Report - www.postnord.no/kundeservice

Report Overview

Submitted URL
www.postnord.no/kundeservice
IP
104.18.38.9
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-28 18:44:08
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	7.0 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	75 kB	34.120.237.76
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	499 B	694 B	142.250.74.3
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
dha7890ro75av.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	437 kB	143.204.42.41
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.80.175.197
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	35 kB	54.230.111.8
master.socialboards.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	974 B	1.1 kB	20.50.2.0
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	500 B	694 B	142.250.74.164
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.9 kB	54.230.245.118
vc.hotjar.io	2334	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	368 B	54.230.111.8
privacyportal-de.onetrust.com	8687	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	968 B	909 B	172.64.146.158
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
my.postnord.no	310815	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	28 kB	16.170.70.26
magicwidget.socialboards.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.4 kB	710 kB	23.101.67.245
vars.hotjar.com	1014	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	492 B	1.7 kB	143.204.55.105
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	661 B	561 B	216.239.34.36
in.hotjar.com	1746	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	287 B	54.76.60.60
widget.postnord.no	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	708 B	67 kB	13.48.89.205
cdn.cookielaw.org	502	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	123 kB	104.16.149.64
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	67 kB	143.204.55.40
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	588 B	709 B	64.233.165.155
www.postnord.no	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	792 B	1.9 kB	104.18.38.9
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	67 kB	142.250.74.72
postnord.humany.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	262 kB	40.127.196.56
magicwidgetapi.socialboards.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	447 B	1.8 kB	13.95.82.181
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	20 kB	142.250.74.174
apis.google.com	105	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	6.5 kB	142.250.74.174

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-12	medium	privacyportal-de.onetrust.com/	Generic/Spear Phishing
2022-09-12	medium	privacyportal-de.onetrust.com/	Generic/Spear Phishing

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (29)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtm.js?id=GTM-PVS3V3P	183 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PVS3V3P IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:50 Last Seen2023-03-08 03:10:50 Times Seen1 Hash 6854ab7753b295283df23a29019e105f dfdceda5ca3e4d61ce096fbbb65764f151f26e42 a6c4af6d492307fbf45e14aeed6ba4a88e381184a78fbb4d025016909a958e81 Loading...

	postnord.humany.net/no---postnord-no-site-floating/embed.js	405 kB	2023-03-08	2023-03-08
Pretty URL postnord.humany.net/no---postnord-no-site-floating/embed.js IP 40.127.196.56 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:50 Last Seen2023-03-08 03:10:50 Times Seen1 Hash 5018dd6d2ac9227a6acd04d859641ecd 104455457aa409cc29c656c6dfdd4d023e18965f 069476d18e2cec8a118672da7d30a7c241f1992cd7bcc0c04fc39e5e405ffe0c Loading...

	magicwidget.socialboards.com/messenger-child/5-es2015.7be231f6eca682455d4a.js	24 kB	2023-03-08	2023-03-25
Pretty URL magicwidget.socialboards.com/messenger-child/5-es2015.7be231f6eca682455d4a.js IP 23.101.67.245 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:50 Last Seen2023-03-25 22:31:19 Times Seen2 Hash 9d7040dd0fa974eb30a8d80545be09f7 2f36adbbf122dd56954ec8de9ffe8d01f682422f fcfee09e291ff856f3ff08f425085b70f9d3505e351e493ee02d47f958f5d9d3 Loading...

	magicwidget.socialboards.com/messenger-child/10-es2015.1ab4c649e29d565610f5.js	1.5 MB	2023-03-08	2023-03-17
Pretty URL magicwidget.socialboards.com/messenger-child/10-es2015.1ab4c649e29d565610f5.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:50 Last Seen2023-03-17 12:35:55 Times Seen1 Hash 2b979c4e742d6fdcf7bba0136d028528 60f57e7d49a55274eb9e045ce490e04f4cec727f f8ed569423b56b7440689f71052e07f68d2c04e66262cb5fd411abcb73410174 Loading...

	magicwidget.socialboards.com/messenger-child/12-es2015.24b517fd8699765c9d6b.js	7.1 kB	2023-03-08	2023-03-25
Pretty URL magicwidget.socialboards.com/messenger-child/12-es2015.24b517fd8699765c9d6b.js IP 23.101.67.245 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:50 Last Seen2023-03-25 22:31:18 Times Seen2 Hash 3c56f3f7cc7b3d6b6d9392bd2d24c735 d9ae21ab2b56e7c29c0dfe8b13650aadbae957fe 02ce2f8c85eda7744bea8ff039578d52792a4678b723d2c928f3ff8ff5a2673f Loading...

	static.hotjar.com/c/hotjar-2228782.js?sv=7	4.6 kB	2023-03-08	2023-03-08
Pretty URL static.hotjar.com/c/hotjar-2228782.js?sv=7 IP 54.230.111.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:50 Last Seen2023-03-08 03:10:50 Times Seen1 Hash 85b43508fd87453806bd4d65e4728696 e2653284ec526b29580f1dbf6d1e832dd88f5ee9 6adb2bc19a60916e216e1196de3403457d58e3b43141d5e60ab05bae8c0bc13a Loading...

	magicwidget.socialboards.com/messenger-child/main-es2015.e1eb2d305e1ca8f18089.js	1.1 MB	2023-03-08	2023-03-17
Pretty URL magicwidget.socialboards.com/messenger-child/main-es2015.e1eb2d305e1ca8f18089.js IP 23.101.67.245 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:50 Last Seen2023-03-17 12:35:56 Times Seen1 Hash c1170abc7a6fe52c96a5234e737f23aa efc9ffce113339b48f14f8b230958e24705e8b33 d43166816e951c616c6b380fb2021e7b512ddb8ad4463688c8f0d9411d47a965 Loading...

	apis.google.com/js/api.js	14 kB	2023-03-07	2023-03-17
Pretty URL apis.google.com/js/api.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:51 Last Seen2023-03-17 12:47:19 Times Seen1 Hash 89e6d3118e4fbe5309ae93ebea0a8f3f 60ad5f3a982a9be54f269829f677901b958c8842 cd13e9f65965689dbfcf3ff13dcb76934b53da52b13a6e198485205769893a84 Loading...

	magicwidget.socialboards.com/messenger-child/0-es2015.7ad77b58b91cb12bda32.js	91 kB	2023-03-08	2023-03-25
Pretty URL magicwidget.socialboards.com/messenger-child/0-es2015.7ad77b58b91cb12bda32.js IP 23.101.67.245 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:50 Last Seen2023-03-25 22:31:18 Times Seen2 Hash b45c75e1f927545caf1c095f2605421e f3cdcb7d1c6483244be923f07b6a85002d85a249 54e0ba2b945a714f068718f60bc7151cf23ec19574ac94e5d9ca2e62b1ba803d Loading...

	magicwidget.socialboards.com/messenger-child/4-es2015.f4fce6d00906ce9a1417.js	645 kB	2023-03-08	2023-03-09
Pretty URL magicwidget.socialboards.com/messenger-child/4-es2015.f4fce6d00906ce9a1417.js IP 23.101.67.245 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:51 Last Seen2023-03-09 14:58:38 Times Seen1 Hash 8a08c6db44815230417effaed1adc3fc 2ac48d5bd8b862c71679a9c39d6572f908c33088 7f3e855b3175aaedcc39d5bf609beacc23dc78e72e4d0aa7c67fa16665bc2083 Loading...

	cdn.cookielaw.org/scripttemplates/otSDKStub.js	22 kB	2023-03-07	2024-03-05
Pretty URL cdn.cookielaw.org/scripttemplates/otSDKStub.js IP 104.16.149.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:58:52 Last Seen2024-03-05 19:00:25 Times Seen96 Hash a750a84d2cd5eb69aa0b8b1b94db6da8 56fd3e55c49aa5f3e48e525ae794da9b070cfa6c bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0 Loading...

	my.postnord.no/customer-service	28 B	2023-03-07	2024-04-19
Pretty URL my.postnord.no/customer-service IP 16.170.70.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-04-19 15:49:31 Times Seen4179 Hash 5b367dd02e41abc8dbc0190dcb35ff61 5e24ba41be5efe4af6dd970e101bc24acea46a7c 22031038e39e75078c3c197b952ade3153e626f53ad9b73a97c1dcb065e76d67 Loading...

	magicwidget.socialboards.com/messenger-child/runtime-es2015.3d64d47320fdb64a7295.js	2.6 kB	2023-03-08	2023-03-17
Pretty URL magicwidget.socialboards.com/messenger-child/runtime-es2015.3d64d47320fdb64a7295.js IP 23.101.67.245 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:51 Last Seen2023-03-17 12:35:56 Times Seen1 Hash ef324cc81bdff7293b37855e31c2b591 6ea3611aa3f3167d8aecd1bdc11410097a46538a 01e1c1ddbd64ea5fa8600d69d3563da486145c3ca68d5c732daec9c9ad06345d Loading...

