Q22F4MFHDFEV9
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Mon, 19 Apr 2021 09:38:36 GMT
ETag: "b9c786d407210d6bc0c2a86265d9f7b0"
Cache-Control: max-age=31536000
Expires: Wed, 05 Dec 2018 11:47:24 GMT
x-amz-version-id: hBXvw2q1TABuXXEllSZB6IP18vQ.9xX4
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3774
s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05115017/Luxembourg1.png
52.95.148.173200 OK 3.9 kB URL HTTP/1.1 s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05115017/Luxembourg1.png
IP 52.95.148.173:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e651c805d98f379e5b0ad3576d5ee0b
a921beaf6a7a518db0d5a33b7367b77f0e1fa471
f0c25debbfdc38763304b11360d01fc4ac3c911e869f7af0c995842d611501ae
GET /lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05115017/Luxembourg1.png HTTP/1.1
Host: s3-eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: qrIK1wc8LZ8jzsuQM+Yjp+9HEJkyz9/lEceeYee4KMiUTlUdWn+kOyMsPv+3C6wBhuE0E4FPi2o=
x-amz-request-id: B15GTM5AXFA5SB8Y
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Mon, 19 Apr 2021 09:38:36 GMT
ETag: "3e651c805d98f379e5b0ad3576d5ee0b"
Cache-Control: max-age=31536000
Expires: Wed, 05 Dec 2018 11:50:17 GMT
x-amz-version-id: 0cOqMsF0_Ak37NCNNGamM71CWdVZEacS
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3869
s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05111007/Cyprus1.png
52.95.148.173200 OK 7.8 kB URL HTTP/1.1 s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05111007/Cyprus1.png
IP 52.95.148.173:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash a07ecb819e9041e7aaa1ba734b925e10
3d0a03e7fb4b990a576f3ebe8d07d1cd58ccf0a1
5a7be5dbead23ec1820ad5e47695ccac7082151c22b119af4aa025b7c235596d
GET /lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05111007/Cyprus1.png HTTP/1.1
Host: s3-eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 2g4joxqwmKm8gd2YhddTKlUspmoq62DwaQFtO8EEKHap4HqxvSlCVuZclPGAsbqokmVil53QQvU=
x-amz-request-id: B15WGWR3VHJS0TKM
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Mon, 19 Apr 2021 09:38:32 GMT
ETag: "a07ecb819e9041e7aaa1ba734b925e10"
Cache-Control: max-age=31536000
Expires: Wed, 05 Dec 2018 11:10:07 GMT
x-amz-version-id: clCEU3GO5qQuk5QhAMDw0v0RnkhC3c6d
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 7763
s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05105612/Bulgaria1.png
52.95.148.173200 OK 3.6 kB URL HTTP/1.1 s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05105612/Bulgaria1.png
IP 52.95.148.173:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash a988ef19186744cb92fbb0b29fd46956
f44b4bca4cbeb6af59414d97e487de1177106ac5
c0a8e61b25f5d6a64c9f45deda84748f57d25db76108601fca0a705188664d3c
GET /lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05105612/Bulgaria1.png HTTP/1.1
Host: s3-eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: zD455gyt6dO2En+Go8xH9Fe12i1c/VllFIeXjds4YMQpVCUZIC/xxeBVIKCIjLscBJ7zHzBXz1U=
x-amz-request-id: B15K85BXS6FNSR4M
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Mon, 19 Apr 2021 09:38:28 GMT
ETag: "a988ef19186744cb92fbb0b29fd46956"
Cache-Control: max-age=31536000
Expires: Wed, 05 Dec 2018 10:56:12 GMT
x-amz-version-id: rhxVu5a7c0dtIOfOVBZfLRNgZLQcxKbW
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3556
s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05115743/Malta1.png
52.95.148.173200 OK 4.3 kB URL HTTP/1.1 s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05115743/Malta1.png
IP 52.95.148.173:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash a83ad8aa720acb4451c0d59cd08c628f
086e729447dbc761c4b2561973314882a4d8cf7c
dda9ab435b2059745ebf794a823a6f72b2ffa34a18b178c5bdd9673b962baf12
GET /lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05115743/Malta1.png HTTP/1.1
Host: s3-eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: ENSkEzrzuoYPy2BNNZ89rS4TtXfcZXp9zRZe0BI6Laft8GT/aewqDiRsD7IHVuaBbpnBaqaI/RQ=
x-amz-request-id: B15J705X0J0RZXBD
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Mon, 19 Apr 2021 09:38:40 GMT
ETag: "a83ad8aa720acb4451c0d59cd08c628f"
Cache-Control: max-age=31536000
Expires: Wed, 05 Dec 2018 11:57:43 GMT
x-amz-version-id: rqG497F_yoU1eO77PnVOCv8uXhA_1r2V
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4287
s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05134701/Netherlands1.png
52.95.148.173200 OK 3.8 kB URL HTTP/1.1 s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05134701/Netherlands1.png
IP 52.95.148.173:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash a19874c7d02744990237b827439132a4
d9a7a1eb5ee2e5a4dbbc75e43d7905b17ec0f6c0
e75bffa1dae0a23fa6d5cfa73835a321f5933810079f7c61d733a4a0f033d605
GET /lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05134701/Netherlands1.png HTTP/1.1
