r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9622
Expires: Mon, 06 Feb 2023 15:39:05 GMT
Date: Mon, 06 Feb 2023 12:58:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18051
Expires: Mon, 06 Feb 2023 17:59:34 GMT
Date: Mon, 06 Feb 2023 12:58:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6289
Expires: Mon, 06 Feb 2023 14:43:32 GMT
Date: Mon, 06 Feb 2023 12:58:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 12:36:27 GMT
content-type: application/json
age: 1336
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UUB3ejiugPbpatcDgcjnOlHtPA0yHo0bmrUVGXQmKBVM58uQf17KVeezAxTzJlRhAom46ZOPxqk=
x-amz-request-id: 4QX36AXN9H5T8YRM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 12:24:56 GMT
age: 2027
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
mkkuei4kdsz.com/289/962.html
64.225.91.73200 OK 329 B URL HTTP/1.1 mkkuei4kdsz.com/289/962.html
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /289/962.html HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 06 Feb 2023 12:58:43 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 12:58:43 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6302
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:58:43 GMT
Last-Modified: Mon, 06 Feb 2023 11:13:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:58:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1534782
expires: Sat, 27 Jan 2024 12:58:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrmbFHh%2BBlYthHjy%2FP1%2F6u0utRAyswkoiu70kWUK8rV%2F7KonP0Vk2tFeoClhnpw6TNNxraRJ1keaslN8hKhFp29%2FiWeGi3fMLCtunKL2d1PvFhjsZmYAkdzafWWh0rxlKb2U1aXg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79540f17c932b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6302
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:58:43 GMT
Last-Modified: Mon, 06 Feb 2023 11:13:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 40e72f2b69ad985294126077b42e2e02
093256818a60163d76f23291b73bb54a472b0871
10ffa932e32ab8818f473a1bc0afacf2710f1e1e5df6288097f811bfc740ec75
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "10FFA932E32AB8818F473A1BC0AFACF2710F1E1E5DF6288097F811BFC740EC75"
Last-Modified: Sun, 05 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3657
Expires: Mon, 06 Feb 2023 13:59:40 GMT
Date: Mon, 06 Feb 2023 12:58:43 GMT
Connection: keep-alive
mkkuei4kdsz.com/favicon.ico
64.225.91.73200 OK 329 B URL HTTP/1.1 mkkuei4kdsz.com/favicon.ico
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/289/962.html
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 06 Feb 2023 12:58:44 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
domaincntrol.com/?orighost=http://mkkuei4kdsz.com/289/962.html
172.67.68.176200 OK 28 B URL HTTP/2 domaincntrol.com/?orighost=http://mkkuei4kdsz.com/289/962.html
IP 172.67.68.176:0
File type ASCII text, with no line terminators
Hash 7aae16ed70d2e07943585bbb1cd02b55
3209123510c034e6e38ca45edf14307f1375a8f5
51bfb53a70df6adc48f0670be59a16a657ab5a2bafc176973a32d5c36a4fc5d3
GET /?orighost=http://mkkuei4kdsz.com/289/962.html HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:58:44 GMT
content-type: text/javascript;charset=UTF-8
content-length: 28
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdpmAZx9xrbuNOG%2ByNN%2F11xrTfrcCTh%2FM7x3g9mIkEtCrPHfr6PNQRQyoSoZ0ngv1nYBwbv1PQhzWOQJh1LjnQ6ET5FSnCyX%2BDVy9WLh7Uwu8F57PNI6av9nrFBPtH5OJsQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79540f18cfc41c0e-OSL
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 12:51:19 GMT
age: 445
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8762
Expires: Mon, 06 Feb 2023 15:24:46 GMT
Date: Mon, 06 Feb 2023 12:58:44 GMT
Connection: keep-alive
push.services.mozilla.com/
34.216.49.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.49.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HabpQ9+C0tnzcjltnrG4UA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kpQ1kV0GS+AsAVuozHaVHBaAHpM=
ww2.mkkuei4kdsz.com/
64.190.63.136200 OK 1.3 kB IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (700)
Hash a9ce7ce6ef909b26fb530fb961c0fb11
819c64bc7cdf8582434586ac16088679abf1d311
ddf4bd4c4154e97cdc45743527981c69414fbab79886a4ddd2789124a6b682c6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Mon, 06 Feb 2023 12:58:45 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_zfi2IAQMFhbeJz7TohoVHVtJWU2hwm7Lrp9mU2CS1tg8fh6Um4KcOzzYJ6LQkNLWAjiGBQP1WU+h5qP7TrTizQ==
last-modified: Mon, 06 Feb 2023 12:58:44 GMT
x-cache-miss-from: parking-b748cdcd8-xwl5d
server: NginX
content-encoding: gzip
img.sedoparking.com/images/js_preloader.gif
205.234.175.175200 OK 4.3 kB URL HTTP/1.1 img.sedoparking.com/images/js_preloader.gif
IP 205.234.175.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:58:45 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Mon, 13 Feb 2023 12:58:45 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: M
CF4Age: 0
x-cf-tsc: 1672141863
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: bc1fdd8a6028b51020830318b162e7f1
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3NTY4ODMyNTQyMDc0YjQ0NzMzZWY0MTlhNDRiNmQ2MGI2Mjk1NWI2&crc=93f0776ab21990379d4d3b554f5c97ff6304f42f&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3NTY4ODMyNTQyMDc0YjQ0NzMzZWY0MTlhNDRiNmQ2MGI2Mjk1NWI2&crc=93f0776ab21990379d4d3b554f5c97ff6304f42f&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3NTY4ODMyNTQyMDc0YjQ0NzMzZWY0MTlhNDRiNmQ2MGI2Mjk1NWI2&crc=93f0776ab21990379d4d3b554f5c97ff6304f42f&cv=1 HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
date: Mon, 06 Feb 2023 12:58:45 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-b748cdcd8-b5wc8
server: NginX
ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D9x8DzdFlBXQ_0&v=MTIyY2EzNzI2YzkwNDg0NGM1MmQ0NmU5ZDJlNTM0MmEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNlMGY5ODQ4MTQzMDYuODU1OTkyMzIJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZTBmOTg0ODE0NTczLjY5NDE4Mzg2CTE2NzU2ODgzMjUJYWRfNjNfMA==&l=OAk1NmUwZTlhNTc0OTNlMzYzNGVjYjY4Y2U1ZjU0N2U1MgkwCTM1CTAJNzM3MzMzNGMxZDQyMzkyYzUzZTQ3NjUyZDE5YzAzZmMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzU2ODgzMjUJMC4wMDAxNjMJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
64.190.63.136302 Found 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D9x8DzdFlBXQ_0&v=MTIyY2EzNzI2YzkwNDg0NGM1MmQ0NmU5ZDJlNTM0MmEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNlMGY5ODQ4MTQzMDYuODU1OTkyMzIJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZTBmOTg0ODE0NTczLjY5NDE4Mzg2CTE2NzU2ODgzMjUJYWRfNjNfMA==&l=OAk1NmUwZTlhNTc0OTNlMzYzNGVjYjY4Y2U1ZjU0N2U1MgkwCTM1CTAJNzM3MzMzNGMxZDQyMzkyYzUzZTQ3NjUyZDE5YzAzZmMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzU2ODgzMjUJMC4wMDAxNjMJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D9x8DzdFlBXQ_0&v=MTIyY2EzNzI2YzkwNDg0NGM1MmQ0NmU5ZDJlNTM0MmEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNlMGY5ODQ4MTQzMDYuODU1OTkyMzIJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZTBmOTg0ODE0NTczLjY5NDE4Mzg2CTE2NzU2ODgzMjUJYWRfNjNfMA==&l=OAk1NmUwZTlhNTc0OTNlMzYzNGVjYjY4Y2U1ZjU0N2U1MgkwCTM1CTAJNzM3MzMzNGMxZDQyMzkyYzUzZTQ3NjUyZDE5YzAzZmMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzU2ODgzMjUJMC4wMDAxNjMJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Mon, 06 Feb 2023 12:58:45 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Mon, 06 Feb 2023 12:58:45 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D9x8DzdFlBXQ_0&v=MTIyY2EzNzI2YzkwNDg0NGM1MmQ0NmU5ZDJlNTM0MmEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNlMGY5ODQ4MTQzMDYuODU1OTkyMzIJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZTBmOTg0ODE0NTczLjY5NDE4Mzg2CTE2NzU2ODgzMjUJYWRfNjNfMA==&l=OAk1NmUwZTlhNTc0OTNlMzYzNGVjYjY4Y2U1ZjU0N2U1MgkwCTM1CTAJNzM3MzMzNGMxZDQyMzkyYzUzZTQ3NjUyZDE5YzAzZmMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzU2ODgzMjUJMC4wMDAxNjMJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
x-cache-miss-from: parking-b748cdcd8-qdwpw
server: NginX
ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D9x8DzdFlBXQ_0&v=MTIyY2EzNzI2YzkwNDg0NGM1MmQ0NmU5ZDJlNTM0MmEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNlMGY5ODQ4MTQzMDYuODU1OTkyMzIJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZTBmOTg0ODE0NTczLjY5NDE4Mzg2CTE2NzU2ODgzMjUJYWRfNjNfMA==&l=OAk1NmUwZTlhNTc0OTNlMzYzNGVjYjY4Y2U1ZjU0N2U1MgkwCTM1CTAJNzM3MzMzNGMxZDQyMzkyYzUzZTQ3NjUyZDE5YzAzZmMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzU2ODgzMjUJMC4wMDAxNjMJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
64.190.63.136302 Found 311 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D9x8DzdFlBXQ_0&v=MTIyY2EzNzI2YzkwNDg0NGM1MmQ0NmU5ZDJlNTM0MmEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNlMGY5ODQ4MTQzMDYuODU1OTkyMzIJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZTBmOTg0ODE0NTczLjY5NDE4Mzg2CTE2NzU2ODgzMjUJYWRfNjNfMA==&l=OAk1NmUwZTlhNTc0OTNlMzYzNGVjYjY4Y2U1ZjU0N2U1MgkwCTM1CTAJNzM3MzMzNGMxZDQyMzkyYzUzZTQ3NjUyZDE5YzAzZmMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzU2ODgzMjUJMC4wMDAxNjMJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1ee0b782073535575d17a2b3c04be83e
07c60bbf944bc58387a5652aa7a4d8bae626df7c
f9302d8a3242932046b71de380b028a32adc2b0646c6db233d8eea499011e5c7
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D9x8DzdFlBXQ_0&v=MTIyY2EzNzI2YzkwNDg0NGM1MmQ0NmU5ZDJlNTM0MmEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNlMGY5ODQ4MTQzMDYuODU1OTkyMzIJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZTBmOTg0ODE0NTczLjY5NDE4Mzg2CTE2NzU2ODgzMjUJYWRfNjNfMA==&l=OAk1NmUwZTlhNTc0OTNlMzYzNGVjYjY4Y2U1ZjU0N2U1MgkwCTM1CTAJNzM3MzMzNGMxZDQyMzkyYzUzZTQ3NjUyZDE5YzAzZmMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzU2ODgzMjUJMC4wMDAxNjMJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Mon, 06 Feb 2023 12:58:45 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Mon, 06 Feb 2023 12:58:45 GMT
location: http://xml.sedodna.com/click?i=9x8DzdFlBXQ_0
x-cache-miss-from: parking-b748cdcd8-qdwpw
server: NginX
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9553
Expires: Mon, 06 Feb 2023 15:37:58 GMT
Date: Mon, 06 Feb 2023 12:58:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9553
Expires: Mon, 06 Feb 2023 15:37:58 GMT
Date: Mon, 06 Feb 2023 12:58:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9553
Expires: Mon, 06 Feb 2023 15:37:58 GMT
Date: Mon, 06 Feb 2023 12:58:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9553
Expires: Mon, 06 Feb 2023 15:37:58 GMT
Date: Mon, 06 Feb 2023 12:58:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WVfpilnwhnRXBhJkHBWjxxoP09f7SqlRk8CdWRWOubIIwe0CX89bUA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:13:39 GMT
age: 53106
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5f54c8725e5dab88b12d42876fa61b12
89c734d690981e30f9d566a7763a1870724d65aa
b8cc5148ae01e1a1fe32f56bdce71de086da320cdd8a55a746609c9773fdaf77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9809
x-amzn-requestid: 533de5fa-8173-430e-a657-4386728723eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpc-VEGbIAMFSmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0ec1-4e160c5c2a46d2913cc8e71e;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:03:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BgSfqU3WmIhR8N86AEfaU7pXN7jIKs_lKJVD6yCSaJBl5AVx13e5hw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:54:03 GMT
etag: "89c734d690981e30f9d566a7763a1870724d65aa"
