www.postnord.no/kundeservice
104.18.38.9301 Moved Permanently 159 B URL HTTP/1.1 www.postnord.no/kundeservice
IP 104.18.38.9:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 134cde57ce2051a7f4be69606228c7ef
1064b2f56a3dc58e492cabf4ddf208e5859f2cf6
5e3075e1f8bee5aec0d48886bbb93f3a09584370091d3cffc23dc0eb7f26faa9
GET /kundeservice HTTP/1.1
Host: www.postnord.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Sep 2022 18:43:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 159
Connection: keep-alive
Location: https://www.postnord.no/kundeservice
Set-Cookie: ARRAffinity=abd7c4840ba964924efab1042419df7a54898eed822d8ed3e504734b7322b016;Path=/;HttpOnly;Domain=www.postnord.no
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751ea0a659aab515-OSL
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 18:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UJW_AhxiatygN23fFYvd3_4bZtfnwWD5Y2b-SgSH7iftDVWU9wK3Aw==
Age: 1697
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 490c003436e215e91596f285fcba92f5
0c4c9a5802e7cdb699f4918c252dbdf8431c25ec
9fe6beb1cb3851018168765a243b6de69ec71d30770f8c2dcc57cae7d9978cc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FE6BEB1CB3851018168765A243B6DE69EC71D30770F8C2DCC57CAE7D9978CC1"
Last-Modified: Wed, 28 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5622
Expires: Wed, 28 Sep 2022 20:17:38 GMT
Date: Wed, 28 Sep 2022 18:43:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OR5I6jKwYUYSubFHfBxYEoVxLJ4A-k-eYkS2olDMPp9s4xXJmcSguw==
age: 47730
X-Firefox-Spdy: h2
www.postnord.no/kundeservice
172.64.149.247301 Moved Permanently 163 B URL HTTP/2 www.postnord.no/kundeservice
IP 172.64.149.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ba64cfe9bc98a362cd6d0675dad73ead
465eb4e7c6053764804b8e07ea13b36464739f06
5720aa3ea6a5d4d6c9244e2ffccba351ee798ae892b051366e3c42d0a342c7f6
GET /kundeservice HTTP/1.1
Host: www.postnord.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Wed, 28 Sep 2022 18:43:56 GMT
content-type: text/html; charset=utf-8
content-length: 163
location: https://my.postnord.no/privat/customer-service
access-control-expose-headers: Request-Context
cache-control: no-cache
expires: -1
pragma: no-cache
request-context: appId=cid-v1:52451d68-9d0b-40cc-963e-f52e97d476f1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin
set-cookie: .ASPXANONYMOUS=F05l9CtUFHHKLXr4eQ5pIDti4aMITbNo9o5sOSVZcWGnj6T95fooptnQQPyWQBXraOnILHR81Brc5guM-QySzi0TN3I0XJZP7kJDN4QnBp9gyPaHPaMg-z_9ESJ1a1XssJ1V9QUR-BdPDsQGOGkJFQ2; expires=Wed, 07-Dec-2022 05:23:56 GMT; path=/; HttpOnly
ARRAffinity=abd7c4840ba964924efab1042419df7a54898eed822d8ed3e504734b7322b016;Path=/;HttpOnly;Secure;Domain=www.postnord.no
ARRAffinitySameSite=abd7c4840ba964924efab1042419df7a54898eed822d8ed3e504734b7322b016;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.postnord.no
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751ea0a86bffb4ee-OSL
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:43:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 73c9f38816a33a048d29c982753a7219
94b74d72dcbdbe794d9898c4ceb9a1cdf751df51
347b4f8031a1d4a8f41c40095a2f4cdae56364d3696e6852810f50b79bd299b7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:43:57 GMT
Last-Modified: Wed, 28 Sep 2022 17:24:53 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3IAAQ4hKWwpvrSuVheXWJjLUbZxBCD6jVykMah8oSZV-X2n-61PCRg==
Age: 4744
my.postnord.no/privat/customer-service
16.170.70.26301 Moved Permanently 314 B URL HTTP/2 my.postnord.no/privat/customer-service
IP 16.170.70.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fe3dcc4ea5e2e12c903f06fe976be637
dd6e97e166c73a016bfe0f9cff8c00459dbdcb39
26be600ca30c273714176264dc5820674fddb76273f017147fba60fa2d7b0f53
GET /privat/customer-service HTTP/1.1
Host: my.postnord.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: awselb/2.0
content-type: text/html; charset=UTF-8
content-length: 314
location: https://my.postnord.no/customer-service
set-cookie: postnord_session=eyJpdiI6InVER2FlWnNKQ1VDaVlaVWlDU2pLdVE9PSIsInZhbHVlIjoiS0hTSVdtbUNxNm5WOHY1Zk5WUW0yQU1jWTJ6c0FMeHZaV2syT1l5V09NLys1M3JtTVUxaHR5cWZoMk1ScUFTbGFnd2lDcWFXSmNIaHViTEgxNUdaSFBwa0JnMnRFTCtlZitZeC9HUThienVNOUk0ZTZZN01COWZ5Z1d5dkRqdHgiLCJtYWMiOiIxZmY5OGUzZWFlM2I4MTZlOGUxZjRhMzJjYWFhZTUzNTdkZDI3YTdhZWRiNmFiZWI0ZTk5OTBiODBkODJjZjAxIiwidGFnIjoiIn0%3D; expires=Thu, 30-Mar-2023 09:37:57 GMT; Max-Age=15778440; path=/; secure; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6InhIYk5kalJObFdvaDczR2FaaENpdWc9PSIsInZhbHVlIjoiVlUyVytDVzJFZHNTY1VISkY5ckkzVjkyNHIyNFVrMXNYczBIaURkeW93c2JBVXBmQ0FNQW5OZjZrR2JTc2ZuTnhhSFBESXBNNHltQXBDZ2wra1FwYjlXd2p0Y0d3NEd2eUwvSktrNHp6aGg5dkZuY09RQzdHWE1lVy9OeUpVVTYiLCJtYWMiOiJmMWEzMTJjZmVlMmMwNGFlMGRlZmY2OTA1YTYxN2UxNGY1NTFmZWZhNjI4YTAzZWM0ZWJkZTM2Y2RjNTYyMTA4IiwidGFnIjoiIn0%3D; expires=Thu, 30-Mar-2023 09:37:57 GMT; Max-Age=15778440; path=/; secure; samesite=lax
date: Wed, 28 Sep 2022 18:43:57 GMT
X-Firefox-Spdy: h2
my.postnord.no/customer-service
16.170.70.26200 OK 26 kB URL HTTP/2 my.postnord.no/customer-service
IP 16.170.70.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (17359)
Hash fb2695907b12cf8a645be0e0ae818d65
c2c4a252fa34a379f338780d9bb1e40e0ef4d5c8
d5429410112769e2417ee44d0259a700d7c6dd12ce5df8786470cab912a2833a
GET /customer-service HTTP/1.1
Host: my.postnord.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: postnord_session=eyJpdiI6InVER2FlWnNKQ1VDaVlaVWlDU2pLdVE9PSIsInZhbHVlIjoiS0hTSVdtbUNxNm5WOHY1Zk5WUW0yQU1jWTJ6c0FMeHZaV2syT1l5V09NLys1M3JtTVUxaHR5cWZoMk1ScUFTbGFnd2lDcWFXSmNIaHViTEgxNUdaSFBwa0JnMnRFTCtlZitZeC9HUThienVNOUk0ZTZZN01COWZ5Z1d5dkRqdHgiLCJtYWMiOiIxZmY5OGUzZWFlM2I4MTZlOGUxZjRhMzJjYWFhZTUzNTdkZDI3YTdhZWRiNmFiZWI0ZTk5OTBiODBkODJjZjAxIiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6InhIYk5kalJObFdvaDczR2FaaENpdWc9PSIsInZhbHVlIjoiVlUyVytDVzJFZHNTY1VISkY5ckkzVjkyNHIyNFVrMXNYczBIaURkeW93c2JBVXBmQ0FNQW5OZjZrR2JTc2ZuTnhhSFBESXBNNHltQXBDZ2wra1FwYjlXd2p0Y0d3NEd2eUwvSktrNHp6aGg5dkZuY09RQzdHWE1lVy9OeUpVVTYiLCJtYWMiOiJmMWEzMTJjZmVlMmMwNGFlMGRlZmY2OTA1YTYxN2UxNGY1NTFmZWZhNjI4YTAzZWM0ZWJkZTM2Y2RjNTYyMTA4IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: awselb/2.0
content-type: text/html; charset=UTF-8
content-length: 25558