	magicwidget.socialboards.com/messenger-child/common-es2015.9d67d5553b51a0d9f584.js	17 kB	2023-03-08	2023-03-25
Pretty URL magicwidget.socialboards.com/messenger-child/common-es2015.9d67d5553b51a0d9f584.js IP 23.101.67.245 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:51 Last Seen2023-03-25 22:31:18 Times Seen2 Hash 6920d2f2099c462a6b90de61b1ea0124 e23b87254732ef9a23ab6d50dd686482cfbcd40f be7daa33873474a86b7c3ecac69decb55acc5cc2ef61eb40d183747de91f18e0 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html	2.3 kB	2023-03-07	2023-03-17
Pretty URL vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html IP 143.204.55.105 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:41 Last Seen2023-03-17 12:55:02 Times Seen1 Hash d92066afca578ed14865977d9feac035 2272d154325335dd33ffed8b26929039c6561771 fc200422a2125ba3391e529347524b6596dc8eb4cbb545e7db65ecde73f5bb28 Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 06:18:30 Times Seen36969779 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	my.postnord.no/customer-service	365 B	2023-03-08	2023-03-08
Pretty URL my.postnord.no/customer-service IP 16.170.70.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:51 Last Seen2023-03-08 07:42:00 Times Seen1 Hash 832a77e6285c11cf1bfa54b6ef690ff5 1cbd8eb6d4d6cd7796d55937b7ac52d755f5cacc 0773adad314f58dc7150c02b06f9797f2c1b255db6f35c66f5960a7be8c30c0a Loading...

	widget.postnord.no/js/BookingV2.js	146 kB	2023-03-08	2023-03-08
Pretty URL widget.postnord.no/js/BookingV2.js IP 13.48.89.205 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:51 Last Seen2023-03-08 07:42:00 Times Seen1 Hash 1eb2641b5ebc44f6e04c06cefb650e50 27a09cf2a236388ecf18cd4ca3208253d349e8e9 380205c4386fd403211e1d56b54cba2a63b18d8a6cd809bf7cea4c01fc9f680f Loading...

	magicwidget.socialboards.com/magic-widget.js	108 kB	2023-03-08	2023-03-25
Pretty URL magicwidget.socialboards.com/magic-widget.js IP 23.101.67.245 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:51 Last Seen2023-03-25 22:31:18 Times Seen2 Hash ae94a1648abf13083f1efbd98703369d 4fcd922e0526921d798d37b74172637c76caab05 67783e58164703ab56815f535b5b33b04959a6da3d1f382b2f811fe2f4c19008 Loading...

	my.postnord.no/customer-service	23 kB	2023-03-08	2023-03-08
Pretty URL my.postnord.no/customer-service IP 16.170.70.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:51 Last Seen2023-03-08 07:42:00 Times Seen1 Hash 6e31d8398e451536078c4e1ecc459880 71bfbbdccd7e1ce0dc92bd30acf4b40b67d0aef3 05494763b55ae1a3a50346400f38f972b63c9457340e90846a7b2b38c53f8c70 Loading...

	cdn.cookielaw.org/scripttemplates/5.12.0/otBannerSdk.js	390 kB	2023-03-08	2024-04-15
Pretty URL cdn.cookielaw.org/scripttemplates/5.12.0/otBannerSdk.js IP 104.16.149.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:51 Last Seen2024-04-15 08:06:26 Times Seen17 Hash 5fc7ac99185e8c676b77ed89ef78df9b a7c0ef34e4432913e39f5ad5aad1a677140ff9fd 37a6555c40beb95044f38f03904a914fd7bd4464f505bd9d8e45b803b66219e7 Loading...

	magicwidget.socialboards.com/messenger-child/scripts.055465a09bcb16546afd.js	510 kB	2023-03-08	2023-03-08
Pretty URL magicwidget.socialboards.com/messenger-child/scripts.055465a09bcb16546afd.js IP 23.101.67.245 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:51 Last Seen2023-03-08 03:10:51 Times Seen1 Hash f2ee40f29dee218e06a8d35f91a324eb ec5a4f4e436818910ec978845ad11cda307bca3a c993c278b7d2bf0a577c35f0145458347f4d42f61846fa6c70a624feca79933b Loading...

	magicwidget.socialboards.com/messenger-child/13-es2015.1db707ef88438c57a032.js	20 kB	2023-03-08	2023-03-25
Pretty URL magicwidget.socialboards.com/messenger-child/13-es2015.1db707ef88438c57a032.js IP 23.101.67.245 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:51 Last Seen2023-03-25 22:31:18 Times Seen2 Hash 6dd64efbf0c783d74595bf37fddee5d1 4f8cba9232589cef20d43bf1ca002ab920d7cf58 ecb7e75d1c7fd9c10602da04f8f56df8f959d7dbe8a7e495e4460f7e6f010103 Loading...

	magicwidget.socialboards.com/messenger-child/15-es2015.e51e8620a54bc0822b67.js	5.3 kB	2023-03-08	2023-03-25
Pretty URL magicwidget.socialboards.com/messenger-child/15-es2015.e51e8620a54bc0822b67.js IP 23.101.67.245 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:51 Last Seen2023-03-25 22:31:18 Times Seen2 Hash e908a7d439fecf6a9527c43bb3d94e8d 3266558408d9bd6f758d0b1a691ebed5101dcdfe 512d4a5ac58c72a4f20ec9cadd5d0b1af03a6a7c0f3f8028bc2622cdff9e8b4f Loading...

	widget.postnord.no/js/Payment.js	129 kB	2023-03-08	2023-03-08
Pretty URL widget.postnord.no/js/Payment.js IP 13.48.89.205 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:51 Last Seen2023-03-08 07:42:00 Times Seen1 Hash f49db1d36279762401eccf16785118b8 2c639acbe779666c31440f48ba8a2ed65d6c8396 71b8fbcb310e6f49df156fcc770d5334a999af113a0aab9008eb8076eb3f1344 Loading...

	postnord.humany.net/no---postnord-no-site-floating/widgets.js	673 kB	2023-03-08	2023-03-08
Pretty URL postnord.humany.net/no---postnord-no-site-floating/widgets.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:51 Last Seen2023-03-08 03:10:51 Times Seen1 Hash 16353f5fb7eba5e4b7c6a05fcbb6eb5d dbbbe38dc0e4b088bb9b58ed55843f466a6f2fd0 e895578094dac26f6f8f66e5ddf698f44e2862cec2299d980c73e3156a08c57e Loading...

	magicwidget.socialboards.com/messenger-child/11-es2015.98a01848d45efc16b6ef.js	58 kB	2023-03-08	2023-03-17
Pretty URL magicwidget.socialboards.com/messenger-child/11-es2015.98a01848d45efc16b6ef.js IP 23.101.67.245 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:51 Last Seen2023-03-17 12:35:56 Times Seen1 Hash bfdcd11ba0f12f25eb1b43757c2c6431 36234347af8a8f996cadca12520ccbc073b35c98 37c27964b6e701f2a802176c5bda2f081c59d0976689d8a26708e1688499ef23 Loading...

	magicwidget.socialboards.com/messenger-child/14-es2015.47cddb5baf30cd54c401.js	25 kB	2023-03-08	2023-03-25
Pretty URL magicwidget.socialboards.com/messenger-child/14-es2015.47cddb5baf30cd54c401.js IP 23.101.67.245 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:51 Last Seen2023-03-25 22:31:18 Times Seen2 Hash 0d6e6e950105a653a7b57eab507399b1 1f2478141bea6e5e70229e5c73e9dd844244d3ee ccd6e4346a9484dae99f9af4b1eb43fcd553a61ad3cfeb677bb5dc80a76ba4f0 Loading...

HTTP Transactions (86)

URL IP Response Size

www.postnord.no/kundeservice

104.18.38.9

301 Moved Permanently

159 B

URL HTTP/1.1
www.postnord.no/kundeservice
IP
104.18.38.9:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
159 B (159 bytes)
Hash
134cde57ce2051a7f4be69606228c7ef
1064b2f56a3dc58e492cabf4ddf208e5859f2cf6
5e3075e1f8bee5aec0d48886bbb93f3a09584370091d3cffc23dc0eb7f26faa9

HTTP Headers

GET /kundeservice HTTP/1.1
Host: www.postnord.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Sep 2022 18:43:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 159
Connection: keep-alive
Location: https://www.postnord.no/kundeservice
Set-Cookie: ARRAffinity=abd7c4840ba964924efab1042419df7a54898eed822d8ed3e504734b7322b016;Path=/;HttpOnly;Domain=www.postnord.no
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751ea0a659aab515-OSL

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 18:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UJW_AhxiatygN23fFYvd3_4bZtfnwWD5Y2b-SgSH7iftDVWU9wK3Aw==
Age: 1697

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
490c003436e215e91596f285fcba92f5
0c4c9a5802e7cdb699f4918c252dbdf8431c25ec
9fe6beb1cb3851018168765a243b6de69ec71d30770f8c2dcc57cae7d9978cc1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FE6BEB1CB3851018168765A243B6DE69EC71D30770F8C2DCC57CAE7D9978CC1"
Last-Modified: Wed, 28 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5622
Expires: Wed, 28 Sep 2022 20:17:38 GMT
Date: Wed, 28 Sep 2022 18:43:56 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OR5I6jKwYUYSubFHfBxYEoVxLJ4A-k-eYkS2olDMPp9s4xXJmcSguw==
age: 47730
X-Firefox-Spdy: h2

www.postnord.no/kundeservice

172.64.149.247

301 Moved Permanently

163 B

URL HTTP/2
www.postnord.no/kundeservice
IP
172.64.149.247:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
163 B (163 bytes)
Hash
ba64cfe9bc98a362cd6d0675dad73ead
465eb4e7c6053764804b8e07ea13b36464739f06
5720aa3ea6a5d4d6c9244e2ffccba351ee798ae892b051366e3c42d0a342c7f6