Host: s3-eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: N7kQztHMHA/kjuZVPHhpizZEEoMc6efJK9j3hEWTX1M31ol9hj/pfYg7pOj9yXPZ69lddus0CTU=
x-amz-request-id: B15XG9497DQGYY51
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Mon, 19 Apr 2021 09:38:41 GMT
ETag: "a19874c7d02744990237b827439132a4"
Cache-Control: max-age=31536000
Expires: Wed, 05 Dec 2018 13:47:01 GMT
x-amz-version-id: 28LeGCtB6pYn.FjZ8bQqfzeq4Hz2DMmS
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3841
s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05135311/Norway1.png
52.95.148.173200 OK 3.1 kB URL HTTP/1.1 s3-eu-west-2.amazonaws.com/lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05135311/Norway1.png
IP 52.95.148.173:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 9021ba1b169c443fcf1ef4205c66746b
57b448f98b746fdd70b85c2c3db3a692c59ed4e9
29be706a53e4348fc185d63ce98c4747e517c1371e9806be940e13637eeed375
GET /lycamobileukwebsite/lycauk/dev/lycamobile-uk-cms/wp-content/uploads/2017/04/05135311/Norway1.png HTTP/1.1
Host: s3-eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: dDeSgFI2b3ZMypbZ3pk5XKtEz3RmSkNVNF//zXJ9nGzJ3LGKELyy01d7FFOdnRzZ3ChB5Snziy0=
x-amz-request-id: B15NJNJW28PSS1QS
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Wed, 14 Jul 2021 12:09:56 GMT
ETag: "9021ba1b169c443fcf1ef4205c66746b"
x-amz-version-id: U31NsyBZvHkqDUS_Ugic5SNoLOgwf_dQ
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3056
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 267300d587831dda7559c30c40cc614e
d7ff0b9754e61f5d4178eddb5e63c3390ab559c8
ec7aad1a3116ce8ef5258b49de87cf3456c8c4890206fa5d46c8e510ded80ac0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
consent.cookiebot.com/96a1d7e4-5650-4b38-a86a-76e9471fade7/cc.js?renew=false&referer=www.lyca-mobile.no&dnt=false&init=false
104.84.152.64200 OK 55 kB URL HTTP/2 consent.cookiebot.com/96a1d7e4-5650-4b38-a86a-76e9471fade7/cc.js?renew=false&referer=www.lyca-mobile.no&dnt=false&init=false
IP 104.84.152.64:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65499)
Hash 0d3f929a270fd7eb683b20d3f51839ad
125f28515002d42945baa928a23a9bddd282607c
ba3999cce32160ae50408cbf59fb4c80000d3657e9b07496712853979448f56f
GET /96a1d7e4-5650-4b38-a86a-76e9471fade7/cc.js?renew=false&referer=www.lyca-mobile.no&dnt=false&init=false HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=1200
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
last-modified: Sat, 24 Sep 2022 23:07:39 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 55313
date: Sat, 24 Sep 2022 23:07:39 GMT
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=11029147;type=invmedia;cat=nolyc0;ord=4815808030186;gtm=2wg9l0;auiddc=1897438616.1664060858;~oref=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1
142.250.74.34200 OK 470 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=11029147;type=invmedia;cat=nolyc0;ord=4815808030186;gtm=2wg9l0;auiddc=1897438616.1664060858;~oref=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (653), with no line terminators
Hash cb6462fe0b2ee8312a7f5ca9796350dc
c61cd1383b92b53436cd75d221648c793c341faf
bafbccd79158a3c13e384e09f4be7aac7e2358573413ad6c1652e622b5d9e102
GET /ddm/fls/i/src=11029147;type=invmedia;cat=nolyc0;ord=4815808030186;gtm=2wg9l0;auiddc=1897438616.1664060858;~oref=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11029147.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 23:07:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 470
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 9380865bd8f68a5bac0efaf819990406
6bbd46ba6bded0299ad677ac5a85490250956733
26f333f97fd3add34a010669bf3cbe6dc6cd5057e5c237768aae41c2845a7352
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 23:07:39 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 03:46:24 GMT
Expires: Sat, 01 Oct 2022 03:46:23 GMT
Etag: "6bbd46ba6bded0299ad677ac5a85490250956733"
Cache-Control: max-age=534523,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ff2d73fde3b518-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tracker.selectivv.com/view?clickid={clickid}
85.17.54.17400 Bad Request 46 B URL HTTP/1.1 tracker.selectivv.com/view?clickid={clickid}
IP 85.17.54.17:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 0e4a33c59b51dbdbf84b51054c586a9d
7cff1535efd061f8d1d5b8ac61f2c1517bc8569e
4fd44ea9678a34eca7c647ce4877e6faa94745ac95947a1eeffde864d9026204
GET /view?clickid={clickid} HTTP/1.1
Host: tracker.selectivv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lyca-mobile.no
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx/1.21.3
Date: Sat, 24 Sep 2022 23:07:39 GMT
Content-Type: application/json
Content-Length: 46
Connection: keep-alive