content-type: image/jpeg
age: 54282
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 54522
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714723c38877e0d1655c7118a88ec064
809a42ce7c76cea0ce16af8172d852723c3a5f02
6bad7253694d155de31a8f5a3c635545a39aac340ca49d1bc10efb6739d4a356
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 0054e925-c381-4737-bd92-32b2af3a604e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQHRFoAMFw6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-45ea5ee33d07326c593d21d3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ixAMZh_xOYWVESJ0jOEPOXZ4GQBDUZZsh26yEDYfl8APcBF2x2sZYg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 54522
etag: "809a42ce7c76cea0ce16af8172d852723c3a5f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13572f84ad268caedcc897f2ad7b9baf
afb91ab43953e8915a2169618d2ab5e330cde0a1
0fb8b09608dc293b2084953b948cc7d8a7aa7bcb525090a7e44d5cb2a725fab3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7851
x-amzn-requestid: 11d3fe95-844b-4e5d-b31c-f99e96e2b608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHeEIAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-602b91422dff88a750b8e3e9;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7LXNdWi5iKCUI61c2z3spsg5_DGu1jnZ4cIACc3MCmqWP57RveBMGw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 54522
etag: "afb91ab43953e8915a2169618d2ab5e330cde0a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 54516
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xml.sedodna.com/click?i=9x8DzdFlBXQ_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=9x8DzdFlBXQ_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=9x8DzdFlBXQ_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://orest-vlv.com/zcvisitor/fcfc02b2-a61d-11ed-8abe-12ec4e51fd89/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=fe5ef520-6592-11ed-9380-0a918cbcbb97
Pragma: no-cache
orest-vlv.com/zcvisitor/fcfc02b2-a61d-11ed-8abe-12ec4e51fd89/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=fe5ef520-6592-11ed-9380-0a918cbcbb97
54.237.193.255200 1.1 kB URL HTTP/1.1 orest-vlv.com/zcvisitor/fcfc02b2-a61d-11ed-8abe-12ec4e51fd89/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=fe5ef520-6592-11ed-9380-0a918cbcbb97
IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 72dddde14e273f4b711016be6a6a214d
aa8dc19f4a2e2c3e7d0bbe0461f1aadb25415c3c
243315dcd925631161e8f5f47e4c4d68e6621ad8c7c92ac23ea68b8cd91ee129
GET /zcvisitor/fcfc02b2-a61d-11ed-8abe-12ec4e51fd89/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=fe5ef520-6592-11ed-9380-0a918cbcbb97 HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 06 Feb 2023 12:58:46 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: rggrNNzR
orest-vlv.com/zcredirect?visitid=fcfc02b2-a61d-11ed-8abe-12ec4e51fd89&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
54.237.193.255200 848 B URL HTTP/1.1 orest-vlv.com/zcredirect?visitid=fcfc02b2-a61d-11ed-8abe-12ec4e51fd89&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (381)
Hash cd9d27b93ba98e65f1e1348a767a85fd
2657b83d1d7b034b681ce51f1099798bbaab43ab
6e30dbf40ad1fd431d58b3f0dd9cd2d8d590743cbf8d9197fe72e536eed63e73
GET /zcredirect?visitid=fcfc02b2-a61d-11ed-8abe-12ec4e51fd89&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/fcfc02b2-a61d-11ed-8abe-12ec4e51fd89/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=fe5ef520-6592-11ed-9380-0a918cbcbb97
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 06 Feb 2023 12:58:46 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: gBxVRXsz
orest-vlv.com/favicon.ico
54.237.193.255404 653 B URL HTTP/1.1 orest-vlv.com/favicon.ico
IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcredirect?visitid=fcfc02b2-a61d-11ed-8abe-12ec4e51fd89&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Mon, 06 Feb 2023 12:58:46 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: glpdQvRo
cartining-specute.com/zp-redirect?target=https%3A%2F%2F1.no04trckingmic.com%2Fclick%3Fpid%3D631%26offer_id%3D314%26sub1%3Dwrk543b6iq7a6cem2f9g14a2%26sub2%3D%26sub3%3D%26l%3D1661789823wrk543b6iq7a6cem2f9g14a2&caid=7dbc9d3a-61fa-4e19-a1a1-64bb0bcd0601&zpid=fcfc02b2-a61d-11ed-8abe-12ec4e51fd89&cid=wrk543b6iq7a6cem2f9g14a2&rt=R
18.197.36.77302 Found 0 B URL HTTP/2 cartining-specute.com/zp-redirect?target=https%3A%2F%2F1.no04trckingmic.com%2Fclick%3Fpid%3D631%26offer_id%3D314%26sub1%3Dwrk543b6iq7a6cem2f9g14a2%26sub2%3D%26sub3%3D%26l%3D1661789823wrk543b6iq7a6cem2f9g14a2&caid=7dbc9d3a-61fa-4e19-a1a1-64bb0bcd0601&zpid=fcfc02b2-a61d-11ed-8abe-12ec4e51fd89&cid=wrk543b6iq7a6cem2f9g14a2&rt=R
IP 18.197.36.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2F1.no04trckingmic.com%2Fclick%3Fpid%3D631%26offer_id%3D314%26sub1%3Dwrk543b6iq7a6cem2f9g14a2%26sub2%3D%26sub3%3D%26l%3D1661789823wrk543b6iq7a6cem2f9g14a2&caid=7dbc9d3a-61fa-4e19-a1a1-64bb0bcd0601&zpid=fcfc02b2-a61d-11ed-8abe-12ec4e51fd89&cid=wrk543b6iq7a6cem2f9g14a2&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://orest-vlv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 06 Feb 2023 12:58:46 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://1.no04trckingmic.com/click?pid=631&offer_id=314&sub1=wrk543b6iq7a6cem2f9g14a2&sub2=&sub3=&l=1661789823wrk543b6iq7a6cem2f9g14a2
pragma: no-cache
set-cookie: cc-v4=4VQiIQ0PdJ76XoYARfdgc9bWqlrLZfooObRtRRSfsF3IrO9zaq7EitnIhpCCccqn7FDaLDMF0TkzA1W3pxVMw2ZzlITuf26hTUCebyBNCBsLbJXaxWvdJAbTK3%2B0LUcgzr9ZN0%2BUhZZu%2FYZfbgHoJA%3D%3D; Max-Age=31536000; Expires=Tue, 06-Feb-2024 12:58:46 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 22a39557ba3f43c2704aa33641ea2c91
f361522f70bb9e1da7d958a7bf5a866178c8c879