HTTP Headers

GET /kundeservice HTTP/1.1
Host: www.postnord.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Wed, 28 Sep 2022 18:43:56 GMT
content-type: text/html; charset=utf-8
content-length: 163
location: https://my.postnord.no/privat/customer-service
access-control-expose-headers: Request-Context
cache-control: no-cache
expires: -1
pragma: no-cache
request-context: appId=cid-v1:52451d68-9d0b-40cc-963e-f52e97d476f1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin
set-cookie: .ASPXANONYMOUS=F05l9CtUFHHKLXr4eQ5pIDti4aMITbNo9o5sOSVZcWGnj6T95fooptnQQPyWQBXraOnILHR81Brc5guM-QySzi0TN3I0XJZP7kJDN4QnBp9gyPaHPaMg-z_9ESJ1a1XssJ1V9QUR-BdPDsQGOGkJFQ2; expires=Wed, 07-Dec-2022 05:23:56 GMT; path=/; HttpOnly
ARRAffinity=abd7c4840ba964924efab1042419df7a54898eed822d8ed3e504734b7322b016;Path=/;HttpOnly;Secure;Domain=www.postnord.no
ARRAffinitySameSite=abd7c4840ba964924efab1042419df7a54898eed822d8ed3e504734b7322b016;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.postnord.no
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751ea0a86bffb4ee-OSL
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:43:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
73c9f38816a33a048d29c982753a7219
94b74d72dcbdbe794d9898c4ceb9a1cdf751df51
347b4f8031a1d4a8f41c40095a2f4cdae56364d3696e6852810f50b79bd299b7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:43:57 GMT
Last-Modified: Wed, 28 Sep 2022 17:24:53 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3IAAQ4hKWwpvrSuVheXWJjLUbZxBCD6jVykMah8oSZV-X2n-61PCRg==
Age: 4744

my.postnord.no/privat/customer-service

16.170.70.26

301 Moved Permanently

314 B

URL HTTP/2
my.postnord.no/privat/customer-service
IP
16.170.70.26:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
314 B (314 bytes)
Hash
fe3dcc4ea5e2e12c903f06fe976be637
dd6e97e166c73a016bfe0f9cff8c00459dbdcb39
26be600ca30c273714176264dc5820674fddb76273f017147fba60fa2d7b0f53

HTTP Headers

GET /privat/customer-service HTTP/1.1
Host: my.postnord.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: awselb/2.0
content-type: text/html; charset=UTF-8
content-length: 314
location: https://my.postnord.no/customer-service
set-cookie: postnord_session=eyJpdiI6InVER2FlWnNKQ1VDaVlaVWlDU2pLdVE9PSIsInZhbHVlIjoiS0hTSVdtbUNxNm5WOHY1Zk5WUW0yQU1jWTJ6c0FMeHZaV2syT1l5V09NLys1M3JtTVUxaHR5cWZoMk1ScUFTbGFnd2lDcWFXSmNIaHViTEgxNUdaSFBwa0JnMnRFTCtlZitZeC9HUThienVNOUk0ZTZZN01COWZ5Z1d5dkRqdHgiLCJtYWMiOiIxZmY5OGUzZWFlM2I4MTZlOGUxZjRhMzJjYWFhZTUzNTdkZDI3YTdhZWRiNmFiZWI0ZTk5OTBiODBkODJjZjAxIiwidGFnIjoiIn0%3D; expires=Thu, 30-Mar-2023 09:37:57 GMT; Max-Age=15778440; path=/; secure; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6InhIYk5kalJObFdvaDczR2FaaENpdWc9PSIsInZhbHVlIjoiVlUyVytDVzJFZHNTY1VISkY5ckkzVjkyNHIyNFVrMXNYczBIaURkeW93c2JBVXBmQ0FNQW5OZjZrR2JTc2ZuTnhhSFBESXBNNHltQXBDZ2wra1FwYjlXd2p0Y0d3NEd2eUwvSktrNHp6aGg5dkZuY09RQzdHWE1lVy9OeUpVVTYiLCJtYWMiOiJmMWEzMTJjZmVlMmMwNGFlMGRlZmY2OTA1YTYxN2UxNGY1NTFmZWZhNjI4YTAzZWM0ZWJkZTM2Y2RjNTYyMTA4IiwidGFnIjoiIn0%3D; expires=Thu, 30-Mar-2023 09:37:57 GMT; Max-Age=15778440; path=/; secure; samesite=lax
date: Wed, 28 Sep 2022 18:43:57 GMT
X-Firefox-Spdy: h2

my.postnord.no/customer-service

16.170.70.26

200 OK

26 kB

URL HTTP/2
my.postnord.no/customer-service
IP
16.170.70.26:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (17359)
Size
26 kB (25558 bytes)
Hash
fb2695907b12cf8a645be0e0ae818d65
c2c4a252fa34a379f338780d9bb1e40e0ef4d5c8
d5429410112769e2417ee44d0259a700d7c6dd12ce5df8786470cab912a2833a

HTTP Headers

GET /customer-service HTTP/1.1
Host: my.postnord.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: postnord_session=eyJpdiI6InVER2FlWnNKQ1VDaVlaVWlDU2pLdVE9PSIsInZhbHVlIjoiS0hTSVdtbUNxNm5WOHY1Zk5WUW0yQU1jWTJ6c0FMeHZaV2syT1l5V09NLys1M3JtTVUxaHR5cWZoMk1ScUFTbGFnd2lDcWFXSmNIaHViTEgxNUdaSFBwa0JnMnRFTCtlZitZeC9HUThienVNOUk0ZTZZN01COWZ5Z1d5dkRqdHgiLCJtYWMiOiIxZmY5OGUzZWFlM2I4MTZlOGUxZjRhMzJjYWFhZTUzNTdkZDI3YTdhZWRiNmFiZWI0ZTk5OTBiODBkODJjZjAxIiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6InhIYk5kalJObFdvaDczR2FaaENpdWc9PSIsInZhbHVlIjoiVlUyVytDVzJFZHNTY1VISkY5ckkzVjkyNHIyNFVrMXNYczBIaURkeW93c2JBVXBmQ0FNQW5OZjZrR2JTc2ZuTnhhSFBESXBNNHltQXBDZ2wra1FwYjlXd2p0Y0d3NEd2eUwvSktrNHp6aGg5dkZuY09RQzdHWE1lVy9OeUpVVTYiLCJtYWMiOiJmMWEzMTJjZmVlMmMwNGFlMGRlZmY2OTA1YTYxN2UxNGY1NTFmZWZhNjI4YTAzZWM0ZWJkZTM2Y2RjNTYyMTA4IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: awselb/2.0
content-type: text/html; charset=UTF-8
content-length: 25558
set-cookie: postnord_session=eyJpdiI6IlpyWjBQQ1owNFZHenBqL2tIcmwvRWc9PSIsInZhbHVlIjoiOHppUndJVk9xU2lHS3Rvb2FVVm5FbHUrb3dvM2JhVWY0M1ZCVkV1N2JhZGNiV1loSzluaEt6dkhVcnF6MVdhcWxiT2o3ZDdJRElSSzR3bC9NOUUxU1duRlF1SElqRFJORWFvTHErLzBBT3B2Mmp1ajJENHB1OS9qaDlPY1pzWmwiLCJtYWMiOiJiOTkwMTNjYTExODM4ZTAwYmY2OTljMDE4ODE1MDk5ZTZhZjJhMjQ4ZWRiODc3ZTdhMDIwYzViZDczYzM2ODM3IiwidGFnIjoiIn0%3D; expires=Thu, 30-Mar-2023 09:37:57 GMT; Max-Age=15778440; path=/; secure; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6IndMb0h0c1doWXlzeFhLSHZsY0hVSkE9PSIsInZhbHVlIjoiRVBpcm1qZFlyWlk0YXhRR1FYSjFYOXNYelBSMmZra2o5RVJ6VWhON3pGWm5JUzBhQkN2dFhqeTJHSmpZUjRWYXJsSnArMEJUTFZPbEVNYTdaQWl0OW10alM2SlNYeDBwdnlyM2pRd1d5QnNvaDk1ZmZybjk3UW5jaWVHVWx4bHUiLCJtYWMiOiJhZWQ0ZmE5NjNmOWRjNmYwMmExNjBlNWJjOWZmODAzZDJkNDMxOTIzNTQzYzY5ZjQ4YjI2ODM0NTE4MzAzZWVmIiwidGFnIjoiIn0%3D; expires=Thu, 30-Mar-2023 09:37:57 GMT; Max-Age=15778440; path=/; secure; samesite=lax
date: Wed, 28 Sep 2022 18:43:57 GMT
cache-control: no-cache, private
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 18:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 19:25:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jvGh3-PCyIKJCBP1ayBwUb9yf8VZDeR3rzrAUwJulS2IFLMgPrg0XA==
Age: 864

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ea0a0d044398ade016618b0305015185
025a1aab370c0983c9e2a4f45ca5c3fb7f78c662
111b5b3d3899618c7a6d7a1fb4c83d8a7449586749344e432779ef3b74d3bb09

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "111B5B3D3899618C7A6D7A1FB4C83D8A7449586749344E432779EF3B74D3BB09"
Last-Modified: Tue, 27 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2179
Expires: Wed, 28 Sep 2022 19:20:16 GMT
Date: Wed, 28 Sep 2022 18:43:57 GMT
Connection: keep-alive

dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/css/web.css?id=de37d6014bfa4106a04b2be81db15bcd

143.204.42.41

200 OK

14 kB

URL HTTP/2
dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/css/web.css?id=de37d6014bfa4106a04b2be81db15bcd
IP
143.204.42.41:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (59614)
Size
14 kB (14149 bytes)
Hash
b64dad0172e79f9d4e72adc1a2497906
a301f87dd1bf9cd87baa9666e15b857a27c04f8c
a8cea6109b13f0742faae5077d74256236f9c16690e0beef58ea419fa2ede582