adservice.google.no/ddm/fls/i/src=11029147;type=invmedia;cat=nolyc0;ord=4815808030186;gtm=2wg9l0;auiddc=1897438616.1664060858;~oref=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1
142.250.74.162200 OK 177 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=11029147;type=invmedia;cat=nolyc0;ord=4815808030186;gtm=2wg9l0;auiddc=1897438616.1664060858;~oref=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 9393b28661a65a763699c108887882eb
c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0
GET /ddm/fls/i/src=11029147;type=invmedia;cat=nolyc0;ord=4815808030186;gtm=2wg9l0;auiddc=1897438616.1664060858;~oref=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 23:07:39 GMT
expires: Sat, 24 Sep 2022 23:07:39 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d3uayxmzbnco7f.cloudfront.net/wp-content/uploads/2017/06/mobile_icons_svg_bundle.svg
143.204.42.114200 OK 422 B URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/uploads/2017/06/mobile_icons_svg_bundle.svg
IP 143.204.42.114:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash efc5d499203342c7943e44c68c22f670
6cd73fa1bfb854fa47ca2323986aca519e566936
adbb8b4b73d3eec20f434af5a3207f4076f2d47cc4e8f94b916a6b9a5a827454
GET /wp-content/uploads/2017/06/mobile_icons_svg_bundle.svg HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Content-Length: 422
Connection: keep-alive
Last-Modified: Tue, 15 Feb 2022 04:56:40 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 24 Sep 2022 07:36:57 GMT
ETag: "efc5d499203342c7943e44c68c22f670"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oBw8UrM3Qea0NjoKXhCiwLmzOKnVO39yvEdvSjaz2kWvyuD0RtNYvA==
Age: 55843
d3uayxmzbnco7f.cloudfront.net/wp-content/uploads/2017/06/national-text.svg
143.204.42.114200 OK 379 B URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/uploads/2017/06/national-text.svg
IP 143.204.42.114:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (379), with no line terminators
Hash 873789b36bcca252488070dc6727c3b3
03147946a7c606a77334fc61848099d96a240a4b
6a8c3a01af957fe571fd86413bf84ac367df9b687f811efa6dc0814600d331cb
GET /wp-content/uploads/2017/06/national-text.svg HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Content-Length: 379
Connection: keep-alive
Date: Sat, 24 Sep 2022 09:56:40 GMT
Last-Modified: Tue, 15 Feb 2022 04:56:38 GMT
ETag: "873789b36bcca252488070dc6727c3b3"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cgZfaxjYTouvkOMlY3cVQ7PxMxgtq2xKJEedkhmU2WZe3xQ9fRpTuQ==
Age: 47460
d3uayxmzbnco7f.cloudfront.net/wp-content/uploads/2018/06/buy_sim_new-br-1.png
143.204.42.114200 OK 15 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/uploads/2018/06/buy_sim_new-br-1.png
IP 143.204.42.114:0
File type PNG image data, 522 x 235, 8-bit/color RGBA, non-interlaced\012- data
Hash 445a17c3cfa8b089268d00afb9cc2a12
9ab22aafb3bf1f21831e8fff3770306a4da50fcc
955ea640ad8413dcbd59590421eb5462a49c8224cdfa4638db9bcef8ff8d2d9b
GET /wp-content/uploads/2018/06/buy_sim_new-br-1.png HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 15283
Connection: keep-alive
Last-Modified: Mon, 18 Oct 2021 05:20:16 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 24 Sep 2022 07:18:10 GMT
ETag: "445a17c3cfa8b089268d00afb9cc2a12"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TV3c87T4Pkaguu7bpyZZjvit-ZJ2EtbfB5WFs2eamG6VXW0z9MlPPQ==
Age: 56970
d3uayxmzbnco7f.cloudfront.net/wp-content/uploads/2017/06/phone-call.svg
143.204.42.114200 OK 604 B URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/uploads/2017/06/phone-call.svg
IP 143.204.42.114:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (469)
Hash 2a3c2d102f0a6647ff4c989f9e5183dd
bfaf1194f81cb8b5300a3789624534c6786c8cb1
0c7b8c0063cebc49797c54a410e7e9b783047885c1a925c9bd4f1948353733c7
GET /wp-content/uploads/2017/06/phone-call.svg HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Content-Length: 604
Connection: keep-alive
Last-Modified: Tue, 15 Feb 2022 04:56:36 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 24 Sep 2022 06:57:15 GMT
ETag: "2a3c2d102f0a6647ff4c989f9e5183dd"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GuvYchJ1CCihNx4KohVUQmHaOMDzlwMceHNiu89DeMkxGzKKeVseEg==
Age: 58225
d3uayxmzbnco7f.cloudfront.net/wp-content/uploads/2018/06/Refer_a_friend_br.png
143.204.42.114200 OK 63 kB URL HTTP/1.1 d3uayxmzbnco7f.cloudfront.net/wp-content/uploads/2018/06/Refer_a_friend_br.png
IP 143.204.42.114:0
File type PNG image data, 522 x 235, 8-bit/color RGBA, non-interlaced\012- data
Hash 4fe087bad3bb3390beeea312c1a14de8
cf28dafa12cf6e1892ad7c76f839eccb35a0f840
f6dacf9f4c9eeba6a1743731c3228cca08c0dfd61db94db66cd3c26a3958ccad
GET /wp-content/uploads/2018/06/Refer_a_friend_br.png HTTP/1.1