a09d4c8f835551eb08e275fa202c44c2e3a0f32121a721ba45826217a67281d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:58:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 01:31:03 GMT
Expires: Sun, 12 Feb 2023 01:31:02 GMT
Etag: "f361522f70bb9e1da7d958a7bf5a866178c8c879"
Cache-Control: max-age=476534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79540f2c4ede0b49-OSL
1.no04trckingmic.com/click?pid=631&offer_id=314&sub1=wrk543b6iq7a6cem2f9g14a2&sub2=&sub3=&l=1661789823wrk543b6iq7a6cem2f9g14a2
34.90.46.36302 Found 0 B URL HTTP/2 1.no04trckingmic.com/click?pid=631&offer_id=314&sub1=wrk543b6iq7a6cem2f9g14a2&sub2=&sub3=&l=1661789823wrk543b6iq7a6cem2f9g14a2
IP 34.90.46.36:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=631&offer_id=314&sub1=wrk543b6iq7a6cem2f9g14a2&sub2=&sub3=&l=1661789823wrk543b6iq7a6cem2f9g14a2 HTTP/1.1
Host: 1.no04trckingmic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 0
location: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63e0f9871c3a13000149c039; expires=Tue, 06 Feb 2024 12:58:47 GMT; secure; SameSite=None
afoffers={"314":1675688327}; expires=Tue, 06 Feb 2024 12:58:47 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
185.222.108.79200 OK 12 kB URL HTTP/2 www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6411), with CRLF line terminators
Hash e737b8b8cee98709473ad6f8640f4d99
e1fca429a9b1abde3aa16ecef36ea1d8b0ab0738
c2943d8b22637e1b239b52286c76cbc7faf32d566a2652347e6cc4e0f9acd9af
GET /landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__ HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: httpd
set-cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; domain=.motenorskejenter.com; expires=Sun, 26-Mar-2023 11:58:47 GMT; path=/
ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; domain=.motenorskejenter.com; expires=Sun, 26-Mar-2023 11:58:47 GMT; path=/
MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; expires=Wed, 08-Feb-2023 12:58:47 GMT; path=/
__RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; path=/; HttpOnly
ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3;Path=/;Domain=www.motenorskejenter.com
x-aspnetmvc-version: 3.0
x-aspnet-version:
x-powered-by:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 11540
X-Firefox-Spdy: h2
www.motenorskejenter.com/Content/Landers/fontawesome/fontawesome-all.min.css?v=a0d7c241516709483e79c23334b2bd6d3621caef
185.222.108.79200 OK 20 kB URL HTTP/2 www.motenorskejenter.com/Content/Landers/fontawesome/fontawesome-all.min.css?v=a0d7c241516709483e79c23334b2bd6d3621caef
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with very long lines (65394)
Hash 69dafb2461f11ad0643eed49ef88d95c
3c834bcfd66c37046fd00580bc4298ef27c54bd0
2b4c59e4fe79433cb2158192434a377e5995e352a95db5567eeaca2b13b6f634
GET /Content/Landers/fontawesome/fontawesome-all.min.css?v=a0d7c241516709483e79c23334b2bd6d3621caef HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:54 GMT
accept-ranges: bytes
etag: "d48eb0de4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 20233
X-Firefox-Spdy: h2
www.motenorskejenter.com/Content/Landers/jquery-ui-1.12.1/jquery-ui.min.css?v=a0d7c241516709483e79c23334b2bd6d3621caef
185.222.108.79200 OK 9.8 kB URL HTTP/2 www.motenorskejenter.com/Content/Landers/jquery-ui-1.12.1/jquery-ui.min.css?v=a0d7c241516709483e79c23334b2bd6d3621caef
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with very long lines (29137)
Hash fe6c34b1df591cda0c96574c7f257443
0a62aad248c0dbbb8830db6e90641cf75a78b2b1
2374d5ef0b79f492cff9a936457a5deb9853cd9f74f01bf7e0c653e7c0e3ce7c
GET /Content/Landers/jquery-ui-1.12.1/jquery-ui.min.css?v=a0d7c241516709483e79c23334b2bd6d3621caef HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:54 GMT
accept-ranges: bytes
etag: "d0d2aade4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 9844
X-Firefox-Spdy: h2
www.motenorskejenter.com/Content/Landers/landers-default.css?v=a0d7c241516709483e79c23334b2bd6d3621caef
185.222.108.79200 OK 1.3 kB URL HTTP/2 www.motenorskejenter.com/Content/Landers/landers-default.css?v=a0d7c241516709483e79c23334b2bd6d3621caef
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 5038c461ab70a489c48ec28f138dd098
e8ab1ed9659a57f83d95bc1e6da0c5bbb213f144
389f94f065064881738443dc4b4b81547446683b2a6a75007fcbf5b31d02233b
GET /Content/Landers/landers-default.css?v=a0d7c241516709483e79c23334b2bd6d3621caef HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 15:15:48 GMT
accept-ranges: bytes
etag: "f7914a7997fad81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 1287
X-Firefox-Spdy: h2
www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
185.222.108.79200 OK 9.7 kB URL HTTP/2 www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash a85827a6da64bfadfec349ffed065d2e
d0592ac4b97aeb08dcf480338a90a0bba30ffa58
8169a9a745bc208ad3a7c74a75daab8eb6e65379ba62cf828b172b65e6b72f3d
GET /landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
expires: Sun, 04 Feb 2024 07:10:22 GMT
last-modified: Thu, 02 Feb 2023 19:17:46 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 9694
X-Firefox-Spdy: h2
www.motenorskejenter.com/Content/Landers/modal-popup.css?v=a0d7c241516709483e79c23334b2bd6d3621caef
185.222.108.79200 OK 642 B URL HTTP/2 www.motenorskejenter.com/Content/Landers/modal-popup.css?v=a0d7c241516709483e79c23334b2bd6d3621caef
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 2a3cf91ce193937fffd15431626b17a5
2599e4dd9b131811959e312048392590b2feae36
643efce94839100318eb69a589733922075c8b6f9e89d283afa9a0beba76bcee
GET /Content/Landers/modal-popup.css?v=a0d7c241516709483e79c23334b2bd6d3621caef HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:54 GMT
accept-ranges: bytes