set-cookie: postnord_session=eyJpdiI6IlpyWjBQQ1owNFZHenBqL2tIcmwvRWc9PSIsInZhbHVlIjoiOHppUndJVk9xU2lHS3Rvb2FVVm5FbHUrb3dvM2JhVWY0M1ZCVkV1N2JhZGNiV1loSzluaEt6dkhVcnF6MVdhcWxiT2o3ZDdJRElSSzR3bC9NOUUxU1duRlF1SElqRFJORWFvTHErLzBBT3B2Mmp1ajJENHB1OS9qaDlPY1pzWmwiLCJtYWMiOiJiOTkwMTNjYTExODM4ZTAwYmY2OTljMDE4ODE1MDk5ZTZhZjJhMjQ4ZWRiODc3ZTdhMDIwYzViZDczYzM2ODM3IiwidGFnIjoiIn0%3D; expires=Thu, 30-Mar-2023 09:37:57 GMT; Max-Age=15778440; path=/; secure; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6IndMb0h0c1doWXlzeFhLSHZsY0hVSkE9PSIsInZhbHVlIjoiRVBpcm1qZFlyWlk0YXhRR1FYSjFYOXNYelBSMmZra2o5RVJ6VWhON3pGWm5JUzBhQkN2dFhqeTJHSmpZUjRWYXJsSnArMEJUTFZPbEVNYTdaQWl0OW10alM2SlNYeDBwdnlyM2pRd1d5QnNvaDk1ZmZybjk3UW5jaWVHVWx4bHUiLCJtYWMiOiJhZWQ0ZmE5NjNmOWRjNmYwMmExNjBlNWJjOWZmODAzZDJkNDMxOTIzNTQzYzY5ZjQ4YjI2ODM0NTE4MzAzZWVmIiwidGFnIjoiIn0%3D; expires=Thu, 30-Mar-2023 09:37:57 GMT; Max-Age=15778440; path=/; secure; samesite=lax
date: Wed, 28 Sep 2022 18:43:57 GMT
cache-control: no-cache, private
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 18:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 19:25:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jvGh3-PCyIKJCBP1ayBwUb9yf8VZDeR3rzrAUwJulS2IFLMgPrg0XA==
Age: 864
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ea0a0d044398ade016618b0305015185
025a1aab370c0983c9e2a4f45ca5c3fb7f78c662
111b5b3d3899618c7a6d7a1fb4c83d8a7449586749344e432779ef3b74d3bb09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "111B5B3D3899618C7A6D7A1FB4C83D8A7449586749344E432779EF3B74D3BB09"
Last-Modified: Tue, 27 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2179
Expires: Wed, 28 Sep 2022 19:20:16 GMT
Date: Wed, 28 Sep 2022 18:43:57 GMT
Connection: keep-alive
dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/css/web.css?id=de37d6014bfa4106a04b2be81db15bcd
143.204.42.41200 OK 14 kB URL HTTP/2 dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/css/web.css?id=de37d6014bfa4106a04b2be81db15bcd
IP 143.204.42.41:0
File type ASCII text, with very long lines (59614)
Hash b64dad0172e79f9d4e72adc1a2497906
a301f87dd1bf9cd87baa9666e15b857a27c04f8c
a8cea6109b13f0742faae5077d74256236f9c16690e0beef58ea419fa2ede582
GET /aae28833-6d00-44b7-a539-c38732613307/css/web.css?id=de37d6014bfa4106a04b2be81db15bcd HTTP/1.1
Host: dha7890ro75av.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Wed, 28 Sep 2022 13:01:38 GMT
last-modified: Wed, 28 Sep 2022 13:00:28 GMT
etag: W/"e99d4a159557e061759e33b174804cff"
cache-control: public, max-age=31536000
expires: Fri, 28 Oct 2022 13:00:27 GMT
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tsj_Yl6GG6xNhf9j9MDFxO6_J1RiMybgWeTalSDS1oUHh8BBeyqhPg==
age: 20540
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/js/app.js?id=ebd1cf2a6cc361f6c03011db9d0420af
143.204.42.41200 OK 358 kB URL HTTP/2 dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/js/app.js?id=ebd1cf2a6cc361f6c03011db9d0420af
IP 143.204.42.41:0
File type ASCII text, with very long lines (65475)
Size 358 kB (358282 bytes)
Hash 44b09214aebda6a78059fc64c6ba5955
84097f4f783eb7b0887e55997ccd9fbbe4fc3eb4
8c70385dc9b92257679355a5c67f0c59bb0910ac5c5b2045206273adc6bdf4e5
GET /aae28833-6d00-44b7-a539-c38732613307/js/app.js?id=ebd1cf2a6cc361f6c03011db9d0420af HTTP/1.1
Host: dha7890ro75av.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 28 Sep 2022 13:01:38 GMT
last-modified: Wed, 28 Sep 2022 13:00:28 GMT
etag: W/"ebd1cf2a6cc361f6c03011db9d0420af"
cache-control: public, max-age=31536000
expires: Fri, 28 Oct 2022 13:00:27 GMT
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jNuIvfCjITWq_srNItNZZ9c0hEDxXo-HITpPEdzAzhLjkUmjmgNTeA==
age: 20540
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PVS3V3P
142.250.74.72200 OK 66 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PVS3V3P
IP 142.250.74.72:0
File type ASCII text, with very long lines (3821)
Hash 2e584fb93beea4b66facb4b227ae3662
b80cfd8ba558d18e724a6d8a7796ecedce98b363
594390a5a31402aab1f16a177a2a01ebddf4e83abcf71c55488ab8539b9b6ea2
GET /gtm.js?id=GTM-PVS3V3P HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 18:43:57 GMT
expires: Wed, 28 Sep 2022 18:43:57 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/fonts/5d365b33b62a068149e5d48d44758000.woff2
143.204.42.41200 OK 20 kB URL HTTP/2 dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/fonts/5d365b33b62a068149e5d48d44758000.woff2
IP 143.204.42.41:0
File type Web Open Font Format (Version 2), TrueType, length 19544, version 1.0\012- data
Hash 0ca671f6b3e067bea7d6cb963e27fce8
22ce3c28e48c7a3b04dd5219f88f91d7d9c1cd00
1c74779f71bd18c90c9b2cff9e37cc9a7a33f5bab55f9a31f9a6fa65f17d0e29
GET /aae28833-6d00-44b7-a539-c38732613307/fonts/5d365b33b62a068149e5d48d44758000.woff2 HTTP/1.1
Host: dha7890ro75av.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://dha7890ro75av.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 19544
date: Wed, 28 Sep 2022 13:01:52 GMT
last-modified: Wed, 28 Sep 2022 13:00:29 GMT
etag: "0ca671f6b3e067bea7d6cb963e27fce8"
cache-control: public, max-age=31536000
expires: Fri, 23 Sep 2022 14:46:30 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IdWkRSerO8vkuJ9meqvmOYl2A--VjfPTJ75WcpApLOnAp_c8a04Bwg==
age: 20526
access-control-allow-origin: *
X-Firefox-Spdy: h2
widget.postnord.no/js/Payment.js
13.48.89.205200 OK 66 kB URL HTTP/2 widget.postnord.no/js/Payment.js
IP 13.48.89.205:0
Hash e13c8dc56e07cad8023e4dba879b0723
f877bfec6ed4888821f483b51e81ef9053316e81
a01eacbe4a37bb20ce0d3fc6b6ea536e8659182acbc1afd923919991e2e5a9bc
GET /js/Payment.js HTTP/1.1
Host: widget.postnord.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:43:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 28 Sep 2022 12:39:17 GMT
vary: Accept-Encoding
etag: W/"63344075-1f7a0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/fonts/bb48b0140e7319bee58754f56053fd58.woff2
143.204.42.41200 OK 20 kB URL HTTP/2 dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/fonts/bb48b0140e7319bee58754f56053fd58.woff2
IP 143.204.42.41:0
File type Web Open Font Format (Version 2), TrueType, length 19548, version 1.0\012- data
Hash dfaf47d7ebee9779f0ffe295e7c81a00
4a5d6ddcf610f6df6a0d7dde48b47c581f5f90c1
b2faf98710e66736a36b57d7dca2b51dfb4c64014b7f29d2609dc5c87bdf267d
GET /aae28833-6d00-44b7-a539-c38732613307/fonts/bb48b0140e7319bee58754f56053fd58.woff2 HTTP/1.1
Host: dha7890ro75av.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://dha7890ro75av.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 19548
date: Wed, 28 Sep 2022 13:01:52 GMT
last-modified: Wed, 28 Sep 2022 13:00:29 GMT
etag: "dfaf47d7ebee9779f0ffe295e7c81a00"
cache-control: public, max-age=31536000
expires: Fri, 23 Sep 2022 14:46:30 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iJDK_siwMgO3vEXR1ddMcCiDHeCPbnJol1524PkxrQ3HhsemBvN9ww==