Host: d3uayxmzbnco7f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 62719
Connection: keep-alive
Last-Modified: Mon, 18 Oct 2021 05:20:24 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 24 Sep 2022 18:17:20 GMT
ETag: "4fe087bad3bb3390beeea312c1a14de8"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pnSAy0VP1YIJbKaXOQ_RZDHBjumrapLSw5dZKxL0Ir7RNvB4sno3jA==
Age: 17420
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 419de8bd44f32435f5730ab5925e843b
6b352afe88897d6f3c3c2944de370eb96c670644
0c74e6e47c5fb7501624f8e88e5e53ad25e0d059a07ff5df2882bcb86b94a62a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3622
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:39 GMT
Last-Modified: Sat, 24 Sep 2022 22:07:17 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sat, 24 Sep 2022 22:41:09 GMT
expires: Sun, 25 Sep 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 1590
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash 1e9c4d503a9e162d8b549dc3d9c040e2
1fa99d7d7e878cdd45567af4b0c3c65542036c1d
f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Sat, 24 Sep 2022 23:07:39 GMT
x-served-by: cache-iad-kiad7000137-IAD, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=3173A6430EFD66012206B46A0F0867B8; domain=.bing.com; expires=Thu, 19-Oct-2023 23:07:39 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 83785F126FA046F082C0ED230EA07BDD Ref B: OSL30EDGE0510 Ref C: 2022-09-24T23:07:39Z
date: Sat, 24 Sep 2022 23:07:39 GMT
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 9ecd89752214ef749272eef344b9089a
70a58a49c08934265ee34c74efb01d6b3124095d
f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: private
cache-control: private
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-ua-compatible: IE=edge
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 5tJrkNBI6nPmQtGMWBHXYEU+O8soQzeRXAD1TTb4uU4+0CMVLl6ELoBmh7MlK12lG8nmoUTlFx1XtCf87PvXUQ==
priority: u=3,i
content-length: 26839
x-fb-trip-id: 1679558926
date: Sat, 24 Sep 2022 23:07:39 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 419de8bd44f32435f5730ab5925e843b
6b352afe88897d6f3c3c2944de370eb96c670644
0c74e6e47c5fb7501624f8e88e5e53ad25e0d059a07ff5df2882bcb86b94a62a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3622
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:39 GMT
Last-Modified: Sat, 24 Sep 2022 22:07:17 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f273384b31184737eb8672c1a7267030
d54e0c9b37f43fcf79d2dff937fff5ed13c46c4b
372046450640935d99c753342ddb73be026a500ec98eb96bb313e25153ba74e0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6227
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Sat, 24 Sep 2022 21:23:53 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
t.co/i/adsct?bci=3&eci=2&event_id=6683ac5d-0516-4707-ac71-b807dcd3fa42&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=635baa2c-bfb0-464c-9ee2-fe6dfd51f611&tw_document_href=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o13z4&type=javascript&version=2.3.27
104.244.42.197200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=6683ac5d-0516-4707-ac71-b807dcd3fa42&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=635baa2c-bfb0-464c-9ee2-fe6dfd51f611&tw_document_href=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o13z4&type=javascript&version=2.3.27
IP 104.244.42.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=6683ac5d-0516-4707-ac71-b807dcd3fa42&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=635baa2c-bfb0-464c-9ee2-fe6dfd51f611&tw_document_href=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o13z4&type=javascript&version=2.3.27 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 23:07:39 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=f4bd6edd-cab3-4b5a-a384-cff24215f7a0; Max-Age=63072000; Expires=Mon, 23 Sep 2024 23:07:40 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: fdba2f43e2da1e49
strict-transport-security: max-age=0
x-response-time: 110
x-connection-hash: 64f34c1045aa5ae47bb6439c6e2157d3d93fbc3546cdd7761673f3a34fda2cc7
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=15267795&tm=gtm002&Ver=2&mid=9db3aafa-4d2d-4207-86ce-b971e3ad099d&sid=af311db03c5d11ed902e03615268b657&vid=af3121e03c5d11ed96e377e99a04a448&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Lyca%20Smart%20M%20-%20Lycamobile&p=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1&r=<=3011&evt=pageLoad&sv=1&rn=701059
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=15267795&tm=gtm002&Ver=2&mid=9db3aafa-4d2d-4207-86ce-b971e3ad099d&sid=af311db03c5d11ed902e03615268b657&vid=af3121e03c5d11ed96e377e99a04a448&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Lyca%20Smart%20M%20-%20Lycamobile&p=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1&r=<=3011&evt=pageLoad&sv=1&rn=701059