etag: "d0d2aade4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 642
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/DisplayImage/2019_1325_160_footerlogo.png?c=6221bdd1-da8b-43b2-a48e-00e31f1fbc71
185.222.108.79200 OK 552 B URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2019_1325_160_footerlogo.png?c=6221bdd1-da8b-43b2-a48e-00e31f1fbc71
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type PNG image data, 29 x 10, 8-bit colormap, non-interlaced\012- data
Hash e2d18104fb00ce266f0ef2e76f735219
e396ab6b693de90ab0b37c00adaf60e4e95f99fc
de240d711f7f63a63f704cdc6c70d1e89e206d4a0c62889caf7500e50f157d12
GET /Landers/DisplayImage/2019_1325_160_footerlogo.png?c=6221bdd1-da8b-43b2-a48e-00e31f1fbc71 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/png
expires: Sun, 04 Feb 2024 07:10:22 GMT
last-modified: Mon, 07 Oct 2019 13:56:01 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 552
X-Firefox-Spdy: h2
www.motenorskejenter.com/Content/Landers/jquery-ui-1.12.1/jquery-ui.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef
185.222.108.79200 OK 91 kB URL HTTP/2 www.motenorskejenter.com/Content/Landers/jquery-ui-1.12.1/jquery-ui.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with very long lines (32074)
Hash d42c336053327b851f6b0f46647223f6
cfa3258c251e1c5d93bff2c2789a947e35f48cc7
0c400c92206c20de505b7f327ad5d8de77b66806492565cca629eda7118f4add
GET /Content/Landers/jquery-ui-1.12.1/jquery-ui.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:54 GMT
accept-ranges: bytes
etag: "5999b6de4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 91268
X-Firefox-Spdy: h2
www.motenorskejenter.com/Scripts/APIScripts/APILandersSignup.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef
185.222.108.79200 OK 12 kB URL HTTP/2 www.motenorskejenter.com/Scripts/APIScripts/APILandersSignup.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with very long lines (36867), with no line terminators
Hash 54a1da9c8142bf4eefae2e38c137795c
71a45053fe7e7233f27ef6bc2c64eb3b89a57616
ddfd1baa38329a39a9037ff4fe39b498a39db763c8a52d1a06aa6dd000e71639
GET /Scripts/APIScripts/APILandersSignup.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 17 Oct 2022 11:22:09 GMT
accept-ranges: bytes
etag: "25e740b21ae2d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 12124
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:58:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:58:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.motenorskejenter.com/Scripts/APIScripts/APICookieFunctions.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef
185.222.108.79200 OK 515 B URL HTTP/2 www.motenorskejenter.com/Scripts/APIScripts/APICookieFunctions.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with very long lines (602), with no line terminators
Hash aa89779ff46171a494219e66429d2736
324e2364ca8f4f2de73a26676bd2b3fb7af83b97
824e5e6151075e795344346f116467aa22e01709179943bd1d6cea2fbcea4824
GET /Scripts/APIScripts/APICookieFunctions.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:56 GMT
accept-ranges: bytes
etag: "8d9a13e04ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 515
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/GetJavascript/1325?countryId=160&c=d3d11de7-e90d-45cc-a651-e37d54e4f3e4
185.222.108.79200 OK 716 B URL HTTP/2 www.motenorskejenter.com/Landers/GetJavascript/1325?countryId=160&c=d3d11de7-e90d-45cc-a651-e37d54e4f3e4
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with CRLF line terminators
Hash af9e146a5236ee89a3ca7335033bc2c6
ed66ea42374c5427ef228abff24495380fbf0c9d
7beebfb0406f5f2dbafd4d46d9ad53ae25b5c6004fa12c24f77b3cddc00b40a7
GET /Landers/GetJavascript/1325?countryId=160&c=d3d11de7-e90d-45cc-a651-e37d54e4f3e4 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Sun, 04 Feb 2024 07:10:22 GMT
last-modified: Thu, 02 Feb 2023 19:17:46 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 716
X-Firefox-Spdy: h2
www.motenorskejenter.com/Scripts/ExternalScoringService/ExternalScoringService.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef
185.222.108.79200 OK 484 B URL HTTP/2 www.motenorskejenter.com/Scripts/ExternalScoringService/ExternalScoringService.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with very long lines (500)
Hash 6b53b65cce940f1d71a3d21a06d88aef
9e903f441d3b6a7a1c6adb9a0ce1d79a7cefb9f5
9e67aa64d97d39c52cdfdff6f2a79af415f1a39f4871099d0728727a31c5f62e
GET /Scripts/ExternalScoringService/ExternalScoringService.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=7776000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:57 GMT
accept-ranges: bytes
etag: "66494fe04ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 484
X-Firefox-Spdy: h2
www.motenorskejenter.com/Scripts/ExternalScoringService/EHawkTalon.js?v=a0d7c241516709483e79c23334b2bd6d3621caef
185.222.108.79200 OK 17 kB URL HTTP/2 www.motenorskejenter.com/Scripts/ExternalScoringService/EHawkTalon.js?v=a0d7c241516709483e79c23334b2bd6d3621caef
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (22228), with CRLF line terminators
Hash 0e64756cd3ae508f4bbb1d3e983d6ec9
8d5a6f62cfa307827db2f53b582c552db0e7ff57
efefe1d4bc68844f7f4686d8ee5f4da92f99506bb769dc565aee8412a9c0653d
GET /Scripts/ExternalScoringService/EHawkTalon.js?v=a0d7c241516709483e79c23334b2bd6d3621caef HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=7776000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:57 GMT
accept-ranges: bytes
etag: "20864ee04ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 17439
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?onload=GCOnLoadCallBack
142.250.74.132200 OK 579 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=GCOnLoadCallBack