age: 20526
access-control-allow-origin: *
X-Firefox-Spdy: h2
dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/fonts/cc7d15845d209c2cb93163578183eb50.woff2
143.204.42.41200 OK 21 kB URL HTTP/2 dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/fonts/cc7d15845d209c2cb93163578183eb50.woff2
IP 143.204.42.41:0
File type Web Open Font Format (Version 2), TrueType, length 20624, version 1.0\012- data
Hash 3130620dcb3f48b3413648394b9eaa04
396155740c82210fd0f537ddd2579a7188c8ed22
4aecda8fe28d40e75e166349dc3bbf1e48717776ff2de3c8898de81e60921cda
GET /aae28833-6d00-44b7-a539-c38732613307/fonts/cc7d15845d209c2cb93163578183eb50.woff2 HTTP/1.1
Host: dha7890ro75av.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://dha7890ro75av.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 20624
date: Wed, 28 Sep 2022 13:01:56 GMT
last-modified: Wed, 28 Sep 2022 13:00:29 GMT
etag: "3130620dcb3f48b3413648394b9eaa04"
cache-control: public, max-age=31536000
expires: Fri, 23 Sep 2022 14:46:30 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pyF80QHyRe5RKqjTDOopRDReg7dbXJG2tWBaM35_68HzbtIE7l4CHA==
age: 20522
access-control-allow-origin: *
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.80.175.197101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.80.175.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: im4/ReDVD4AJM/gxaevvkQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YwFwKfI1OJhbhMvjPUaylQbCNRc=
cdn.cookielaw.org/consent/f62058dd-7eca-44c7-ba9c-4bc160e43d23/f62058dd-7eca-44c7-ba9c-4bc160e43d23.json
104.16.149.64200 OK 1.9 kB URL HTTP/2 cdn.cookielaw.org/consent/f62058dd-7eca-44c7-ba9c-4bc160e43d23/f62058dd-7eca-44c7-ba9c-4bc160e43d23.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (3385), with no line terminators
Hash 9583c51576393beeba2144ee54a41b20
6ee1c9c24b9d8964b7ee9d4ba2c007ac91325dce
97f878a6ce4de568a4db4eaa2fda06f45dcde9f9415145ae06f40e7317ddf3fb
GET /consent/f62058dd-7eca-44c7-ba9c-4bc160e43d23/f62058dd-7eca-44c7-ba9c-4bc160e43d23.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:57 GMT
content-type: application/x-javascript
content-length: 1878
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: lYPFFXY5O+66IUTuVKQbIA==
last-modified: Thu, 20 Feb 2020 07:01:42 GMT
etag: 0x8D7B5D2BD975FF2
x-ms-request-id: a0844c3f-f01e-00ad-3b15-b6f88c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 3446
expires: Wed, 28 Sep 2022 22:43:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 751ea0af3f46b500-OSL
X-Firefox-Spdy: h2
magicwidget.socialboards.com/magic-widget.js
23.101.67.245200 OK 32 kB URL HTTP/2 magicwidget.socialboards.com/magic-widget.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (54396)
Hash b7b5ba6ee6cca14a80e3af4132427372
b9ad4faa6292113c8099a1fa7c60b4f360a05ba3
11dc4647ed9fbf81200b66f66b907a5f44a1acf1a3004cf7a2e8323cbfaa472b
GET /magic-widget.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:57 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "0c92643c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:11:06 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 31480
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/5.12.0/otBannerSdk.js
104.16.149.64200 OK 94 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/5.12.0/otBannerSdk.js
IP 104.16.149.64:0
File type Unicode text, UTF-8 text, with very long lines (65453)
Hash eca938cea0a69412935b264ed69d70d5
bab9a363a0ab604dd744be5c248aec872d305f1f
c564513b67d70c7ee12b96822bba5dda07c57c1a750dce726b18fe4b391e7b05
GET /scripttemplates/5.12.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:58 GMT
content-type: application/javascript
content-length: 94107
content-encoding: gzip
content-md5: 7Kk4zqCmlBKTWyZO1p1w1Q==
last-modified: Fri, 21 Feb 2020 20:12:32 GMT
etag: 0x8D7B70A62368476
x-ms-request-id: 57eabcf7-601e-006f-1c6c-c47032000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 29795700
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 751ea0af99e5b509-OSL
X-Firefox-Spdy: h2
postnord.humany.net/no---postnord-no-site-floating/embed.js
40.127.196.56200 OK 137 kB URL HTTP/1.1 postnord.humany.net/no---postnord-no-site-floating/embed.js
IP 40.127.196.56:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (65363), with CRLF line terminators
Size 137 kB (136865 bytes)
Hash 20e790eb8e34956a9aa4f6d14e030b9d
5940eb76f485f69ef2a1e73f625d343840be72ad
a683db093ee3dff8f9963190db3e39b9804870ba477ee95d279f8f61743dc704
GET /no---postnord-no-site-floating/embed.js HTTP/1.1
Host: postnord.humany.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Date: Wed, 28 Sep 2022 18:43:57 GMT
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Encoding: gzip
Expires: Wed, 28 Sep 2022 18:48:37 GMT
Last-Modified: Wed, 28 Sep 2022 18:33:37 GMT
Set-Cookie: ARRAffinity=c52151406944a2cc6fe1552b9a9921858ee2ccb9175fa0a9873f56c3f57f19dd;Path=/;HttpOnly;Secure;Domain=postnord.humany.net
ARRAffinitySameSite=c52151406944a2cc6fe1552b9a9921858ee2ccb9175fa0a9873f56c3f57f19dd;Path=/;HttpOnly;SameSite=None;Secure;Domain=postnord.humany.net
Transfer-Encoding: chunked
Vary: Host,Accept-Encoding
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050
Strict-Transport-Security: max-age=31536000; includeSubdomains;
cdn.cookielaw.org/consent/f62058dd-7eca-44c7-ba9c-4bc160e43d23/79bb253c-4427-4e4e-b0df-55a3082ff686/sv.json
104.16.149.64200 OK 5.4 kB URL HTTP/2 cdn.cookielaw.org/consent/f62058dd-7eca-44c7-ba9c-4bc160e43d23/79bb253c-4427-4e4e-b0df-55a3082ff686/sv.json
IP 104.16.149.64:0
File type HTML document, ASCII text, with very long lines (1003)
Hash f0fd7314eec15c1f7060eb3d457ea958
b74be3d0707ce18ef40686e01c8db1d480446b6b
6e9b794d4c6a4abed2028756a0bc774975498d5faf111215352fcf5e662f7009
GET /consent/f62058dd-7eca-44c7-ba9c-4bc160e43d23/79bb253c-4427-4e4e-b0df-55a3082ff686/sv.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.postnord.no/
Origin: https://my.postnord.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:58 GMT
content-type: application/x-javascript
content-length: 5418
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: 8P1zFO7BXB9wYOs9RX6pWA==
last-modified: Thu, 20 Feb 2020 07:01:52 GMT
etag: 0x8D7B5D2C3B5C726
x-ms-request-id: 48ea1a76-e01e-0135-742b-7630e6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 3351
expires: Wed, 28 Sep 2022 22:43:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 751ea0b0291ab500-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/5.12.0/assets/otCenterRounded.json