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=15267795&tm=gtm002&Ver=2&mid=9db3aafa-4d2d-4207-86ce-b971e3ad099d&sid=af311db03c5d11ed902e03615268b657&vid=af3121e03c5d11ed96e377e99a04a448&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Lyca%20Smart%20M%20-%20Lycamobile&p=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1&r=<=3011&evt=pageLoad&sv=1&rn=701059 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3591C050D7F96FCD1585D279D60C6E85; domain=.bing.com; expires=Thu, 19-Oct-2023 23:07:40 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D448C8C4585C410381024A90EC5457E2 Ref B: OSL30EDGE0510 Ref C: 2022-09-24T23:07:40Z
date: Sat, 24 Sep 2022 23:07:39 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7d3af2ee9fab725d73a32e769d9b6a88
5a6e540b98b8e96c0971e39ec9a5bde86567dbe9
c3a7b64bf14c5843d488542c79a21fbd0c37c6a01b13ee4e2752aaa6d0338c34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2499
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:40 GMT
Last-Modified: Sat, 24 Sep 2022 22:26:01 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
bat.bing.com/p/action/15267795.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/15267795.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/15267795.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=3A6669A24EE36F2431657B8B4F166E8B; domain=.bing.com; expires=Thu, 19-Oct-2023 23:07:40 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2AFDA90BD35D4505825ABC06888CC3AA Ref B: OSL30EDGE0510 Ref C: 2022-09-24T23:07:40Z
date: Sat, 24 Sep 2022 23:07:39 GMT
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6683ac5d-0516-4707-ac71-b807dcd3fa42&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=635baa2c-bfb0-464c-9ee2-fe6dfd51f611&tw_document_href=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o13z4&type=javascript&version=2.3.27
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6683ac5d-0516-4707-ac71-b807dcd3fa42&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=635baa2c-bfb0-464c-9ee2-fe6dfd51f611&tw_document_href=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o13z4&type=javascript&version=2.3.27
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=6683ac5d-0516-4707-ac71-b807dcd3fa42&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=635baa2c-bfb0-464c-9ee2-fe6dfd51f611&tw_document_href=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o13z4&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 23:07:40 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_wJs8UR7W/l4i+U2CcCsPTg=="; Max-Age=63072000; Expires=Mon, 23 Sep 2024 23:07:40 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: eb783c7dcc0d4dbf
strict-transport-security: max-age=631138519
x-response-time: 110
x-connection-hash: c44fe69e8aa5c9d3da2bd9a0ac4fd03ca3571e6efa8b11588b42ce23abdb6d31
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=538386406931299&ev=PageView&dl=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1&rl=&if=false&ts=1664060859072&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1664060859070.1570457576&it=1664060858728&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=538386406931299&ev=PageView&dl=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1&rl=&if=false&ts=1664060859072&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1664060859070.1570457576&it=1664060858728&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=538386406931299&ev=PageView&dl=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1&rl=&if=false&ts=1664060859072&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1664060859070.1570457576&it=1664060858728&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sat, 24 Sep 2022 23:07:40 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-22755827-1&cid=1537955662.1664060859&jid=1610441353&gjid=443585984&_gid=438344799.1664060859&_u=YEBAAEAAAAAAAC~&z=19142162
64.233.162.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-22755827-1&cid=1537955662.1664060859&jid=1610441353&gjid=443585984&_gid=438344799.1664060859&_u=YEBAAEAAAAAAAC~&z=19142162
IP 64.233.162.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-22755827-1&cid=1537955662.1664060859&jid=1610441353&gjid=443585984&_gid=438344799.1664060859&_u=YEBAAEAAAAAAAC~&z=19142162 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.lyca-mobile.no
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.lyca-mobile.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 24 Sep 2022 23:07:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tracker.selectivv.com/uniclick.js?defaultcampaignid=620d05b69b851500013fe531&attribution=lastpaid®viewonce=false&cookiedomain=lyca-mobile.no&cookieduration=30