HTTP Headers

GET /aae28833-6d00-44b7-a539-c38732613307/css/web.css?id=de37d6014bfa4106a04b2be81db15bcd HTTP/1.1
Host: dha7890ro75av.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
date: Wed, 28 Sep 2022 13:01:38 GMT
last-modified: Wed, 28 Sep 2022 13:00:28 GMT
etag: W/"e99d4a159557e061759e33b174804cff"
cache-control: public, max-age=31536000
expires: Fri, 28 Oct 2022 13:00:27 GMT
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tsj_Yl6GG6xNhf9j9MDFxO6_J1RiMybgWeTalSDS1oUHh8BBeyqhPg==
age: 20540
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/js/app.js?id=ebd1cf2a6cc361f6c03011db9d0420af

143.204.42.41

200 OK

358 kB

URL HTTP/2
dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/js/app.js?id=ebd1cf2a6cc361f6c03011db9d0420af
IP
143.204.42.41:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65475)
Size
358 kB (358282 bytes)
Hash
44b09214aebda6a78059fc64c6ba5955
84097f4f783eb7b0887e55997ccd9fbbe4fc3eb4
8c70385dc9b92257679355a5c67f0c59bb0910ac5c5b2045206273adc6bdf4e5

HTTP Headers

GET /aae28833-6d00-44b7-a539-c38732613307/js/app.js?id=ebd1cf2a6cc361f6c03011db9d0420af HTTP/1.1
Host: dha7890ro75av.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 28 Sep 2022 13:01:38 GMT
last-modified: Wed, 28 Sep 2022 13:00:28 GMT
etag: W/"ebd1cf2a6cc361f6c03011db9d0420af"
cache-control: public, max-age=31536000
expires: Fri, 28 Oct 2022 13:00:27 GMT
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jNuIvfCjITWq_srNItNZZ9c0hEDxXo-HITpPEdzAzhLjkUmjmgNTeA==
age: 20540
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-PVS3V3P

142.250.74.72

200 OK

66 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PVS3V3P
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3821)
Size
66 kB (66390 bytes)
Hash
2e584fb93beea4b66facb4b227ae3662
b80cfd8ba558d18e724a6d8a7796ecedce98b363
594390a5a31402aab1f16a177a2a01ebddf4e83abcf71c55488ab8539b9b6ea2

HTTP Headers

GET /gtm.js?id=GTM-PVS3V3P HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 18:43:57 GMT
expires: Wed, 28 Sep 2022 18:43:57 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/fonts/5d365b33b62a068149e5d48d44758000.woff2

143.204.42.41

200 OK

20 kB

URL HTTP/2
dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/fonts/5d365b33b62a068149e5d48d44758000.woff2
IP
143.204.42.41:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 19544, version 1.0\012- data
Size
20 kB (19544 bytes)
Hash
0ca671f6b3e067bea7d6cb963e27fce8
22ce3c28e48c7a3b04dd5219f88f91d7d9c1cd00
1c74779f71bd18c90c9b2cff9e37cc9a7a33f5bab55f9a31f9a6fa65f17d0e29

HTTP Headers

GET /aae28833-6d00-44b7-a539-c38732613307/fonts/5d365b33b62a068149e5d48d44758000.woff2 HTTP/1.1
Host: dha7890ro75av.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://dha7890ro75av.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 19544
date: Wed, 28 Sep 2022 13:01:52 GMT
last-modified: Wed, 28 Sep 2022 13:00:29 GMT
etag: "0ca671f6b3e067bea7d6cb963e27fce8"
cache-control: public, max-age=31536000
expires: Fri, 23 Sep 2022 14:46:30 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IdWkRSerO8vkuJ9meqvmOYl2A--VjfPTJ75WcpApLOnAp_c8a04Bwg==
age: 20526
access-control-allow-origin: *
X-Firefox-Spdy: h2

widget.postnord.no/js/Payment.js

13.48.89.205

200 OK

66 kB

URL HTTP/2
widget.postnord.no/js/Payment.js
IP
13.48.89.205:0
ASN
#16509 AMAZON-02

File type
data
Size
66 kB (66005 bytes)
Hash
e13c8dc56e07cad8023e4dba879b0723
f877bfec6ed4888821f483b51e81ef9053316e81
a01eacbe4a37bb20ce0d3fc6b6ea536e8659182acbc1afd923919991e2e5a9bc

HTTP Headers

GET /js/Payment.js HTTP/1.1
Host: widget.postnord.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:43:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 28 Sep 2022 12:39:17 GMT
vary: Accept-Encoding
etag: W/"63344075-1f7a0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/fonts/bb48b0140e7319bee58754f56053fd58.woff2

143.204.42.41

200 OK

20 kB

URL HTTP/2
dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/fonts/bb48b0140e7319bee58754f56053fd58.woff2
IP
143.204.42.41:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 19548, version 1.0\012- data
Size
20 kB (19548 bytes)
Hash
dfaf47d7ebee9779f0ffe295e7c81a00
4a5d6ddcf610f6df6a0d7dde48b47c581f5f90c1
b2faf98710e66736a36b57d7dca2b51dfb4c64014b7f29d2609dc5c87bdf267d

HTTP Headers

GET /aae28833-6d00-44b7-a539-c38732613307/fonts/bb48b0140e7319bee58754f56053fd58.woff2 HTTP/1.1
Host: dha7890ro75av.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://dha7890ro75av.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 19548
date: Wed, 28 Sep 2022 13:01:52 GMT
last-modified: Wed, 28 Sep 2022 13:00:29 GMT
etag: "dfaf47d7ebee9779f0ffe295e7c81a00"
cache-control: public, max-age=31536000
expires: Fri, 23 Sep 2022 14:46:30 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iJDK_siwMgO3vEXR1ddMcCiDHeCPbnJol1524PkxrQ3HhsemBvN9ww==
age: 20526
access-control-allow-origin: *
X-Firefox-Spdy: h2

dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/fonts/cc7d15845d209c2cb93163578183eb50.woff2

143.204.42.41

200 OK

21 kB

URL HTTP/2
dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/fonts/cc7d15845d209c2cb93163578183eb50.woff2
IP
143.204.42.41:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 20624, version 1.0\012- data
Size
21 kB (20624 bytes)
Hash
3130620dcb3f48b3413648394b9eaa04
396155740c82210fd0f537ddd2579a7188c8ed22
4aecda8fe28d40e75e166349dc3bbf1e48717776ff2de3c8898de81e60921cda

HTTP Headers

GET /aae28833-6d00-44b7-a539-c38732613307/fonts/cc7d15845d209c2cb93163578183eb50.woff2 HTTP/1.1
Host: dha7890ro75av.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://dha7890ro75av.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 20624
date: Wed, 28 Sep 2022 13:01:56 GMT
last-modified: Wed, 28 Sep 2022 13:00:29 GMT
etag: "3130620dcb3f48b3413648394b9eaa04"
cache-control: public, max-age=31536000
expires: Fri, 23 Sep 2022 14:46:30 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pyF80QHyRe5RKqjTDOopRDReg7dbXJG2tWBaM35_68HzbtIE7l4CHA==
age: 20522
access-control-allow-origin: *
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.80.175.197

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.80.175.197:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: im4/ReDVD4AJM/gxaevvkQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YwFwKfI1OJhbhMvjPUaylQbCNRc=

cdn.cookielaw.org/consent/f62058dd-7eca-44c7-ba9c-4bc160e43d23/f62058dd-7eca-44c7-ba9c-4bc160e43d23.json

104.16.149.64

200 OK

1.9 kB

URL HTTP/2
cdn.cookielaw.org/consent/f62058dd-7eca-44c7-ba9c-4bc160e43d23/f62058dd-7eca-44c7-ba9c-4bc160e43d23.json
IP
104.16.149.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (3385), with no line terminators
Size
1.9 kB (1878 bytes)
Hash
9583c51576393beeba2144ee54a41b20
6ee1c9c24b9d8964b7ee9d4ba2c007ac91325dce
97f878a6ce4de568a4db4eaa2fda06f45dcde9f9415145ae06f40e7317ddf3fb

HTTP Headers

GET /consent/f62058dd-7eca-44c7-ba9c-4bc160e43d23/f62058dd-7eca-44c7-ba9c-4bc160e43d23.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:57 GMT
content-type: application/x-javascript
content-length: 1878
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: lYPFFXY5O+66IUTuVKQbIA==
last-modified: Thu, 20 Feb 2020 07:01:42 GMT
etag: 0x8D7B5D2BD975FF2
x-ms-request-id: a0844c3f-f01e-00ad-3b15-b6f88c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 3446
expires: Wed, 28 Sep 2022 22:43:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 751ea0af3f46b500-OSL
X-Firefox-Spdy: h2

magicwidget.socialboards.com/magic-widget.js

23.101.67.245

200 OK

32 kB

URL HTTP/2
magicwidget.socialboards.com/magic-widget.js
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (54396)
Size
32 kB (31480 bytes)
Hash
b7b5ba6ee6cca14a80e3af4132427372
b9ad4faa6292113c8099a1fa7c60b4f360a05ba3
11dc4647ed9fbf81200b66f66b907a5f44a1acf1a3004cf7a2e8323cbfaa472b

HTTP Headers

GET /magic-widget.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:57 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "0c92643c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:11:06 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 31480
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/5.12.0/otBannerSdk.js

104.16.149.64

200 OK

94 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/5.12.0/otBannerSdk.js
IP
104.16.149.64:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65453)
Size
94 kB (94107 bytes)
Hash
eca938cea0a69412935b264ed69d70d5
bab9a363a0ab604dd744be5c248aec872d305f1f
c564513b67d70c7ee12b96822bba5dda07c57c1a750dce726b18fe4b391e7b05