104.16.149.64200 OK 2.7 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/5.12.0/assets/otCenterRounded.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (6178)
Hash f189fecc054cf03939aa91b3da1c2b33
8b7afe2e5397fdbaea6ac9b29bfa49f91a35cfa5
892cac771da806b05f9de6a18c66567eb15511724c535197b190bff51109e01a
GET /scripttemplates/5.12.0/assets/otCenterRounded.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.postnord.no/
Origin: https://my.postnord.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:58 GMT
content-type: application/json
content-length: 2720
content-encoding: gzip
content-md5: 8Yn+zAVM8Dk5qpGz2hwrMw==
last-modified: Fri, 21 Feb 2020 20:12:30 GMT
etag: 0x8D7B70A6119E1F9
x-ms-request-id: 7424ff8c-c01e-000f-7b0a-503510000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3447
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 751ea0b0ca07b500-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/5.12.0/assets/otPcCenter.json
104.16.149.64200 OK 13 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/5.12.0/assets/otPcCenter.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (29486)
Hash e4d6e6e4308335eb285b94833e12742a
bf50980444e66849a80b449e7ebfee2966c6b28b
8236fa97b385a7dfde4ad31c9a54835374d6ffac761aea767093173267a027a8
GET /scripttemplates/5.12.0/assets/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.postnord.no/
Origin: https://my.postnord.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:58 GMT
content-type: application/json
content-length: 13252
content-encoding: gzip
content-md5: 5Nbm5DCDNesoW5SDPhJ0Kg==
last-modified: Fri, 21 Feb 2020 20:12:30 GMT
etag: 0x8D7B70A61028500
x-ms-request-id: 01fccc27-d01e-015b-1d0a-5099cf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3447
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 751ea0b0ca08b500-OSL
X-Firefox-Spdy: h2
magicwidgetapi.socialboards.com/api/chat/settings?communityName=postnord&widgetId=1577&language=1
13.95.82.181200 OK 1.4 kB URL HTTP/2 magicwidgetapi.socialboards.com/api/chat/settings?communityName=postnord&widgetId=1577&language=1
IP 13.95.82.181:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash b324ef067b4c66045befbf3254c23cdf
cc388a58efc3c33db2cc8b741322ac4c4e0124ab
c2c876bef9e7e5529d0d5112f4ecc7d207145b735686a3190d0d46b09469399a
GET /api/chat/settings?communityName=postnord&widgetId=1577&language=1 HTTP/1.1
Host: magicwidgetapi.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Wed, 28 Sep 2022 18:43:57 GMT
server: Microsoft-IIS/10.0
access-control-allow-credentials: true
access-control-allow-origin: https://my.postnord.no
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
expires: -1
pragma: no-cache
vary: Accept-Encoding
content-length: 1409
X-Firefox-Spdy: h2
dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/images/favicon.ico
143.204.42.41200 OK 1.2 kB URL HTTP/2 dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/images/favicon.ico
IP 143.204.42.41:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 0c3f58aa8946665b0d8ba999153f57a4
9473a8724bcd4661b9b0ac457a4e6a19a60384aa
2f6d8b09a6a9b34c8d4462ccef35f8962cb6a4c36024f952f42d0acf92a0c13c
GET /aae28833-6d00-44b7-a539-c38732613307/images/favicon.ico HTTP/1.1
Host: dha7890ro75av.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 1150
date: Wed, 28 Sep 2022 13:01:38 GMT
last-modified: Wed, 28 Sep 2022 13:00:29 GMT
etag: "0c3f58aa8946665b0d8ba999153f57a4"
cache-control: public, max-age=31536000
expires: Fri, 23 Sep 2022 14:46:30 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YiP0SYB_f0CftccmG3azkFZx-ZoGmZLK9iGOzQeF5ycaZGGhJwSMsA==
age: 20541
vary: Origin
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 18:41:09 GMT
expires: Wed, 28 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 169
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
postnord.humany.net/no---postnord-no-site-floating/widgets.css
40.127.196.56200 OK 36 kB URL HTTP/1.1 postnord.humany.net/no---postnord-no-site-floating/widgets.css
IP 40.127.196.56:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (25688), with CRLF line terminators
Hash 1851ae616feda5c433289ef50586aca2
dea919249499e7fe17b0ceeb0d34557b657d9939
4b5e85545e81dea632d72b47535489bb7a3b1ced72e2f172666615600937dc17
GET /no---postnord-no-site-floating/widgets.css HTTP/1.1
Host: postnord.humany.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Cookie: ARRAffinitySameSite=c52151406944a2cc6fe1552b9a9921858ee2ccb9175fa0a9873f56c3f57f19dd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 35573
Content-Type: text/css; charset=utf-8
Date: Wed, 28 Sep 2022 18:43:57 GMT
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Encoding: gzip
Expires: Wed, 28 Sep 2022 18:45:58 GMT
Last-Modified: Wed, 28 Sep 2022 18:30:58 GMT
Vary: Host,Accept-Encoding
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050
Strict-Transport-Security: max-age=31536000; includeSubdomains;
vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Hash f6a9ca04b0687ea3c0d98e8430c8c77b
35503b2deb23091a9a9c6c68d4020dbdf879588e
8e4328ecb6b395499567369e3c227231dbdaf361f43ce315934d7a2a3abbed41
GET /box-69edcc3187336f9b0a3fbb4c73be9fe6.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1044
date: Wed, 07 Sep 2022 09:17:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6pclISzDElqHcd2hbEgttLqY5O0SKMnHFMxAoUuwXluHJBoftmZV0Q==
age: 1848411
X-Firefox-Spdy: h2
postnord.humany.net/ClientLibraries/Supplementary/font-awesome-4.7.0/css/font-awesome.min.css
40.127.196.56200 OK 7.0 kB URL HTTP/1.1 postnord.humany.net/ClientLibraries/Supplementary/font-awesome-4.7.0/css/font-awesome.min.css
IP 40.127.196.56:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (30837), with CRLF line terminators
Hash 15d33c719df49446c289c6e00550afa8
a0bad7b2363db42c5c608d8603c43eca428b9eaa
e6bd735c29178ac0cda970532abd0b956954024cb898ab36bc246ffe295979b5
GET /ClientLibraries/Supplementary/font-awesome-4.7.0/css/font-awesome.min.css HTTP/1.1
Host: postnord.humany.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Cookie: ARRAffinitySameSite=c52151406944a2cc6fe1552b9a9921858ee2ccb9175fa0a9873f56c3f57f19dd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 6995
Content-Type: text/css
Date: Wed, 28 Sep 2022 18:43:57 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Content-Encoding: gzip
ETag: "05eb1f58fd1d81:0"
Last-Modified: Mon, 26 Sep 2022 10:08:44 GMT
Vary: Accept-Encoding
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050