85.17.54.17200 OK 5.0 kB URL HTTP/1.1 tracker.selectivv.com/uniclick.js?defaultcampaignid=620d05b69b851500013fe531&attribution=lastpaid®viewonce=false&cookiedomain=lyca-mobile.no&cookieduration=30
IP 85.17.54.17:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash e7910221398fb0f44728667851e745b8
ccae17db0ac09ef4577a1d646def200c486000e9
eeb36f1cfec8bf102d377e6ee18385de5987160d2ce963e254eae3ddc0c80292
GET /uniclick.js?defaultcampaignid=620d05b69b851500013fe531&attribution=lastpaid®viewonce=false&cookiedomain=lyca-mobile.no&cookieduration=30 HTTP/1.1
Host: tracker.selectivv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 24 Sep 2022 23:07:40 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
tracker.selectivv.com/view?clickid={clickid}&referrer=
85.17.54.17400 Bad Request 46 B URL HTTP/1.1 tracker.selectivv.com/view?clickid={clickid}&referrer=
IP 85.17.54.17:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 0e4a33c59b51dbdbf84b51054c586a9d
7cff1535efd061f8d1d5b8ac61f2c1517bc8569e
4fd44ea9678a34eca7c647ce4877e6faa94745ac95947a1eeffde864d9026204
GET /view?clickid={clickid}&referrer= HTTP/1.1
Host: tracker.selectivv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lyca-mobile.no
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx/1.21.3
Date: Sat, 24 Sep 2022 23:07:40 GMT
Content-Type: application/json
Content-Length: 46
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23ba09c14e337ac70d877d2ed33dc795
175d5155889b45711d0a9050116591ad25e74891
cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 23:07:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 890f716858b5f72587e47c5eca121cb5
91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 24 Sep 2022 23:07:40 GMT
expires: Sat, 24 Sep 2022 23:07:40 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
inv-dmp.admixer.net/dmpcnt.js?cntoid=857dd00f-c12c-43ff-be0e-596c692063d1
146.0.227.110200 OK 1.2 kB URL HTTP/1.1 inv-dmp.admixer.net/dmpcnt.js?cntoid=857dd00f-c12c-43ff-be0e-596c692063d1
IP 146.0.227.110:0
ASN #20773 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash 1b2adc02713d99d26d86a29d507c8b31
9f0b9141e71426eb2d3616b4b1ee04b24d977f86
83e7dc4de6cebc3d726bfca1b59482160cdd0edf231f5aa2e725add6f769986c
GET /dmpcnt.js?cntoid=857dd00f-c12c-43ff-be0e-596c692063d1 HTTP/1.1
Host: inv-dmp.admixer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 23:07:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
Expires: Wed, 21 Oct 2015 07:28:00 GMT
Set-Cookie: am-uid=d8efb61239f14b488f9ec09620fc062f; expires=Fri, 23 Dec 2022 23:07:40 GMT;domain=.admixer.net;path=/;secure;SameSite=None
P3P: CP="NID DSP ALL COR"
Keep-Alive: timeout=25
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22755827-1&cid=1537955662.1664060859&jid=1610441353&_u=YEBAAEAAAAAAAC~&z=100124978
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22755827-1&cid=1537955662.1664060859&jid=1610441353&_u=YEBAAEAAAAAAAC~&z=100124978
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22755827-1&cid=1537955662.1664060859&jid=1610441353&_u=YEBAAEAAAAAAAC~&z=100124978 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 23:07:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10965854962/?random=1664060859437&cv=9&fst=1664060859437&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=8&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9l0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1&tiba=Lyca%20Smart%20M%20-%20Lycamobile&auid=1897438616.1664060858&hn=www.google.com&us_privacy=1---&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10965854962/?random=1664060859437&cv=9&fst=1664060859437&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=8&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9l0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1&tiba=Lyca%20Smart%20M%20-%20Lycamobile&auid=1897438616.1664060858&hn=www.google.com&us_privacy=1---&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2676), with no line terminators
Hash e48f46ee62366237ecfec3c4c8b4cc88
e18b77fb1c342898e760c893f5923def75237c8a
4cc71221816006e89bf1f443357297548b2fdf4f06eca5282778ec98eb4ce647
GET /pagead/viewthroughconversion/10965854962/?random=1664060859437&cv=9&fst=1664060859437&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=8&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9l0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1&tiba=Lyca%20Smart%20M%20-%20Lycamobile&auid=1897438616.1664060858&hn=www.google.com&us_privacy=1---&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 23:07:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1157