HTTP Headers

GET /scripttemplates/5.12.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:58 GMT
content-type: application/javascript
content-length: 94107
content-encoding: gzip
content-md5: 7Kk4zqCmlBKTWyZO1p1w1Q==
last-modified: Fri, 21 Feb 2020 20:12:32 GMT
etag: 0x8D7B70A62368476
x-ms-request-id: 57eabcf7-601e-006f-1c6c-c47032000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 29795700
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 751ea0af99e5b509-OSL
X-Firefox-Spdy: h2

postnord.humany.net/no---postnord-no-site-floating/embed.js

40.127.196.56

200 OK

137 kB

URL HTTP/1.1
postnord.humany.net/no---postnord-no-site-floating/embed.js
IP
40.127.196.56:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (65363), with CRLF line terminators
Size
137 kB (136865 bytes)
Hash
20e790eb8e34956a9aa4f6d14e030b9d
5940eb76f485f69ef2a1e73f625d343840be72ad
a683db093ee3dff8f9963190db3e39b9804870ba477ee95d279f8f61743dc704

HTTP Headers

GET /no---postnord-no-site-floating/embed.js HTTP/1.1
Host: postnord.humany.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Date: Wed, 28 Sep 2022 18:43:57 GMT
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Encoding: gzip
Expires: Wed, 28 Sep 2022 18:48:37 GMT
Last-Modified: Wed, 28 Sep 2022 18:33:37 GMT
Set-Cookie: ARRAffinity=c52151406944a2cc6fe1552b9a9921858ee2ccb9175fa0a9873f56c3f57f19dd;Path=/;HttpOnly;Secure;Domain=postnord.humany.net
ARRAffinitySameSite=c52151406944a2cc6fe1552b9a9921858ee2ccb9175fa0a9873f56c3f57f19dd;Path=/;HttpOnly;SameSite=None;Secure;Domain=postnord.humany.net
Transfer-Encoding: chunked
Vary: Host,Accept-Encoding
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050
Strict-Transport-Security: max-age=31536000; includeSubdomains;

cdn.cookielaw.org/consent/f62058dd-7eca-44c7-ba9c-4bc160e43d23/79bb253c-4427-4e4e-b0df-55a3082ff686/sv.json

104.16.149.64

200 OK

5.4 kB

URL HTTP/2
cdn.cookielaw.org/consent/f62058dd-7eca-44c7-ba9c-4bc160e43d23/79bb253c-4427-4e4e-b0df-55a3082ff686/sv.json
IP
104.16.149.64:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1003)
Size
5.4 kB (5418 bytes)
Hash
f0fd7314eec15c1f7060eb3d457ea958
b74be3d0707ce18ef40686e01c8db1d480446b6b
6e9b794d4c6a4abed2028756a0bc774975498d5faf111215352fcf5e662f7009

HTTP Headers

GET /consent/f62058dd-7eca-44c7-ba9c-4bc160e43d23/79bb253c-4427-4e4e-b0df-55a3082ff686/sv.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.postnord.no/
Origin: https://my.postnord.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:58 GMT
content-type: application/x-javascript
content-length: 5418
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: 8P1zFO7BXB9wYOs9RX6pWA==
last-modified: Thu, 20 Feb 2020 07:01:52 GMT
etag: 0x8D7B5D2C3B5C726
x-ms-request-id: 48ea1a76-e01e-0135-742b-7630e6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 3351
expires: Wed, 28 Sep 2022 22:43:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 751ea0b0291ab500-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/5.12.0/assets/otCenterRounded.json

104.16.149.64

200 OK

2.7 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/5.12.0/assets/otCenterRounded.json
IP
104.16.149.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (6178)
Size
2.7 kB (2720 bytes)
Hash
f189fecc054cf03939aa91b3da1c2b33
8b7afe2e5397fdbaea6ac9b29bfa49f91a35cfa5
892cac771da806b05f9de6a18c66567eb15511724c535197b190bff51109e01a

HTTP Headers

GET /scripttemplates/5.12.0/assets/otCenterRounded.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.postnord.no/
Origin: https://my.postnord.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:58 GMT
content-type: application/json
content-length: 2720
content-encoding: gzip
content-md5: 8Yn+zAVM8Dk5qpGz2hwrMw==
last-modified: Fri, 21 Feb 2020 20:12:30 GMT
etag: 0x8D7B70A6119E1F9
x-ms-request-id: 7424ff8c-c01e-000f-7b0a-503510000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3447
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 751ea0b0ca07b500-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/5.12.0/assets/otPcCenter.json

104.16.149.64

200 OK

13 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/5.12.0/assets/otPcCenter.json
IP
104.16.149.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (29486)
Size
13 kB (13252 bytes)
Hash
e4d6e6e4308335eb285b94833e12742a
bf50980444e66849a80b449e7ebfee2966c6b28b
8236fa97b385a7dfde4ad31c9a54835374d6ffac761aea767093173267a027a8

HTTP Headers

GET /scripttemplates/5.12.0/assets/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.postnord.no/
Origin: https://my.postnord.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:58 GMT
content-type: application/json
content-length: 13252
content-encoding: gzip
content-md5: 5Nbm5DCDNesoW5SDPhJ0Kg==
last-modified: Fri, 21 Feb 2020 20:12:30 GMT
etag: 0x8D7B70A61028500
x-ms-request-id: 01fccc27-d01e-015b-1d0a-5099cf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3447
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 751ea0b0ca08b500-OSL
X-Firefox-Spdy: h2

magicwidgetapi.socialboards.com/api/chat/settings?communityName=postnord&widgetId=1577&language=1

13.95.82.181

200 OK

1.4 kB

URL HTTP/2
magicwidgetapi.socialboards.com/api/chat/settings?communityName=postnord&widgetId=1577&language=1
IP
13.95.82.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Size
1.4 kB (1409 bytes)
Hash
b324ef067b4c66045befbf3254c23cdf
cc388a58efc3c33db2cc8b741322ac4c4e0124ab
c2c876bef9e7e5529d0d5112f4ecc7d207145b735686a3190d0d46b09469399a

HTTP Headers

GET /api/chat/settings?communityName=postnord&widgetId=1577&language=1 HTTP/1.1
Host: magicwidgetapi.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Wed, 28 Sep 2022 18:43:57 GMT
server: Microsoft-IIS/10.0
access-control-allow-credentials: true
access-control-allow-origin: https://my.postnord.no
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
expires: -1
pragma: no-cache
vary: Accept-Encoding
content-length: 1409
X-Firefox-Spdy: h2

dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/images/favicon.ico

143.204.42.41

200 OK

1.2 kB

URL HTTP/2
dha7890ro75av.cloudfront.net/aae28833-6d00-44b7-a539-c38732613307/images/favicon.ico
IP
143.204.42.41:0
ASN
#16509 AMAZON-02

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
0c3f58aa8946665b0d8ba999153f57a4
9473a8724bcd4661b9b0ac457a4e6a19a60384aa
2f6d8b09a6a9b34c8d4462ccef35f8962cb6a4c36024f952f42d0acf92a0c13c

HTTP Headers

GET /aae28833-6d00-44b7-a539-c38732613307/images/favicon.ico HTTP/1.1
Host: dha7890ro75av.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
content-length: 1150
date: Wed, 28 Sep 2022 13:01:38 GMT
last-modified: Wed, 28 Sep 2022 13:00:29 GMT
etag: "0c3f58aa8946665b0d8ba999153f57a4"
cache-control: public, max-age=31536000
expires: Fri, 23 Sep 2022 14:46:30 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YiP0SYB_f0CftccmG3azkFZx-ZoGmZLK9iGOzQeF5ycaZGGhJwSMsA==
age: 20541
vary: Origin
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 18:41:09 GMT
expires: Wed, 28 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 169
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

postnord.humany.net/no---postnord-no-site-floating/widgets.css

40.127.196.56

200 OK

36 kB

URL HTTP/1.1
postnord.humany.net/no---postnord-no-site-floating/widgets.css
IP
40.127.196.56:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (25688), with CRLF line terminators
Size
36 kB (35573 bytes)
Hash
1851ae616feda5c433289ef50586aca2
dea919249499e7fe17b0ceeb0d34557b657d9939
4b5e85545e81dea632d72b47535489bb7a3b1ced72e2f172666615600937dc17

HTTP Headers

GET /no---postnord-no-site-floating/widgets.css HTTP/1.1
Host: postnord.humany.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Cookie: ARRAffinitySameSite=c52151406944a2cc6fe1552b9a9921858ee2ccb9175fa0a9873f56c3f57f19dd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 35573
Content-Type: text/css; charset=utf-8
Date: Wed, 28 Sep 2022 18:43:57 GMT
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Encoding: gzip
Expires: Wed, 28 Sep 2022 18:45:58 GMT
Last-Modified: Wed, 28 Sep 2022 18:30:58 GMT
Vary: Host,Accept-Encoding
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050
Strict-Transport-Security: max-age=31536000; includeSubdomains;

vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

143.204.55.105

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
IP
143.204.55.105:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Size
1.0 kB (1044 bytes)
Hash
f6a9ca04b0687ea3c0d98e8430c8c77b
35503b2deb23091a9a9c6c68d4020dbdf879588e
8e4328ecb6b395499567369e3c227231dbdaf361f43ce315934d7a2a3abbed41

HTTP Headers

GET /box-69edcc3187336f9b0a3fbb4c73be9fe6.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1044
date: Wed, 07 Sep 2022 09:17:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6pclISzDElqHcd2hbEgttLqY5O0SKMnHFMxAoUuwXluHJBoftmZV0Q==
age: 1848411
X-Firefox-Spdy: h2

postnord.humany.net/ClientLibraries/Supplementary/font-awesome-4.7.0/css/font-awesome.min.css