Strict-Transport-Security: max-age=31536000; includeSubdomains;
magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
23.101.67.245200 OK 716 B URL HTTP/2 magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (520), with CRLF line terminators
Hash 54ca50d070af84b994ad9728282b7c1d
db7db63b904ff57835a1616e709f91049f1e9146
d4ca326169147992b3c376345863109e12ab79ba0f3cb479b42f573f8c62ba1d
GET /messenger-child/index.html?isWidgetMode=true HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "453e4ecbc2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:54 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 716
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2228782.js?sv=7
54.230.111.8200 OK 34 kB URL HTTP/2 static.hotjar.com/c/hotjar-2228782.js?sv=7
IP 54.230.111.8:0
File type ASCII text, with very long lines (3790)
Hash 6f0f2269d480cd2b409474838128501c
df8def6cb481515625b6964336b04322ea0fd16d
3d36ed44ed326e0b93847046c59a73c8a001d45e327f037cbceded9440ec6991
GET /c/hotjar-2228782.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 28 Sep 2022 18:43:04 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/85b43508fd87453806bd4d65e4728696
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oBHaxU305ghKXWZ0WeV9lIcRAVGfIlctmwFPSQND9Am5zQZ6yCzvoA==
age: 54
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/runtime-es2015.3d64d47320fdb64a7295.js
23.101.67.245200 OK 1.7 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/runtime-es2015.3d64d47320fdb64a7295.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (2551), with no line terminators
Hash 1011efd7e2d6d6fea3897a226ed5e0e3
6a5ec9304777cb0b946eefeb390a15589b8abade
93d8505a153afb496feddfa4314e5814723ce4abe2ad5821d4293ed87b55d200
GET /messenger-child/runtime-es2015.3d64d47320fdb64a7295.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "ce8cc2aec2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:06 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 1688
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/polyfills-es2015.68c57873205f360e1278.js
23.101.67.245200 OK 110 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/polyfills-es2015.68c57873205f360e1278.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Size 110 kB (109537 bytes)
Hash 227f427bfa4a8fce62aba5ec58ae58a4
49053f290d407eb5b442bb6c49660812062efda8
67254dca51e6ea93fe761f12a3643bc81b3fe38f92edaffd698d507f7e558941
GET /messenger-child/polyfills-es2015.68c57873205f360e1278.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "803f30b6c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:19 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 109537
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
script.hotjar.com/modules.cf44a0a6b448df1b035e.js
143.204.55.40200 OK 66 kB URL HTTP/2 script.hotjar.com/modules.cf44a0a6b448df1b035e.js
IP 143.204.55.40:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 5f131c93ccff63ccc86d0067d0eebf99
a599898399783be0db5f757c043b828a0726deec
91980f4223c639c3849139a6e692ccf10310f0b57d74b403198af020fc7398a2
GET /modules.cf44a0a6b448df1b035e.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 66148
date: Wed, 28 Sep 2022 11:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5f131c93ccff63ccc86d0067d0eebf99"
last-modified: Wed, 28 Sep 2022 11:36:53 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aP131D7M2BaP9QUz6JjTNFahDN-U3yC_nmp2EB-I8TzHXr54lz9ZUQ==
age: 25612
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/main-es2015.e1eb2d305e1ca8f18089.js
23.101.67.245200 OK 292 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/main-es2015.e1eb2d305e1ca8f18089.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Size 292 kB (291572 bytes)
Hash fe810779cd1279b9228f76ca2f885bbc
8ead5402dd893f2ed281a058d301230781fad895
c887530b048f9a7eaa598c2416a29c1bcde84185290788247fcfc5c333ed91cc
GET /messenger-child/main-es2015.e1eb2d305e1ca8f18089.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "079aac8c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:50 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 291572
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1eefefb3b607aa38e387d21186006d42
f1878481dff39afc79564dca4f6939a4b81f5ea7
b9011e095634ed695f18b8b901e89d2be93d84b5f25f812e8f665da588858810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-20V02L7V00>m=2oe9q0&_p=400717080&cid=2041891980.1664390635&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664390635&sct=1&seg=0&dl=https%3A%2F%2Fmy.postnord.no%2Fcustomer-service&dt=Kundeservice%20-%20PostNord&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-20V02L7V00>m=2oe9q0&_p=400717080&cid=2041891980.1664390635&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664390635&sct=1&seg=0&dl=https%3A%2F%2Fmy.postnord.no%2Fcustomer-service&dt=Kundeservice%20-%20PostNord&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-20V02L7V00>m=2oe9q0&_p=400717080&cid=2041891980.1664390635&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664390635&sct=1&seg=0&dl=https%3A%2F%2Fmy.postnord.no%2Fcustomer-service&dt=Kundeservice%20-%20PostNord&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://my.postnord.no
date: Wed, 28 Sep 2022 18:43:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/assets/i18n/nb.json?1.0.0
23.101.67.245200 OK 1.7 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/assets/i18n/nb.json?1.0.0
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash f084be0d958c682e2a2e4a64c3a53b9a
b238b53bbd0ee38a9b8817c9253f6a24677520f0
a5733d97a012a47c7b68ddee1edff26221a02adbe9895ae58f7dec915d5adacd
GET /messenger-child/assets/i18n/nb.json?1.0.0 HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "80bb2b6dc1c6d81:0"
last-modified: Mon, 12 Sep 2022 16:05:07 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 1681
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 538692a0cbeb2e09cd3af235e5553123
5a9231ebcec9889cf5b5e2450349ed4aee56fcbc
819ff8e41d20d247d0f4eaa714d072ad1a68e37eaba6fd663edea3ad1364998d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/api.js
142.250.74.174200 OK 5.6 kB URL HTTP/2 apis.google.com/js/api.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (2046)
Hash f9f56458a86b805c84a23e08244dcfa8
2ba905db7f79dcf85f57c523016318bf6fd098dc
9835b481dd77d751336a2d6b2ca3ace4460177056d54633048621c960fec58ab
GET /js/api.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5568
date: Wed, 28 Sep 2022 18:43:59 GMT