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 24-Sep-2022 23:22:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 23:07:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=414460,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ff2d7c8ca70afe-OSL
my.rtmark.net/p.js?f=sync&lr=1&partner=473b8bc3bdca24c35606febcd8b32398d0535658845a248b665bbd0d9b9f9df4
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=473b8bc3bdca24c35606febcd8b32398d0535658845a248b665bbd0d9b9f9df4
IP 139.45.195.8:0
Hash 2b7b1b11c547b114ff62014920325ec3
dcfd06ea418764ac4c32c310000a0c4af864f283
ff0ba5752d3c1490c62a811381e6dabd467e5a8b9fd2101c719831c39097cd26
GET /p.js?f=sync&lr=1&partner=473b8bc3bdca24c35606febcd8b32398d0535658845a248b665bbd0d9b9f9df4 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 23:07:41 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 87bc01030ce2daaa99ed765b07ac8f14
9079bd078604f1eb8d973bdaab12b8ac3ea01ea1
ed00ac93169ec1fac95caf70c3247d0ca60e2e02ca2eb916809621c8cd78635c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 23:07:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 23:44:15 GMT
Expires: Thu, 29 Sep 2022 23:44:14 GMT
Etag: "9079bd078604f1eb8d973bdaab12b8ac3ea01ea1"
Cache-Control: max-age=433592,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ff2d7c6d26b51b-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 87bc01030ce2daaa99ed765b07ac8f14
9079bd078604f1eb8d973bdaab12b8ac3ea01ea1
ed00ac93169ec1fac95caf70c3247d0ca60e2e02ca2eb916809621c8cd78635c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 23:07:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 23:44:15 GMT
Expires: Thu, 29 Sep 2022 23:44:14 GMT
Etag: "9079bd078604f1eb8d973bdaab12b8ac3ea01ea1"
Cache-Control: max-age=433592,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ff2d7c7c9f0b61-OSL
inv-nets-eu.admixer.net/cntcm.aspx?pvOId=37c13857-4cc7-488e-a1c8-cae8364eee9a&ssp=E5485342-9239-467B-BD48-1C9876BA2A52&cntoid=857dd00f-c12c-43ff-be0e-596c692063d1&pv=1&referrer=&page=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1
146.0.227.110204 No Content 0 B URL HTTP/1.1 inv-nets-eu.admixer.net/cntcm.aspx?pvOId=37c13857-4cc7-488e-a1c8-cae8364eee9a&ssp=E5485342-9239-467B-BD48-1C9876BA2A52&cntoid=857dd00f-c12c-43ff-be0e-596c692063d1&pv=1&referrer=&page=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1
IP 146.0.227.110:0
ASN #20773 Host Europe GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cntcm.aspx?pvOId=37c13857-4cc7-488e-a1c8-cae8364eee9a&ssp=E5485342-9239-467B-BD48-1C9876BA2A52&cntoid=857dd00f-c12c-43ff-be0e-596c692063d1&pv=1&referrer=&page=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1 HTTP/1.1
Host: inv-nets-eu.admixer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lyca-mobile.no
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Cookie: am-uid=d8efb61239f14b488f9ec09620fc062f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 24 Sep 2022 23:07:41 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.lyca-mobile.no
X-XSS-Protection: 0
Keep-Alive: timeout=25
inv-nets-eu.admixer.net/dmpapxl.aspx?cntoid=857dd00f-c12c-43ff-be0e-596c692063d1&referrer=&page=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1
146.0.227.110200 OK 43 B URL HTTP/1.1 inv-nets-eu.admixer.net/dmpapxl.aspx?cntoid=857dd00f-c12c-43ff-be0e-596c692063d1&referrer=&page=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1
IP 146.0.227.110:0
ASN #20773 Host Europe GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash d3e941fe204d0a9cc5b92782bbf882c8
682a77b3dd546b61ae894285128ffba13a33cf7d
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
POST /dmpapxl.aspx?cntoid=857dd00f-c12c-43ff-be0e-596c692063d1&referrer=&page=https%3A%2F%2Fwww.lyca-mobile.no%2Fnb%2Fbundle%2Flyca-smart-m%2F%3Futm_source%3DSelectivv%26utm_medium%3Dbanner%26utm_campaign%3DNOR22070001%26utm_term%3DP5%26user_id%3D%7Bclickid%7D%26cmpid%3D5828477%26rtkcid%3D%7Bclickid%7D%26rdk%3Drk1 HTTP/1.1
Host: inv-nets-eu.admixer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lyca-mobile.no
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Cookie: am-uid=d8efb61239f14b488f9ec09620fc062f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 23:07:41 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
Expires: Wed, 21 Oct 2015 07:28:00 GMT
Set-Cookie: am-uid=d8efb61239f14b488f9ec09620fc062f; expires=Fri, 23 Dec 2022 23:07:41 GMT;domain=.admixer.net;path=/;secure;SameSite=None
P3P: CP="NID DSP ALL COR"
Keep-Alive: timeout=25
toapodazoay.com/?l=qCqekRDLtEBTXwP&s=597677140141675203&z=4479470&g=NO&svar=1664060854&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1664060854&ssk=96e053e7c6d391299042d6a4d5107a98&svarok=1&b=79056&oaid=aa3de3c98243405cbaa851ad96c05772&rdk=rk3&mprtr=1