40.127.196.56

200 OK

7.0 kB

URL HTTP/1.1
postnord.humany.net/ClientLibraries/Supplementary/font-awesome-4.7.0/css/font-awesome.min.css
IP
40.127.196.56:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (30837), with CRLF line terminators
Size
7.0 kB (6995 bytes)
Hash
15d33c719df49446c289c6e00550afa8
a0bad7b2363db42c5c608d8603c43eca428b9eaa
e6bd735c29178ac0cda970532abd0b956954024cb898ab36bc246ffe295979b5

HTTP Headers

GET /ClientLibraries/Supplementary/font-awesome-4.7.0/css/font-awesome.min.css HTTP/1.1
Host: postnord.humany.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Cookie: ARRAffinitySameSite=c52151406944a2cc6fe1552b9a9921858ee2ccb9175fa0a9873f56c3f57f19dd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 6995
Content-Type: text/css
Date: Wed, 28 Sep 2022 18:43:57 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Content-Encoding: gzip
ETag: "05eb1f58fd1d81:0"
Last-Modified: Mon, 26 Sep 2022 10:08:44 GMT
Vary: Accept-Encoding
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050
Strict-Transport-Security: max-age=31536000; includeSubdomains;

magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true

23.101.67.245

200 OK

716 B

URL HTTP/2
magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (520), with CRLF line terminators
Size
716 B (716 bytes)
Hash
54ca50d070af84b994ad9728282b7c1d
db7db63b904ff57835a1616e709f91049f1e9146
d4ca326169147992b3c376345863109e12ab79ba0f3cb479b42f573f8c62ba1d

HTTP Headers

GET /messenger-child/index.html?isWidgetMode=true HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "453e4ecbc2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:54 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 716
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-2228782.js?sv=7

54.230.111.8

200 OK

34 kB

URL HTTP/2
static.hotjar.com/c/hotjar-2228782.js?sv=7
IP
54.230.111.8:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3790)
Size
34 kB (34161 bytes)
Hash
6f0f2269d480cd2b409474838128501c
df8def6cb481515625b6964336b04322ea0fd16d
3d36ed44ed326e0b93847046c59a73c8a001d45e327f037cbceded9440ec6991

HTTP Headers

GET /c/hotjar-2228782.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 28 Sep 2022 18:43:04 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/85b43508fd87453806bd4d65e4728696
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oBHaxU305ghKXWZ0WeV9lIcRAVGfIlctmwFPSQND9Am5zQZ6yCzvoA==
age: 54
X-Firefox-Spdy: h2

magicwidget.socialboards.com/messenger-child/runtime-es2015.3d64d47320fdb64a7295.js

23.101.67.245

200 OK

1.7 kB

URL HTTP/2
magicwidget.socialboards.com/messenger-child/runtime-es2015.3d64d47320fdb64a7295.js
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (2551), with no line terminators
Size
1.7 kB (1688 bytes)
Hash
1011efd7e2d6d6fea3897a226ed5e0e3
6a5ec9304777cb0b946eefeb390a15589b8abade
93d8505a153afb496feddfa4314e5814723ce4abe2ad5821d4293ed87b55d200

HTTP Headers

GET /messenger-child/runtime-es2015.3d64d47320fdb64a7295.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "ce8cc2aec2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:06 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 1688
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

magicwidget.socialboards.com/messenger-child/polyfills-es2015.68c57873205f360e1278.js

23.101.67.245

200 OK

110 kB

URL HTTP/2
magicwidget.socialboards.com/messenger-child/polyfills-es2015.68c57873205f360e1278.js
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
110 kB (109537 bytes)
Hash
227f427bfa4a8fce62aba5ec58ae58a4
49053f290d407eb5b442bb6c49660812062efda8
67254dca51e6ea93fe761f12a3643bc81b3fe38f92edaffd698d507f7e558941

HTTP Headers

GET /messenger-child/polyfills-es2015.68c57873205f360e1278.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "803f30b6c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:19 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 109537
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

script.hotjar.com/modules.cf44a0a6b448df1b035e.js

143.204.55.40

200 OK

66 kB

URL HTTP/2
script.hotjar.com/modules.cf44a0a6b448df1b035e.js
IP
143.204.55.40:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48714)
Size
66 kB (66148 bytes)
Hash
5f131c93ccff63ccc86d0067d0eebf99
a599898399783be0db5f757c043b828a0726deec
91980f4223c639c3849139a6e692ccf10310f0b57d74b403198af020fc7398a2

HTTP Headers

GET /modules.cf44a0a6b448df1b035e.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 66148
date: Wed, 28 Sep 2022 11:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5f131c93ccff63ccc86d0067d0eebf99"
last-modified: Wed, 28 Sep 2022 11:36:53 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aP131D7M2BaP9QUz6JjTNFahDN-U3yC_nmp2EB-I8TzHXr54lz9ZUQ==
age: 25612
X-Firefox-Spdy: h2

magicwidget.socialboards.com/messenger-child/main-es2015.e1eb2d305e1ca8f18089.js

23.101.67.245

200 OK

292 kB

URL HTTP/2
magicwidget.socialboards.com/messenger-child/main-es2015.e1eb2d305e1ca8f18089.js
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
292 kB (291572 bytes)
Hash
fe810779cd1279b9228f76ca2f885bbc
8ead5402dd893f2ed281a058d301230781fad895
c887530b048f9a7eaa598c2416a29c1bcde84185290788247fcfc5c333ed91cc

HTTP Headers

GET /messenger-child/main-es2015.e1eb2d305e1ca8f18089.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "079aac8c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:50 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 291572
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1eefefb3b607aa38e387d21186006d42
f1878481dff39afc79564dca4f6939a4b81f5ea7
b9011e095634ed695f18b8b901e89d2be93d84b5f25f812e8f665da588858810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.google-analytics.com/g/collect?v=2&tid=G-20V02L7V00&gtm=2oe9q0&_p=400717080&cid=2041891980.1664390635&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664390635&sct=1&seg=0&dl=https%3A%2F%2Fmy.postnord.no%2Fcustomer-service&dt=Kundeservice%20-%20PostNord&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-20V02L7V00&gtm=2oe9q0&_p=400717080&cid=2041891980.1664390635&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664390635&sct=1&seg=0&dl=https%3A%2F%2Fmy.postnord.no%2Fcustomer-service&dt=Kundeservice%20-%20PostNord&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-20V02L7V00&gtm=2oe9q0&_p=400717080&cid=2041891980.1664390635&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664390635&sct=1&seg=0&dl=https%3A%2F%2Fmy.postnord.no%2Fcustomer-service&dt=Kundeservice%20-%20PostNord&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://my.postnord.no
date: Wed, 28 Sep 2022 18:43:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

magicwidget.socialboards.com/messenger-child/assets/i18n/nb.json?1.0.0

23.101.67.245

200 OK

1.7 kB

URL HTTP/2
magicwidget.socialboards.com/messenger-child/assets/i18n/nb.json?1.0.0
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1681 bytes)
Hash
f084be0d958c682e2a2e4a64c3a53b9a
b238b53bbd0ee38a9b8817c9253f6a24677520f0
a5733d97a012a47c7b68ddee1edff26221a02adbe9895ae58f7dec915d5adacd

HTTP Headers

GET /messenger-child/assets/i18n/nb.json?1.0.0 HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "80bb2b6dc1c6d81:0"
last-modified: Mon, 12 Sep 2022 16:05:07 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 1681
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
538692a0cbeb2e09cd3af235e5553123
5a9231ebcec9889cf5b5e2450349ed4aee56fcbc
819ff8e41d20d247d0f4eaa714d072ad1a68e37eaba6fd663edea3ad1364998d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

apis.google.com/js/api.js

142.250.74.174

200 OK

5.6 kB

URL HTTP/2
apis.google.com/js/api.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2046)
Size
5.6 kB (5568 bytes)
Hash
f9f56458a86b805c84a23e08244dcfa8
2ba905db7f79dcf85f57c523016318bf6fd098dc
9835b481dd77d751336a2d6b2ca3ace4460177056d54633048621c960fec58ab

HTTP Headers

GET /js/api.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5568
date: Wed, 28 Sep 2022 18:43:59 GMT
expires: Wed, 28 Sep 2022 18:43:59 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "60d555d47999b4e8"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3946
Expires: Wed, 28 Sep 2022 19:49:45 GMT
Date: Wed, 28 Sep 2022 18:43:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3946
Expires: Wed, 28 Sep 2022 19:49:45 GMT
Date: Wed, 28 Sep 2022 18:43:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3946
Expires: Wed, 28 Sep 2022 19:49:45 GMT
Date: Wed, 28 Sep 2022 18:43:59 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8500 bytes)
Hash
6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 75416
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13213 bytes)
Hash
62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rV80hKsopWPf_A8hKw0kwTOjVN4Bq-5f8oXDP2wluyGwof5yXFe2Bw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:42:47 GMT
age: 75672
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13299 bytes)
Hash
ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KmVkKXoPqZmnwFtpKhuox1kJNDoSxMEmYE39_zVPyaeoU4sPqq-_wA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:23 GMT
age: 75576
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12016 bytes)
Hash
4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: y3DefdcXJyoDHpJXwz460gfWcv2JUboOFExNQmTFgy30B4mn54Xvuw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:30 GMT
age: 75569
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14464 bytes)
Hash
aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 6627e07e-034b-432e-ab9e-afe035fa0b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e9HgIoAMFxUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7f34c3f6454379724a7ac413;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: J27vcANRhkMUuGwTZjXkO0EF0-UjN-MODVQRKgsc7hJI2S-UPF8Ctw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:53 GMT
age: 75786
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7455 bytes)
Hash
ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Di1kDUlYEc1rv31fHM-OquU_W_LggEzDCTVME5iFJ5KffZcQyN6i2A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:31:39 GMT
age: 40340
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

postnord.humany.net/kundservice-inline/guides?client=8e0e5876-4b9d-6fd7-7624-3fb77ba25386&funnel=kundservice-inline&site=http%3A%2F%2Fmy.postnord.no%2Fcustomer-service&categories=&phrase=&skip=0&take=5