expires: Wed, 28 Sep 2022 18:43:59 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "60d555d47999b4e8"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3946
Expires: Wed, 28 Sep 2022 19:49:45 GMT
Date: Wed, 28 Sep 2022 18:43:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3946
Expires: Wed, 28 Sep 2022 19:49:45 GMT
Date: Wed, 28 Sep 2022 18:43:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3946
Expires: Wed, 28 Sep 2022 19:49:45 GMT
Date: Wed, 28 Sep 2022 18:43:59 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 75416
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rV80hKsopWPf_A8hKw0kwTOjVN4Bq-5f8oXDP2wluyGwof5yXFe2Bw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:42:47 GMT
age: 75672
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KmVkKXoPqZmnwFtpKhuox1kJNDoSxMEmYE39_zVPyaeoU4sPqq-_wA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:23 GMT
age: 75576
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: y3DefdcXJyoDHpJXwz460gfWcv2JUboOFExNQmTFgy30B4mn54Xvuw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:30 GMT
age: 75569
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 6627e07e-034b-432e-ab9e-afe035fa0b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e9HgIoAMFxUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7f34c3f6454379724a7ac413;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: J27vcANRhkMUuGwTZjXkO0EF0-UjN-MODVQRKgsc7hJI2S-UPF8Ctw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:53 GMT
age: 75786
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Di1kDUlYEc1rv31fHM-OquU_W_LggEzDCTVME5iFJ5KffZcQyN6i2A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:31:39 GMT
age: 40340
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
postnord.humany.net/kundservice-inline/guides?client=8e0e5876-4b9d-6fd7-7624-3fb77ba25386&funnel=kundservice-inline&site=http%3A%2F%2Fmy.postnord.no%2Fcustomer-service&categories=&phrase=&skip=0&take=5
40.127.196.56200 OK 1.0 kB URL HTTP/1.1 postnord.humany.net/kundservice-inline/guides?client=8e0e5876-4b9d-6fd7-7624-3fb77ba25386&funnel=kundservice-inline&site=http%3A%2F%2Fmy.postnord.no%2Fcustomer-service&categories=&phrase=&skip=0&take=5
IP 40.127.196.56:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (2278), with no line terminators
Hash c9a002a662f59209126723c26d4dac8a
a7dd9298916265cf87e2932955a669007604ca9e
7e37c683ff6bf87815a745a926c781aa8bb093a4d6785ff7766a8b0165dbc05e
POST /kundservice-inline/guides?client=8e0e5876-4b9d-6fd7-7624-3fb77ba25386&funnel=kundservice-inline&site=http%3A%2F%2Fmy.postnord.no%2Fcustomer-service&categories=&phrase=&skip=0&take=5 HTTP/1.1
Host: postnord.humany.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.postnord.no/
Origin: https://my.postnord.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Wed, 28 Sep 2022 18:43:58 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Content-Encoding: gzip
Expires: -1
Pragma: no-cache
Set-Cookie: ARRAffinity=bc8f9f0257500901a71d8bb509bda65a70da8abe3582d417b2f4eb67370855ff;Path=/;HttpOnly;Secure;Domain=postnord.humany.net
ARRAffinitySameSite=bc8f9f0257500901a71d8bb509bda65a70da8abe3582d417b2f4eb67370855ff;Path=/;HttpOnly;SameSite=None;Secure;Domain=postnord.humany.net
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Humany-Identities: 20886,16468,20883
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050
Strict-Transport-Security: max-age=31536000; includeSubdomains;
postnord.humany.net/kundservice-inline/categories?client=8e0e5876-4b9d-6fd7-7624-3fb77ba25386&funnel=kundservice-inline&site=http%3A%2F%2Fmy.postnord.no%2Fcustomer-service&phrase=
40.127.196.56200 OK 560 B URL HTTP/1.1 postnord.humany.net/kundservice-inline/categories?client=8e0e5876-4b9d-6fd7-7624-3fb77ba25386&funnel=kundservice-inline&site=http%3A%2F%2Fmy.postnord.no%2Fcustomer-service&phrase=
IP 40.127.196.56:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1809), with no line terminators
Hash 614105e41c21b6d61a437a4cfdbd9454
f840ec6cba11d1182e9b43484fef1c15bcd68505
988f879b71ed06f0dd80c8aad9e323e2f8b70df4c26dd9a6ab87a1a17fa2a54e
GET /kundservice-inline/categories?client=8e0e5876-4b9d-6fd7-7624-3fb77ba25386&funnel=kundservice-inline&site=http%3A%2F%2Fmy.postnord.no%2Fcustomer-service&phrase= HTTP/1.1
Host: postnord.humany.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.postnord.no/
Origin: https://my.postnord.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Wed, 28 Sep 2022 18:43:58 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Content-Encoding: gzip
Expires: -1
Pragma: no-cache
Set-Cookie: ARRAffinity=05c47e3daddcef2e784bcc948c75231c3ac8e5887a2310ce253d250cf2bac8d2;Path=/;HttpOnly;Secure;Domain=postnord.humany.net
ARRAffinitySameSite=05c47e3daddcef2e784bcc948c75231c3ac8e5887a2310ce253d250cf2bac8d2;Path=/;HttpOnly;SameSite=None;Secure;Domain=postnord.humany.net
Transfer-Encoding: chunked
Vary: Accept-Encoding
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050
Strict-Transport-Security: max-age=31536000; includeSubdomains;
master.socialboards.com/api/customer
20.50.2.0200 OK 0 B URL HTTP/2 master.socialboards.com/api/customer
IP 20.50.2.0:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/customer HTTP/1.1
Host: master.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: community
Referer: https://magicwidget.socialboards.com/
Origin: https://magicwidget.socialboards.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
access-control-allow-credentials: true
access-control-allow-headers: community
access-control-allow-origin: https://magicwidget.socialboards.com
access-control-expose-headers: date
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2
master.socialboards.com/api/customer
20.50.2.0200 OK 273 B URL HTTP/2 master.socialboards.com/api/customer
IP 20.50.2.0:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with CRLF line terminators
Hash aac835de395194b904c69ae80bd68e85
1ba3a94f6ebee1a53941ea9d47b81f66c3263308
3edfcd7a5cd2f5774b4a947a76ee288065adad066bd445e58b639c054d296149
GET /api/customer HTTP/1.1
Host: master.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Community: postnord
Origin: https://magicwidget.socialboards.com
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
access-control-allow-credentials: true
access-control-allow-origin: https://magicwidget.socialboards.com
access-control-expose-headers: date
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
expires: -1
pragma: no-cache
vary: Accept-Encoding
content-length: 273
X-Firefox-Spdy: h2