IP 142.250.74.132:0
File type ASCII text, with very long lines (909), with no line terminators
Hash 537ed749f34c2d1a273436ddbf36d711
15a8fb9f2cca25db10d0f3fdc835729b20bc2b39
ab9b966ba210a3076a9b1caa93750695c5fa67227696f0b82663fe7f2d68aad3
GET /recaptcha/api.js?onload=GCOnLoadCallBack HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 06 Feb 2023 12:58:47 GMT
date: Mon, 06 Feb 2023 12:58:47 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-P3PN8TQ
172.217.21.168200 OK 63 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-P3PN8TQ
IP 172.217.21.168:0
File type ASCII text, with very long lines (6140)
Hash a7698db93cdc867aea0332ba2c864661
108185cdc697d2740c5ce71942170c5e32f8da73
965e74eb9ad4f5f8fd3d882475ce546f607e79142e1b4c672d569c04857e0bb4
GET /gtm.js?id=GTM-P3PN8TQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 12:58:48 GMT
expires: Mon, 06 Feb 2023 12:58:48 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 63121
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:58:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.motenorskejenter.com/Scripts/jquery-3.1.1.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef
185.222.108.79200 OK 40 kB URL HTTP/2 www.motenorskejenter.com/Scripts/jquery-3.1.1.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type Unicode text, UTF-8 text, with very long lines (65266)
Hash a41c4155df999613d1ffc5cbc8beab8d
cbca27587222173118ee6245c870d6cd9668b3b7
c2068251a72fc8259ceb1f6a1eb20c6860c81761e14a13e1e131a07fe4985bce
GET /Scripts/jquery-3.1.1.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=7776000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:56 GMT
accept-ranges: bytes
etag: "d88effdf4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 39515
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-TBF4SKT&l=newDataLayer
172.217.21.168200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TBF4SKT&l=newDataLayer
IP 172.217.21.168:0
File type ASCII text, with very long lines (1759)
Hash 0f9d52da259129137e3aeffa5af91016
84c28dc05a42a7a38151a7ef46189f52ef18b86e
460302e9f932b6734da26920fcaabbb6d3d8df4fc87a93d3310cbf9f370f7b3a
GET /gtm.js?id=GTM-TBF4SKT&l=newDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 12:58:48 GMT
expires: Mon, 06 Feb 2023 12:58:48 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38091
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:58:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_sprite-icons.png?c=8858dd8b-f1fa-40b9-b955-a840010ca6cf
185.222.108.79200 OK 13 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_sprite-icons.png?c=8858dd8b-f1fa-40b9-b955-a840010ca6cf
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type PNG image data, 241 x 217, 8-bit/color RGBA, non-interlaced\012- data
Hash 9b71759f08141db8fdbe17cf10554ffd
5d9cc4cd25a359dfaacc3fc32e57ee6e303f0051
c134236c058b0fc67e1b0c9ff2677bba26d61403e77627f4c897f21183562ecb
GET /Landers/DisplayImage/2020_1325_160_sprite-icons.png?c=8858dd8b-f1fa-40b9-b955-a840010ca6cf HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/png
expires: Sun, 04 Feb 2024 07:10:23 GMT
last-modified: Mon, 23 Nov 2020 15:34:43 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 13297
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_spritethumbs.jpg?c=91e46f4d-1aa4-4aaa-87fb-db9fa5f5aa57
185.222.108.79200 OK 22 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_spritethumbs.jpg?c=91e46f4d-1aa4-4aaa-87fb-db9fa5f5aa57
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x1250, components 3\012- data
Hash 42ff332b55cd131984c597327ed43dea
7fb54e1d6cd6f75a5202bf58cc5db9bf882df832
cd06ea0c96a20ff45504ae1c57d50416e5de0aa2f4ac2c8124d2146b75da77b8
GET /Landers/DisplayImage/2020_1325_160_spritethumbs.jpg?c=91e46f4d-1aa4-4aaa-87fb-db9fa5f5aa57 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/jpeg
expires: Sun, 04 Feb 2024 07:10:23 GMT
last-modified: Mon, 23 Nov 2020 15:34:49 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 22262
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:58:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide01.jpg?c=51adcfdb-6b8d-48d1-85f8-4ad601e09fc8
185.222.108.79200 OK 37 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide01.jpg?c=51adcfdb-6b8d-48d1-85f8-4ad601e09fc8
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x604, components 3\012- data
Hash 17b23ee00b30b0d9dc2ed950d8417f7e
017617fef4a0e7cb2785975b0ef917d448b25407
2e21c332f1c02b7e494e57705bb294ca8ff159a88e00e911e8dde292e67ae814
GET /Landers/DisplayImage/2020_1325_160_imageslide01.jpg?c=51adcfdb-6b8d-48d1-85f8-4ad601e09fc8 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/jpeg
expires: Sun, 04 Feb 2024 07:10:23 GMT
last-modified: Mon, 23 Nov 2020 15:34:07 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 36686
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide02.jpg?c=eb28dad9-e8c4-4a09-b74f-980819c070f3
185.222.108.79200 OK 26 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide02.jpg?c=eb28dad9-e8c4-4a09-b74f-980819c070f3
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x604, components 3\012- data
Hash 2516f50dc3ef7805aab58c61bdb56795
e0e191429642aabc0f9cd14c2dd41ab4f77faa19
4a4e1e3da45aacaf275a732805c2295778b1270c492493b28b56eb4b26963777
GET /Landers/DisplayImage/2020_1325_160_imageslide02.jpg?c=eb28dad9-e8c4-4a09-b74f-980819c070f3 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/jpeg
expires: Sun, 04 Feb 2024 07:10:23 GMT
last-modified: Mon, 23 Nov 2020 15:34:11 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 25722
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide03.jpg?c=dc692280-edb5-4a0e-a356-260cf8b01cf0
185.222.108.79200 OK 37 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide03.jpg?c=dc692280-edb5-4a0e-a356-260cf8b01cf0
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x604, components 3\012- data
Hash e15aed53b2e37eb06758351ca0827ae1
7d38e0c356827fdd6e17f61c4dc7430d49ac35af
78b30456af5d324e7f47781001acd8bd748828782570c716de37f99c7556fe4c
GET /Landers/DisplayImage/2020_1325_160_imageslide03.jpg?c=dc692280-edb5-4a0e-a356-260cf8b01cf0 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/jpeg
expires: Sun, 04 Feb 2024 07:10:23 GMT
last-modified: Mon, 23 Nov 2020 15:34:16 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 36739
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide04.jpg?c=62b5a52c-7c0a-476a-ab5c-41b40f6ab373
185.222.108.79200 OK 27 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide04.jpg?c=62b5a52c-7c0a-476a-ab5c-41b40f6ab373
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x604, components 3\012- data
Hash 9840627b617a3dff4e3e93c839c2a045
9745370bdb912c7e7ee33bf56510be449e67d3c5
c13974fb4021aab1322a35a242c8000abf760064cbbca6ede007165a3b27238e
GET /Landers/DisplayImage/2020_1325_160_imageslide04.jpg?c=62b5a52c-7c0a-476a-ab5c-41b40f6ab373 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/jpeg
expires: Sun, 04 Feb 2024 07:10:23 GMT
last-modified: Mon, 23 Nov 2020 15:34:21 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 27446
X-Firefox-Spdy: h2
www.motenorskejenter.com/Content/Landers/webfonts/fa-solid-900.woff2
185.222.108.79200 OK 118 kB URL HTTP/2 www.motenorskejenter.com/Content/Landers/webfonts/fa-solid-900.woff2
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type Web Open Font Format (Version 2), TrueType, length 117536, version 329.-17761\012- data
Size 118 kB (117536 bytes)
Hash e57324a466c24a207fd9ad0f5f5e3c9c
2f9b04644e684a6bb1033e297cc474c57aa267f2
5538a328926c9517ffb8670fccce94f6137d58c21ff4b10ecd772abfa16a012b
GET /Content/Landers/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.motenorskejenter.com/Content/Landers/fontawesome/fontawesome-all.min.css?v=a0d7c241516709483e79c23334b2bd6d3621caef
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/font-woff2
last-modified: Fri, 29 Jul 2022 13:26:55 GMT
accept-ranges: bytes
etag: "771516df4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 117536
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:58:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:58:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.motenorskejenter.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 02:42:35 GMT
expires: Wed, 31 Jan 2024 02:42:35 GMT
cache-control: public, max-age=31536000
age: 555373
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.35200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.motenorskejenter.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 04:05:29 GMT
expires: Tue, 06 Feb 2024 04:05:29 GMT
cache-control: public, max-age=31536000
age: 31999
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:58:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.motenorskejenter.com/Scripts/APIScripts/APIcaller.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef
185.222.108.79200 OK 2.2 kB URL HTTP/2 www.motenorskejenter.com/Scripts/APIScripts/APIcaller.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with very long lines (5619), with no line terminators
Hash 824c0c3b3bbb5602f317dde984081fea
f64e2e1cd5876d9987f884681d5095fd52e90f06
39df17b35c11c7d809597f61e9bff11b84997e2456536e62ac76fd1df6a0c3e7
GET /Scripts/APIScripts/APIcaller.min.js?v=a0d7c241516709483e79c23334b2bd6d3621caef HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:56 GMT
accept-ranges: bytes
etag: "196212e04ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 2215
X-Firefox-Spdy: h2
www.motenorskejenter.com/views/_customs/_bpb/ml/mle9/main/images/favicon.ico?v=a0d7c241516709483e79c23334b2bd6d3621caef
185.222.108.79200 OK 1.2 kB URL HTTP/2 www.motenorskejenter.com/views/_customs/_bpb/ml/mle9/main/images/favicon.ico?v=a0d7c241516709483e79c23334b2bd6d3621caef
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 667f44f56e8a33771a7972f4d34c826e
2aea5fada9366377348fea3da3c4e1a30bd3c8a6
35007e3b9b76d719e791ca2316c7ad245430b9f2ad2be20ecb3e816246d50551
GET /views/_customs/_bpb/ml/mle9/main/images/favicon.ico?v=a0d7c241516709483e79c23334b2bd6d3621caef HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=7776000
content-type: image/x-icon
last-modified: Fri, 29 Jul 2022 13:27:10 GMT
accept-ranges: bytes
etag: "9fe70e84ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 1150
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
142.250.74.99200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.motenorskejenter.com
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 15:04:06 GMT
expires: Mon, 05 Feb 2024 15:04:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 78882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 06 Feb 2023 11:44:08 GMT
expires: Mon, 06 Feb 2023 13:44:08 GMT
cache-control: public, max-age=7200
age: 4480
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/GetEmailProviders?countryId=160
185.222.108.79200 OK 2.6 kB URL HTTP/2 www.motenorskejenter.com/Landers/GetEmailProviders?countryId=160
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type JSON data\012- , ASCII text, with very long lines (2584), with no line terminators
Hash 2c307d337e2268c62f138b71595b0964
836736e096e8a8e4c4e8ceaa5bace5c61b3533ec
723a876f3c193e870165ab4e1659656d5bbc6dcb7d832054f843e42129f458a0
GET /Landers/GetEmailProviders?countryId=160 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63e0f9871c3a13000149c039&pi=314_631__