40.127.196.56

200 OK

1.0 kB

URL HTTP/1.1
postnord.humany.net/kundservice-inline/guides?client=8e0e5876-4b9d-6fd7-7624-3fb77ba25386&funnel=kundservice-inline&site=http%3A%2F%2Fmy.postnord.no%2Fcustomer-service&categories=&phrase=&skip=0&take=5
IP
40.127.196.56:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (2278), with no line terminators
Size
1.0 kB (1039 bytes)
Hash
c9a002a662f59209126723c26d4dac8a
a7dd9298916265cf87e2932955a669007604ca9e
7e37c683ff6bf87815a745a926c781aa8bb093a4d6785ff7766a8b0165dbc05e

HTTP Headers

POST /kundservice-inline/guides?client=8e0e5876-4b9d-6fd7-7624-3fb77ba25386&funnel=kundservice-inline&site=http%3A%2F%2Fmy.postnord.no%2Fcustomer-service&categories=&phrase=&skip=0&take=5 HTTP/1.1
Host: postnord.humany.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.postnord.no/
Origin: https://my.postnord.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Wed, 28 Sep 2022 18:43:58 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Content-Encoding: gzip
Expires: -1
Pragma: no-cache
Set-Cookie: ARRAffinity=bc8f9f0257500901a71d8bb509bda65a70da8abe3582d417b2f4eb67370855ff;Path=/;HttpOnly;Secure;Domain=postnord.humany.net
ARRAffinitySameSite=bc8f9f0257500901a71d8bb509bda65a70da8abe3582d417b2f4eb67370855ff;Path=/;HttpOnly;SameSite=None;Secure;Domain=postnord.humany.net
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Humany-Identities: 20886,16468,20883
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050
Strict-Transport-Security: max-age=31536000; includeSubdomains;

postnord.humany.net/kundservice-inline/categories?client=8e0e5876-4b9d-6fd7-7624-3fb77ba25386&funnel=kundservice-inline&site=http%3A%2F%2Fmy.postnord.no%2Fcustomer-service&phrase=

40.127.196.56

200 OK

560 B

URL HTTP/1.1
postnord.humany.net/kundservice-inline/categories?client=8e0e5876-4b9d-6fd7-7624-3fb77ba25386&funnel=kundservice-inline&site=http%3A%2F%2Fmy.postnord.no%2Fcustomer-service&phrase=
IP
40.127.196.56:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (1809), with no line terminators
Size
560 B (560 bytes)
Hash
614105e41c21b6d61a437a4cfdbd9454
f840ec6cba11d1182e9b43484fef1c15bcd68505
988f879b71ed06f0dd80c8aad9e323e2f8b70df4c26dd9a6ab87a1a17fa2a54e

HTTP Headers

GET /kundservice-inline/categories?client=8e0e5876-4b9d-6fd7-7624-3fb77ba25386&funnel=kundservice-inline&site=http%3A%2F%2Fmy.postnord.no%2Fcustomer-service&phrase= HTTP/1.1
Host: postnord.humany.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.postnord.no/
Origin: https://my.postnord.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Wed, 28 Sep 2022 18:43:58 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Content-Encoding: gzip
Expires: -1
Pragma: no-cache
Set-Cookie: ARRAffinity=05c47e3daddcef2e784bcc948c75231c3ac8e5887a2310ce253d250cf2bac8d2;Path=/;HttpOnly;Secure;Domain=postnord.humany.net
ARRAffinitySameSite=05c47e3daddcef2e784bcc948c75231c3ac8e5887a2310ce253d250cf2bac8d2;Path=/;HttpOnly;SameSite=None;Secure;Domain=postnord.humany.net
Transfer-Encoding: chunked
Vary: Accept-Encoding
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050
Strict-Transport-Security: max-age=31536000; includeSubdomains;

master.socialboards.com/api/customer

20.50.2.0

200 OK

0 B

URL HTTP/2
master.socialboards.com/api/customer
IP
20.50.2.0:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/customer HTTP/1.1
Host: master.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: community
Referer: https://magicwidget.socialboards.com/
Origin: https://magicwidget.socialboards.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
access-control-allow-credentials: true
access-control-allow-headers: community
access-control-allow-origin: https://magicwidget.socialboards.com
access-control-expose-headers: date
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2

master.socialboards.com/api/customer

20.50.2.0

200 OK

273 B

URL HTTP/2
master.socialboards.com/api/customer
IP
20.50.2.0:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , ASCII text, with CRLF line terminators
Size
273 B (273 bytes)
Hash
aac835de395194b904c69ae80bd68e85
1ba3a94f6ebee1a53941ea9d47b81f66c3263308
3edfcd7a5cd2f5774b4a947a76ee288065adad066bd445e58b639c054d296149

HTTP Headers

GET /api/customer HTTP/1.1
Host: master.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Community: postnord
Origin: https://magicwidget.socialboards.com
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
access-control-allow-credentials: true
access-control-allow-origin: https://magicwidget.socialboards.com
access-control-expose-headers: date
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
expires: -1
pragma: no-cache
vary: Accept-Encoding
content-length: 273
X-Firefox-Spdy: h2

postnord.humany.net/ClientLibraries/Supplementary/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

40.127.196.56

200 OK

77 kB

URL HTTP/1.1
postnord.humany.net/ClientLibraries/Supplementary/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
40.127.196.56:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /ClientLibraries/Supplementary/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: postnord.humany.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://postnord.humany.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 77160
Content-Type: font/woff2
Date: Wed, 28 Sep 2022 18:43:58 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
ETag: "05eb1f58fd1d81:0"
Last-Modified: Mon, 26 Sep 2022 10:08:44 GMT
Set-Cookie: ARRAffinity=bc73405f088a481bce9031c7b1fcb03c60435387299bbfcd3c3234768c74f51e;Path=/;HttpOnly;Secure;Domain=postnord.humany.net
ARRAffinitySameSite=bc73405f088a481bce9031c7b1fcb03c60435387299bbfcd3c3234768c74f51e;Path=/;HttpOnly;SameSite=None;Secure;Domain=postnord.humany.net
Request-Context: appId=cid-v1:831ee9a7-91cc-4475-975f-63abf1b59050
Strict-Transport-Security: max-age=31536000; includeSubdomains;

vc.hotjar.io/sessions/2228782?s=0.25&r=0.15019979087054214

54.230.111.8

204 No Content

0 B

URL HTTP/2
vc.hotjar.io/sessions/2228782?s=0.25&r=0.15019979087054214
IP
54.230.111.8:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sessions/2228782?s=0.25&r=0.15019979087054214 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zKcJqFc4z6KYo2OfWt5d8gDxWlxsHnTLr7Wj4b9wMY6LyqzLotBtYQ==
X-Firefox-Spdy: h2

magicwidget.socialboards.com/messenger-child/0-es2015.7ad77b58b91cb12bda32.js

23.101.67.245

200 OK

23 kB

URL HTTP/2
magicwidget.socialboards.com/messenger-child/0-es2015.7ad77b58b91cb12bda32.js
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
23 kB (22785 bytes)
Hash
ac1775d42f4b06024d243aeb004f9707
fde96f575b48882bb5b3fa58487fba9e4b4b70f2
71d81b067d66d73f39e78b6795e5082174eb5f3e548c15ee7048f6378dddb29b

HTTP Headers

GET /messenger-child/0-es2015.7ad77b58b91cb12bda32.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "04f35b3c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:14 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 22785
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

magicwidget.socialboards.com/messenger-child/5-es2015.7be231f6eca682455d4a.js

23.101.67.245

200 OK

6.1 kB

URL HTTP/2
magicwidget.socialboards.com/messenger-child/5-es2015.7be231f6eca682455d4a.js
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (24055), with no line terminators
Size
6.1 kB (6073 bytes)
Hash
e11509a6676456dd9f37aaa0869e4c35
14ab1f8a8951ba35526e3f30ab66b7b03a5b6cc6
033bc4aa624fe688fff5832669838b411ee15accca98fc817252f01b143fbe27

HTTP Headers

GET /messenger-child/5-es2015.7be231f6eca682455d4a.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "80e5cdb3c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:15 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 6073
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

magicwidget.socialboards.com/messenger-child/common-es2015.9d67d5553b51a0d9f584.js

23.101.67.245

200 OK

6.5 kB

URL HTTP/2
magicwidget.socialboards.com/messenger-child/common-es2015.9d67d5553b51a0d9f584.js
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (17353), with no line terminators
Size
6.5 kB (6489 bytes)
Hash
abd7b1b8f546f47c57c26069b44c3fee
ad5af6ede7e524ecb36fc09f9c7586ca79b79f44
a33ef2d219d3ffc8039deee15513f0e7cbd7d0a3b53cf1eab265b57b231ddff6