postnord.humany.net/ClientLibraries/Supplementary/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
40.127.196.56200 OK 77 kB URL HTTP/1.1 postnord.humany.net/ClientLibraries/Supplementary/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 40.127.196.56:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ClientLibraries/Supplementary/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: postnord.humany.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://postnord.humany.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 77160
Content-Type: font/woff2
Date: Wed, 28 Sep 2022 18:43:58 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
ETag: "05eb1f58fd1d81:0"
Last-Modified: Mon, 26 Sep 2022 10:08:44 GMT
Set-Cookie: ARRAffinity=bc73405f088a481bce9031c7b1fcb03c60435387299bbfcd3c3234768c74f51e;Path=/;HttpOnly;Secure;Domain=postnord.humany.net
ARRAffinitySameSite=bc73405f088a481bce9031c7b1fcb03c60435387299bbfcd3c3234768c74f51e;Path=/;HttpOnly;SameSite=None;Secure;Domain=postnord.humany.net
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050
Strict-Transport-Security: max-age=31536000; includeSubdomains;
vc.hotjar.io/sessions/2228782?s=0.25&r=0.15019979087054214
54.230.111.8204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/2228782?s=0.25&r=0.15019979087054214
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/2228782?s=0.25&r=0.15019979087054214 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zKcJqFc4z6KYo2OfWt5d8gDxWlxsHnTLr7Wj4b9wMY6LyqzLotBtYQ==
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/0-es2015.7ad77b58b91cb12bda32.js
23.101.67.245200 OK 23 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/0-es2015.7ad77b58b91cb12bda32.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Hash ac1775d42f4b06024d243aeb004f9707
fde96f575b48882bb5b3fa58487fba9e4b4b70f2
71d81b067d66d73f39e78b6795e5082174eb5f3e548c15ee7048f6378dddb29b
GET /messenger-child/0-es2015.7ad77b58b91cb12bda32.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "04f35b3c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:14 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 22785
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/5-es2015.7be231f6eca682455d4a.js
23.101.67.245200 OK 6.1 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/5-es2015.7be231f6eca682455d4a.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (24055), with no line terminators
Hash e11509a6676456dd9f37aaa0869e4c35
14ab1f8a8951ba35526e3f30ab66b7b03a5b6cc6
033bc4aa624fe688fff5832669838b411ee15accca98fc817252f01b143fbe27
GET /messenger-child/5-es2015.7be231f6eca682455d4a.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "80e5cdb3c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:15 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 6073
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/common-es2015.9d67d5553b51a0d9f584.js
23.101.67.245200 OK 6.5 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/common-es2015.9d67d5553b51a0d9f584.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (17353), with no line terminators
Hash abd7b1b8f546f47c57c26069b44c3fee
ad5af6ede7e524ecb36fc09f9c7586ca79b79f44
a33ef2d219d3ffc8039deee15513f0e7cbd7d0a3b53cf1eab265b57b231ddff6
GET /messenger-child/common-es2015.9d67d5553b51a0d9f584.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "0c8a1afc2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:08 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 6489
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/3-es2015.097569bfc1dafa2ed989.js
23.101.67.245200 OK 46 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/3-es2015.097569bfc1dafa2ed989.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Hash 429fae1e74a5dd1fa4c66cc7fc17083f
95c334086b549b880ae95d3935e810001ef92e1c
f93ec485d74bfa3fb52f2010ef6f5fce7afb2cdc4a5056d6061ac0d549b787b0
GET /messenger-child/3-es2015.097569bfc1dafa2ed989.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "8012ffb4c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:17 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 46083
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/4-es2015.f4fce6d00906ce9a1417.js
23.101.67.245200 OK 155 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/4-es2015.f4fce6d00906ce9a1417.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Size 155 kB (154707 bytes)
Hash d0d47b4655518ef240907b935a7ee5dc
a3ad92b9810ca0d5241054fc129e7a5d3f31d4de
cd55d540f7cd3a7f9bcd9dc94106c61dd740d761558382f4cfc111ae2550f58a
GET /messenger-child/4-es2015.f4fce6d00906ce9a1417.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "0b7bebcc2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:30 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 154707
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash f457b92cc8ead600e5c297206466eff8
07dc558538848093c071d422f5f0df9885466df1
83bb44907eeb0602b45d29d12c65ffc60ded954d9751078fc958a4494b87fe70
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:43:59 GMT
Last-Modified: Wed, 28 Sep 2022 17:47:31 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LsHGYvwj-YzXihANgzl45yxu2ncPcdJYWrUee22cp0gz0ROP8z6-_g==
Age: 3388
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&gjid=1817203240&_gid=997634733.1664390636&_u=YADAAEAAAAAAAC~&z=115640565
64.233.165.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&gjid=1817203240&_gid=997634733.1664390636&_u=YADAAEAAAAAAAC~&z=115640565
IP 64.233.165.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&gjid=1817203240&_gid=997634733.1664390636&_u=YADAAEAAAAAAAC~&z=115640565 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://my.postnord.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 18:43:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&_u=YADAAEAAAAAAAC~&z=366233778
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&_u=YADAAEAAAAAAAC~&z=366233778
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&_u=YADAAEAAAAAAAC~&z=366233778 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 18:43:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&_u=YADAAEAAAAAAAC~&z=366233778
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&_u=YADAAEAAAAAAAC~&z=366233778
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&_u=YADAAEAAAAAAAC~&z=366233778 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 18:43:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b7ed37e03b72b8da3fb7f6c476ae9a1f
c335157b42102c71f5431bc295b2b2542af781d4
66ad71fe8fc69a39c7852c1b8e1fe1308e8ccaf2a147ed1c3a6866d3b248f9a3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
magicwidget.socialboards.com/messenger-child/13-es2015.1db707ef88438c57a032.js
23.101.67.245200 OK 5.1 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/13-es2015.1db707ef88438c57a032.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (19480), with no line terminators
Hash ec6f13c45d93ebb2584acfeb202af710
2132efe252607e79ef7f5b2509fbfe990343e1b4
9cba8c8ef5fb014f483dd030d926762cbd9ffc93ca62da32ab22b3f7c726347a
GET /messenger-child/13-es2015.1db707ef88438c57a032.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "0f5d2b0c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:10 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 5075
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/11-es2015.98a01848d45efc16b6ef.js
23.101.67.245200 OK 11 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/11-es2015.98a01848d45efc16b6ef.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (57923), with no line terminators
Hash 80b96941a0500d28472e0f667069cd76
81be0a24e5780f7c817a3fa5e48d26a501dc35ef
d527bdb5d9bbaaf37c24f3a4d457796f4e839bca3eaf47af50a9374858234953
GET /messenger-child/11-es2015.98a01848d45efc16b6ef.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "80a7b9bfc2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:35 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 10699
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/14-es2015.47cddb5baf30cd54c401.js
23.101.67.245200 OK 6.5 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/14-es2015.47cddb5baf30cd54c401.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (25205), with no line terminators
Hash 2b42d4d0b33212a790bbfd74c8d0bb01
ff05d4637a095f3884677e43a7a9c6b96a2263b9
117bc346c2499e5229d6bd3742c5677b9b75940cade6fcb6d1efa8dc98f7c4a0
GET /messenger-child/14-es2015.47cddb5baf30cd54c401.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "03e52c0c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:36 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 6527
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/15-es2015.e51e8620a54bc0822b67.js
23.101.67.245200 OK 1.8 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/15-es2015.e51e8620a54bc0822b67.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (5321), with no line terminators
Hash d48b9ac2bf53961535b75907cecd3a5a
e641f63af51960e6c93c7f67c5a70729e172e8b5
e2d5b97866a8a096b7428214512fb33578199b805ae87ec780560c3721f832b2
GET /messenger-child/15-es2015.e51e8620a54bc0822b67.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "805e3ab0c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:09 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 1829
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/12-es2015.24b517fd8699765c9d6b.js
23.101.67.245200 OK 2.2 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/12-es2015.24b517fd8699765c9d6b.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (7050), with no line terminators
Hash 3fd61c2793c7231b9c511529c2838519
c81ed754f6c7de07d87f208e3aed7d05503f37d4
a3b67269da8d51123feb8c4b4917ddb22bc096c8a693071b0150d297962e7d40
GET /messenger-child/12-es2015.24b517fd8699765c9d6b.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "805e3ab0c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:09 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 2198
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
privacyportal-de.onetrust.com/request/v1/consentreceipts
172.64.146.158200 OK 0 B URL HTTP/2 privacyportal-de.onetrust.com/request/v1/consentreceipts
IP 172.64.146.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Generic/Spear Phishing
OPTIONS /request/v1/consentreceipts HTTP/1.1
Host: privacyportal-de.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://my.postnord.no/
Origin: https://my.postnord.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:44:05 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
access-control-allow-headers: content-type
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 751ea0deeb5ab4e8-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.149.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.149.64:0
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:57 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: zvDmpz9S9y5z1XhncmOZ/w==
last-modified: Wed, 28 Sep 2022 12:10:07 GMT
etag: 0x8DAA14A6206707D
x-ms-request-id: a96b03fa-901e-0035-234c-d376b3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3663
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 751ea0aee8dbb509-OSL
X-Firefox-Spdy: h2
widget.postnord.no/js/BookingV2.js
13.48.89.205200 OK 0 B URL HTTP/2 widget.postnord.no/js/BookingV2.js
IP 13.48.89.205:0
GET /js/BookingV2.js HTTP/1.1
Host: widget.postnord.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:43:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 28 Sep 2022 12:39:17 GMT
vary: Accept-Encoding
etag: W/"63344075-23bb7"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2228782/visit-data?sv=7
54.76.60.60200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2228782/visit-data?sv=7
IP 54.76.60.60:0
POST /api/v2/client/sites/2228782/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 150
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:59 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/scripts.055465a09bcb16546afd.js
23.101.67.245200 OK 0 B URL HTTP/2 magicwidget.socialboards.com/messenger-child/scripts.055465a09bcb16546afd.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /messenger-child/scripts.055465a09bcb16546afd.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "80d7a6acc2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:03 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 209231
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
privacyportal-de.onetrust.com/request/v1/consentreceipts
172.64.146.158200 OK 0 B URL HTTP/2 privacyportal-de.onetrust.com/request/v1/consentreceipts
IP 172.64.146.158:0
Analyzer Verdict Alert openphish Generic/Spear Phishing
POST /request/v1/consentreceipts HTTP/1.1
Host: privacyportal-de.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2545
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:44:05 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
x-onetrust-receiptid: 816f0311-bdd7-4ed2-872c-aa98d5a8497e
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 751ea0df4be6b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2