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3; _gcl_au=1.1.298213962.1675688373
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: application/json; charset=utf-8
expires: Sun, 04 Feb 2024 03:25:13 GMT
last-modified: Thu, 02 Feb 2023 19:23:10 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 2584
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_bgbtnfemale.png?c=0b9166df-ff27-42e5-8775-8a5e655e4707
185.222.108.79200 OK 2.0 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_bgbtnfemale.png?c=0b9166df-ff27-42e5-8775-8a5e655e4707
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type PNG image data, 80 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash 4a66304dbc6330dea9bce47045e8cd47
3a20238c81257043a91a84e950d63cd7e6918408
a68f73561fe094b562c154813d9a7938790f09f3366eac11bae2e1bc01de0ada
GET /Landers/DisplayImage/2020_1325_160_bgbtnfemale.png?c=0b9166df-ff27-42e5-8775-8a5e655e4707 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3; _gcl_au=1.1.298213962.1675688373
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/png
expires: Sun, 04 Feb 2024 07:10:23 GMT
last-modified: Mon, 23 Nov 2020 15:34:25 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 2003
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_bgbtnmale.png?c=a0112eee-72f1-435d-8b69-316fab07ad70
185.222.108.79200 OK 1.9 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_bgbtnmale.png?c=a0112eee-72f1-435d-8b69-316fab07ad70
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type PNG image data, 80 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash 26c0a0d619be855ef507fe2682d92d03
de0a3621d65a3c9f5d4006542643bf1941095634
986e8143ddc49d4587ab23ce2c8f9b9fe0ec54052ddd70dd86b43c58f5bf3dd8
GET /Landers/DisplayImage/2020_1325_160_bgbtnmale.png?c=a0112eee-72f1-435d-8b69-316fab07ad70 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=Yo5LS9ZxuKWVyfDWhx0qMoSBp-Ae5tqGKsv2lVzG6BB28DyZxEigmjZZWMw6at-3hXHGnSga9Q0bImKd_KEQzrzyfFTcggmfqVRCHjkfJvXh5oZZhbzgjorDOzRTYPMl9FDj00TLrt8DMBz9G21bgampL3cSfffdPCTo2q10ScZlIC05R25uD-VSUH_xSf2qClocEi6OC3D7mpTdbjaRR2xsUgGU3b0g_9L9dKiHLvo1; MCC=EDhe1QpnduXp5s13EO9lBqSBM_LMu_ioLoBy6U9qBLl6jmezBihzEbcr7OJ6A8mwGstbtptv9EjsseWpfSfvSkQRv0jmoti7u3CmcRwNKK9RLJ1mn3kR_aJulmkaUh6CLvro3gGDYBxgVhy2PwGUpKT7RQyltzzUH5h612IAmYzxyYUaQT3s5YPK4tf_G117MEv_thrn_e2Xi-McT76prql5Z9L1C8LqbDQxIDAKr962eY4nlllQ6Do14w7DftITTzWbXcOLx8KUOCMzlbz8igTdX8WQ9gkIbY-Dhb9kjyQr_QoBMx8_XxbsVTTflKpptXL842_cnn1I51aKjnTJHtppGEKeBbC_xopqdRI0EcD949w1PEFPfBifH8NRgH1EK7qqPPK9_A7LeK6_tYlDclHFSRABnN45-FSOU74hYneQLbzlIduDZasvto72odeY0; __RequestVerificationToken=VYIE8CcwYE8Ms3qqupy-xJQ6Rgh4kDuNzV4SFTKrapvFwUkkwh_4jfbOm8uS2Tg3YPnlYbNNM4q1vfUlR9rudIPBGTpicEUY3ZctAI43h7Q1; ARRAffinity=0a28ac168f4d2485cc7d4afd4cd1eed9a05da3c26477f465a494db75b21ecaa3; _gcl_au=1.1.298213962.1675688373
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/png
expires: Sun, 04 Feb 2024 07:10:23 GMT
last-modified: Mon, 23 Nov 2020 15:34:34 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Mon, 06 Feb 2023 12:58:47 GMT
content-length: 1921
X-Firefox-Spdy: h2
ads.exoclick.com/tag_gen.js
205.185.216.42200 OK 515 B URL HTTP/1.1 ads.exoclick.com/tag_gen.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (1030), with no line terminators
Hash 628e0302068ade64b5f411f39d5ce7e5
ff1a609269f34bad5ae67ed1678df3f7b905d018
c583ceaeae2e9a05e25c27b61520710f16b8b98ca7f9087a75ae90a040b8bc3f
GET /tag_gen.js HTTP/1.1
Host: ads.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 12:58:48 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 515
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"a56c0470b9aa925085e51a6271a"
X-HW: 1675688328.dop232.sk1.t,1675688328.cds003.sk1.shn,1675688328.dop232.sk1.t,1675688328.cds251.sk1.c
Access-Control-Allow-Origin: *, *
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:58:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-69440332-16&cid=2051181171.1675688373&jid=314597355&gjid=283829049&_gid=1713818282.1675688373&_u=YEBAAAAAAAAAAC~&z=623556210
74.125.131.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-69440332-16&cid=2051181171.1675688373&jid=314597355&gjid=283829049&_gid=1713818282.1675688373&_u=YEBAAAAAAAAAAC~&z=623556210
IP 74.125.131.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-69440332-16&cid=2051181171.1675688373&jid=314597355&gjid=283829049&_gid=1713818282.1675688373&_u=YEBAAAAAAAAAAC~&z=623556210 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.motenorskejenter.com
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.motenorskejenter.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Feb 2023 12:58:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:58:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:58:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-69440332-16&cid=2051181171.1675688373&jid=314597355&_u=YEBAAAAAAAAAAC~&z=949010978
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-69440332-16&cid=2051181171.1675688373&jid=314597355&_u=YEBAAAAAAAAAAC~&z=949010978
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-69440332-16&cid=2051181171.1675688373&jid=314597355&_u=YEBAAAAAAAAAAC~&z=949010978 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 12:58:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:58:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Poppins:400,700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:400,700&display=swap
IP 142.250.74.106:0
GET /css?family=Poppins:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 12:58:47 GMT
date: Mon, 06 Feb 2023 12:58:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2