139.45.197.153200 OK 0 B URL HTTP/2 toapodazoay.com/?l=qCqekRDLtEBTXwP&s=597677140141675203&z=4479470&g=NO&svar=1664060854&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1664060854&ssk=96e053e7c6d391299042d6a4d5107a98&svarok=1&b=79056&oaid=aa3de3c98243405cbaa851ad96c05772&rdk=rk3&mprtr=1
IP 139.45.197.153:0
POST /?l=qCqekRDLtEBTXwP&s=597677140141675203&z=4479470&g=NO&svar=1664060854&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1664060854&ssk=96e053e7c6d391299042d6a4d5107a98&svarok=1&b=79056&oaid=aa3de3c98243405cbaa851ad96c05772&rdk=rk3&mprtr=1 HTTP/1.1
Host: toapodazoay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toapodazoay.com
Connection: keep-alive
Referer: https://toapodazoay.com/?rzi=4479470&rsz=4479470&rid=
Cookie: reverse=ygqI61LkXA5-MRvmeN5yvYQZ-uRjepY-OWB2HVpw7E4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 23:07:34 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding: gzip
X-Firefox-Spdy: h2
www.lyca-mobile.no/wp-content/plugins/registration-portin-facility/vendor/jquery-ui-1.12.1.custom/jquery-ui.js
3.120.194.163200 OK 0 B URL HTTP/1.1 www.lyca-mobile.no/wp-content/plugins/registration-portin-facility/vendor/jquery-ui-1.12.1.custom/jquery-ui.js
IP 3.120.194.163:0
GET /wp-content/plugins/registration-portin-facility/vendor/jquery-ui-1.12.1.custom/jquery-ui.js HTTP/1.1
Host: www.lyca-mobile.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/nb/bundle/lyca-smart-m/?utm_source=Selectivv&utm_medium=banner&utm_campaign=NOR22070001&utm_term=P5&user_id={clickid}&cmpid=5828477&rtkcid={clickid}&rdk=rk1
Cookie: SSESS8b10154026bedacd8362ddcf85d89291=jaovgkavo8np2j7juj3ob3u364; newsim_tab=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 23:07:38 GMT
Last-Modified: Thu, 17 Jun 2021 16:25:56 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubdomains;
Vary: User-Agent,X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked
Connection: keep-alive
cdn.admixer.net/analytics/tag-manager.runtime.js
92.223.97.97200 OK 0 B URL HTTP/2 cdn.admixer.net/analytics/tag-manager.runtime.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /analytics/tag-manager.runtime.js HTTP/1.1
Host: cdn.admixer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Cookie: am-uid=d8efb61239f14b488f9ec09620fc062f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 23:07:41 GMT
content-type: application/javascript
last-modified: Mon, 12 Apr 2021 13:21:02 GMT
vary: Accept-Encoding
etag: W/"6074493e-515"
expires: Sun, 23 Jul 2023 10:46:49 GMT
cache-control: max-age=31622400
access-control-expose-headers: content-range
cache: HIT
x-cached-since: 2022-07-22T10:46:49+00:00
x-id: sto5-up-gc12
content-encoding: gzip
X-Firefox-Spdy: h2
tagstaticx.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4479469&axcusid1=7GQ79dKWK6c2YDxGB&clid={ymid}&r=http%3A%2F%2Fsettrogens.com%2Flink%3Fz%3D4479469%26var%3D7GQ79dKWK6c2YDxGB%26ymid%3DnovZVV57mP60kb578Rd7YGO5ce%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=3378
172.67.170.35200 OK 0 B URL HTTP/2 tagstaticx.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4479469&axcusid1=7GQ79dKWK6c2YDxGB&clid={ymid}&r=http%3A%2F%2Fsettrogens.com%2Flink%3Fz%3D4479469%26var%3D7GQ79dKWK6c2YDxGB%26ymid%3DnovZVV57mP60kb578Rd7YGO5ce%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=3378
IP 172.67.170.35:0
GET /r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4479469&axcusid1=7GQ79dKWK6c2YDxGB&clid={ymid}&r=http%3A%2F%2Fsettrogens.com%2Flink%3Fz%3D4479469%26var%3D7GQ79dKWK6c2YDxGB%26ymid%3DnovZVV57mP60kb578Rd7YGO5ce%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=3378 HTTP/1.1
Host: tagstaticx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 24 Sep 2022 23:07:32 GMT
content-type: text/html
last-modified: Thu, 04 Aug 2022 15:17:25 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29eLs8NUrxNLvyF%2B%2FDaLa4VjylXGZzf5XaX%2Fudsb51%2Fbblx2D9FEtTwnIdd0vyxMh8BvlslvqAzEUTXmHQHqmwyR1diRaIo4S6qbHe5KmDqFAySKABBVAOhCqIikQ3IPbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ff2d4a1de4b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
92.223.97.97200 OK 0 B URL HTTP/2 cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /analytics/tag-manager.js?m=data-from-dom HTTP/1.1
Host: cdn.admixer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lyca-mobile.no/
Cookie: am-uid=d8efb61239f14b488f9ec09620fc062f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 23:07:41 GMT
content-type: application/javascript
last-modified: Mon, 12 Apr 2021 13:21:02 GMT
vary: Accept-Encoding
etag: W/"6074493e-6e96"
expires: Thu, 24 Aug 2023 17:01:43 GMT
cache-control: max-age=31622400
access-control-expose-headers: content-range
cache: HIT
x-cached-since: 2022-08-23T17:01:43+00:00
x-id: sto5-up-gc12
content-encoding: gzip
X-Firefox-Spdy: h2