HTTP Headers

GET /messenger-child/common-es2015.9d67d5553b51a0d9f584.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "0c8a1afc2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:08 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 6489
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

magicwidget.socialboards.com/messenger-child/3-es2015.097569bfc1dafa2ed989.js

23.101.67.245

200 OK

46 kB

URL HTTP/2
magicwidget.socialboards.com/messenger-child/3-es2015.097569bfc1dafa2ed989.js
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
46 kB (46083 bytes)
Hash
429fae1e74a5dd1fa4c66cc7fc17083f
95c334086b549b880ae95d3935e810001ef92e1c
f93ec485d74bfa3fb52f2010ef6f5fce7afb2cdc4a5056d6061ac0d549b787b0

HTTP Headers

GET /messenger-child/3-es2015.097569bfc1dafa2ed989.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "8012ffb4c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:17 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 46083
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

magicwidget.socialboards.com/messenger-child/4-es2015.f4fce6d00906ce9a1417.js

23.101.67.245

200 OK

155 kB

URL HTTP/2
magicwidget.socialboards.com/messenger-child/4-es2015.f4fce6d00906ce9a1417.js
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
155 kB (154707 bytes)
Hash
d0d47b4655518ef240907b935a7ee5dc
a3ad92b9810ca0d5241054fc129e7a5d3f31d4de
cd55d540f7cd3a7f9bcd9dc94106c61dd740d761558382f4cfc111ae2550f58a

HTTP Headers

GET /messenger-child/4-es2015.f4fce6d00906ce9a1417.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "0b7bebcc2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:30 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 154707
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f457b92cc8ead600e5c297206466eff8
07dc558538848093c071d422f5f0df9885466df1
83bb44907eeb0602b45d29d12c65ffc60ded954d9751078fc958a4494b87fe70

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:43:59 GMT
Last-Modified: Wed, 28 Sep 2022 17:47:31 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LsHGYvwj-YzXihANgzl45yxu2ncPcdJYWrUee22cp0gz0ROP8z6-_g==
Age: 3388

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&gjid=1817203240&_gid=997634733.1664390636&_u=YADAAEAAAAAAAC~&z=115640565

64.233.165.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&gjid=1817203240&_gid=997634733.1664390636&_u=YADAAEAAAAAAAC~&z=115640565
IP
64.233.165.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&gjid=1817203240&_gid=997634733.1664390636&_u=YADAAEAAAAAAAC~&z=115640565 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://my.postnord.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 18:43:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&_u=YADAAEAAAAAAAC~&z=366233778

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&_u=YADAAEAAAAAAAC~&z=366233778
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&_u=YADAAEAAAAAAAC~&z=366233778 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 18:43:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&_u=YADAAEAAAAAAAC~&z=366233778

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&_u=YADAAEAAAAAAAC~&z=366233778
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-76623620-2&cid=2041891980.1664390635&jid=1442645153&_u=YADAAEAAAAAAAC~&z=366233778 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 18:43:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b7ed37e03b72b8da3fb7f6c476ae9a1f
c335157b42102c71f5431bc295b2b2542af781d4
66ad71fe8fc69a39c7852c1b8e1fe1308e8ccaf2a147ed1c3a6866d3b248f9a3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

magicwidget.socialboards.com/messenger-child/13-es2015.1db707ef88438c57a032.js

23.101.67.245

200 OK

5.1 kB

URL HTTP/2
magicwidget.socialboards.com/messenger-child/13-es2015.1db707ef88438c57a032.js
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (19480), with no line terminators
Size
5.1 kB (5075 bytes)
Hash
ec6f13c45d93ebb2584acfeb202af710
2132efe252607e79ef7f5b2509fbfe990343e1b4
9cba8c8ef5fb014f483dd030d926762cbd9ffc93ca62da32ab22b3f7c726347a

HTTP Headers

GET /messenger-child/13-es2015.1db707ef88438c57a032.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "0f5d2b0c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:10 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 5075
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

magicwidget.socialboards.com/messenger-child/11-es2015.98a01848d45efc16b6ef.js

23.101.67.245

200 OK

11 kB

URL HTTP/2
magicwidget.socialboards.com/messenger-child/11-es2015.98a01848d45efc16b6ef.js
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (57923), with no line terminators
Size
11 kB (10699 bytes)
Hash
80b96941a0500d28472e0f667069cd76
81be0a24e5780f7c817a3fa5e48d26a501dc35ef
d527bdb5d9bbaaf37c24f3a4d457796f4e839bca3eaf47af50a9374858234953

HTTP Headers

GET /messenger-child/11-es2015.98a01848d45efc16b6ef.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "80a7b9bfc2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:35 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 10699
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

magicwidget.socialboards.com/messenger-child/14-es2015.47cddb5baf30cd54c401.js

23.101.67.245

200 OK

6.5 kB

URL HTTP/2
magicwidget.socialboards.com/messenger-child/14-es2015.47cddb5baf30cd54c401.js
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (25205), with no line terminators
Size
6.5 kB (6527 bytes)
Hash
2b42d4d0b33212a790bbfd74c8d0bb01
ff05d4637a095f3884677e43a7a9c6b96a2263b9
117bc346c2499e5229d6bd3742c5677b9b75940cade6fcb6d1efa8dc98f7c4a0

HTTP Headers

GET /messenger-child/14-es2015.47cddb5baf30cd54c401.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "03e52c0c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:36 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 6527
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

magicwidget.socialboards.com/messenger-child/15-es2015.e51e8620a54bc0822b67.js

23.101.67.245

200 OK

1.8 kB

URL HTTP/2
magicwidget.socialboards.com/messenger-child/15-es2015.e51e8620a54bc0822b67.js
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (5321), with no line terminators
Size
1.8 kB (1829 bytes)
Hash
d48b9ac2bf53961535b75907cecd3a5a
e641f63af51960e6c93c7f67c5a70729e172e8b5
e2d5b97866a8a096b7428214512fb33578199b805ae87ec780560c3721f832b2

HTTP Headers

GET /messenger-child/15-es2015.e51e8620a54bc0822b67.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "805e3ab0c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:09 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 1829
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

magicwidget.socialboards.com/messenger-child/12-es2015.24b517fd8699765c9d6b.js

23.101.67.245

200 OK

2.2 kB

URL HTTP/2
magicwidget.socialboards.com/messenger-child/12-es2015.24b517fd8699765c9d6b.js
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (7050), with no line terminators
Size
2.2 kB (2198 bytes)
Hash
3fd61c2793c7231b9c511529c2838519
c81ed754f6c7de07d87f208e3aed7d05503f37d4
a3b67269da8d51123feb8c4b4917ddb22bc096c8a693071b0150d297962e7d40

HTTP Headers

GET /messenger-child/12-es2015.24b517fd8699765c9d6b.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:59 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "805e3ab0c2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:09 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 2198
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

privacyportal-de.onetrust.com/request/v1/consentreceipts

172.64.146.158

200 OK

0 B

URL HTTP/2
privacyportal-de.onetrust.com/request/v1/consentreceipts
IP
172.64.146.158:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Generic/Spear Phishing

HTTP Headers

OPTIONS /request/v1/consentreceipts HTTP/1.1
Host: privacyportal-de.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://my.postnord.no/
Origin: https://my.postnord.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:44:05 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
access-control-allow-headers: content-type
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 751ea0deeb5ab4e8-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/otSDKStub.js

104.16.149.64

200 OK

0 B

URL HTTP/2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP
104.16.149.64:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:57 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: zvDmpz9S9y5z1XhncmOZ/w==
last-modified: Wed, 28 Sep 2022 12:10:07 GMT
etag: 0x8DAA14A6206707D
x-ms-request-id: a96b03fa-901e-0035-234c-d376b3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3663
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 751ea0aee8dbb509-OSL
X-Firefox-Spdy: h2

widget.postnord.no/js/BookingV2.js

13.48.89.205

200 OK

0 B

URL HTTP/2
widget.postnord.no/js/BookingV2.js
IP
13.48.89.205:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/BookingV2.js HTTP/1.1
Host: widget.postnord.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:43:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 28 Sep 2022 12:39:17 GMT
vary: Accept-Encoding
etag: W/"63344075-23bb7"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

in.hotjar.com/api/v2/client/sites/2228782/visit-data?sv=7

54.76.60.60

200 OK

0 B

URL HTTP/2
in.hotjar.com/api/v2/client/sites/2228782/visit-data?sv=7
IP
54.76.60.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/v2/client/sites/2228782/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 150
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:43:59 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2

magicwidget.socialboards.com/messenger-child/scripts.055465a09bcb16546afd.js

23.101.67.245

200 OK

0 B

URL HTTP/2
magicwidget.socialboards.com/messenger-child/scripts.055465a09bcb16546afd.js
IP
23.101.67.245:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /messenger-child/scripts.055465a09bcb16546afd.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 28 Sep 2022 18:43:58 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "80d7a6acc2c6d81:0"
last-modified: Mon, 12 Sep 2022 16:14:03 GMT
set-cookie: ARRAffinity=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;Secure;Domain=magicwidget.socialboards.com
ARRAffinitySameSite=3c463dff51d3f15aa3edb091355f6628020747bcfaf40c27d24159f37fbbf7dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=magicwidget.socialboards.com
vary: Accept-Encoding
content-length: 209231
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

privacyportal-de.onetrust.com/request/v1/consentreceipts

172.64.146.158

200 OK

0 B

URL HTTP/2
privacyportal-de.onetrust.com/request/v1/consentreceipts
IP
172.64.146.158:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Generic/Spear Phishing

HTTP Headers

POST /request/v1/consentreceipts HTTP/1.1
Host: privacyportal-de.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2545
Origin: https://my.postnord.no
Connection: keep-alive
Referer: https://my.postnord.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:44:05 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
x-onetrust-receiptid: 816f0311-bdd7-4ed2-872c-aa98d5a8497e
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 751ea0df4be6b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (29)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations