r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4824
Expires: Sun, 05 Feb 2023 07:10:29 GMT
Date: Sun, 05 Feb 2023 05:50:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13552
Expires: Sun, 05 Feb 2023 09:35:57 GMT
Date: Sun, 05 Feb 2023 05:50:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21233
Expires: Sun, 05 Feb 2023 11:43:58 GMT
Date: Sun, 05 Feb 2023 05:50:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 05:33:54 GMT
content-type: application/json
age: 971
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZiobAHAoMPvSd7ob4qFSEXofBXAkYM9+jdk4ufztvpI244riXuudnItINYzmQocaRTi5m610TPA=
x-amz-request-id: MW2JD6HWX51YCG3R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 05:24:21 GMT
age: 1544
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
verify.facebook.com-------mobile---read---new--terms--792751746.peraltek.com/
74.206.228.78200 OK 246 B URL HTTP/1.1 verify.facebook.com-------mobile---read---new--terms--792751746.peraltek.com/
IP 74.206.228.78:0
ASN #27257 WEBAIR-INTERNET
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 034d90f48424aa2271b2b66be9093420
a05b53724da77019b421c40e6ce1e5a60c38a9e4
6021b163a047e0bcd2095bde9e006a9c04460cd82252db6c9a4cbcb2e14d59c0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: verify.facebook.com-------mobile---read---new--terms--792751746.peraltek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 05 Feb 2023 05:50:05 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 05:50:05 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
verify.facebook.com-------mobile---read---new--terms--792751746.peraltek.com/favicon.ico
74.206.228.78404 Not Found 114 B URL HTTP/1.1 verify.facebook.com-------mobile---read---new--terms--792751746.peraltek.com/favicon.ico
IP 74.206.228.78:0
ASN #27257 WEBAIR-INTERNET
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 021ffd3b4e081732edb9f2fa096e8ef2
4b0c71d74bf395719f8f91e4903609e37b513046
71dc6b3c545761e64c88967c0f8005939255df258bf60e122b238095d0c9659c
GET /favicon.ico HTTP/1.1
Host: verify.facebook.com-------mobile---read---new--terms--792751746.peraltek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify.facebook.com-------mobile---read---new--terms--792751746.peraltek.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0
Date: Sun, 05 Feb 2023 05:50:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 05:07:20 GMT
age: 2565
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
peraltek.com/
74.206.228.78200 OK 246 B IP 74.206.228.78:0
ASN #27257 WEBAIR-INTERNET
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 3a6dfd89ad871a9cf84c275ebc0e6560
683889d0b08abed4a9b044aaa3d0ca93b7fa196d
0269b9c4c961ffd6546c20abccc04a88c343a1a47eaa083c9c8b7792c8124950
NIDS Severity Alert suricata medium ET ADWARE_PUP Win32/Zonebac Traffic Redirect
POST / HTTP/1.1
Host: peraltek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 12
Origin: http://verify.facebook.com-------mobile---read---new--terms--792751746.peraltek.com
Connection: keep-alive
Referer: http://verify.facebook.com-------mobile---read---new--terms--792751746.peraltek.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 05 Feb 2023 05:50:05 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjEsImZlZWRJZCI6NjQsInRzIjoxNjc1NTc2MjA1LCJoYXNoIjoiNDQwYTJkNDkifQ==;Expires=Sun, 05-Feb-2023 06:50:05 GMT;Max-Age=3600
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10541
Expires: Sun, 05 Feb 2023 08:45:47 GMT
Date: Sun, 05 Feb 2023 05:50:06 GMT
Connection: keep-alive
peraltek.com/favicon.ico
74.206.228.78404 Not Found 114 B IP 74.206.228.78:0
ASN #27257 WEBAIR-INTERNET
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 021ffd3b4e081732edb9f2fa096e8ef2
4b0c71d74bf395719f8f91e4903609e37b513046
71dc6b3c545761e64c88967c0f8005939255df258bf60e122b238095d0c9659c
GET /favicon.ico HTTP/1.1
Host: peraltek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://peraltek.com/
Connection: keep-alive
Cookie: ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjEsImZlZWRJZCI6NjQsInRzIjoxNjc1NTc2MjA1LCJoYXNoIjoiNDQwYTJkNDkifQ==
HTTP/1.1 404 Not Found
Server: nginx/1.18.0
Date: Sun, 05 Feb 2023 05:50:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
orest-vlv.com/zcvisitor/f0f29021-a518-11ed-bb34-0a304eff1e3f/13946a70-a5da-11ec-9226-0a76dcc61f13?campaignid=fc080990-6652-11ed-9380-0a918cbcbb97
52.7.54.238200 1.1 kB URL HTTP/1.1 orest-vlv.com/zcvisitor/f0f29021-a518-11ed-bb34-0a304eff1e3f/13946a70-a5da-11ec-9226-0a76dcc61f13?campaignid=fc080990-6652-11ed-9380-0a918cbcbb97
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 99e8973f42581752dd0ba84280a8777b
671b44d095f68895fc558ea7f632abf557f8c240
e6f78e9ed6b5b0ffd794e7f24ae31cb1422642459ad03cf32d29b8ea4c6e86a5
GET /zcvisitor/f0f29021-a518-11ed-bb34-0a304eff1e3f/13946a70-a5da-11ec-9226-0a76dcc61f13?campaignid=fc080990-6652-11ed-9380-0a918cbcbb97 HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://peraltek.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 05 Feb 2023 05:50:06 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: fuWqtqQk
push.services.mozilla.com/
54.186.71.207101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.71.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: f9xIWw5KVvNebtLeZHN3jA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cPWk0EoojXHFmPGwFozZRx4JFio=
orest-vlv.com/zcredirect?visitid=f0f29021-a518-11ed-bb34-0a304eff1e3f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
52.7.54.238200 818 B URL HTTP/1.1 orest-vlv.com/zcredirect?visitid=f0f29021-a518-11ed-bb34-0a304eff1e3f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (366)
Hash b6e294111bef42017f1540142434df4c
4853a72b7498d4c203a0a9fc8e56d0f35fdf2632
64a780f44c4c29ca7f97c0a4999f702fe610419ec4cc892f7fca38d413bcafa5
GET /zcredirect?visitid=f0f29021-a518-11ed-bb34-0a304eff1e3f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/f0f29021-a518-11ed-bb34-0a304eff1e3f/13946a70-a5da-11ec-9226-0a76dcc61f13?campaignid=fc080990-6652-11ed-9380-0a918cbcbb97
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 05 Feb 2023 05:50:06 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: gBxVRXsz
cartining-specute.com/zp-redirect?target=https%3A%2F%2Finspxtrc.com%2F%3Fa%3D12209%26c%3D359%26s2%3Dwbbvput8peblkddm2u283o58%26s1%3D719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkddm2u283o58&caid=7dce104b-6d47-4562-a561-86993b097f13&zpid=f0f29021-a518-11ed-bb34-0a304eff1e3f&cid=wbbvput8peblkddm2u283o58&rt=R
18.197.36.77302 Found 0 B URL HTTP/2 cartining-specute.com/zp-redirect?target=https%3A%2F%2Finspxtrc.com%2F%3Fa%3D12209%26c%3D359%26s2%3Dwbbvput8peblkddm2u283o58%26s1%3D719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkddm2u283o58&caid=7dce104b-6d47-4562-a561-86993b097f13&zpid=f0f29021-a518-11ed-bb34-0a304eff1e3f&cid=wbbvput8peblkddm2u283o58&rt=R
IP 18.197.36.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Finspxtrc.com%2F%3Fa%3D12209%26c%3D359%26s2%3Dwbbvput8peblkddm2u283o58%26s1%3D719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkddm2u283o58&caid=7dce104b-6d47-4562-a561-86993b097f13&zpid=f0f29021-a518-11ed-bb34-0a304eff1e3f&cid=wbbvput8peblkddm2u283o58&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://orest-vlv.com/
Cookie: cc-v4=Z8sB0q5wtX2ygQ4sxCirD0s8tu5OSCBlROf7GVr%2Fqp7tomiVutG9vqrf0%2B2ipePl9wytHOTFFDFdWQkUEpyWN21Bzz4AANH1kZeuQ4pyBp%2FQkrREor54EKz3FwnwYWl4ZR1K8cPfaarLtY2adWr%2FlQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 05 Feb 2023 05:50:06 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://inspxtrc.com/?a=12209&c=359&s2=wbbvput8peblkddm2u283o58&s1=719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkddm2u283o58
pragma: no-cache
set-cookie: cc-v4=20HCh7GvNyuU%2B3W4jGRnu9dHVEyu62j%2FyYHbVBcs5kMMrEdrsWeNiEpG1Z7cW49cANfty8akkv5XxDTqxs8NrmYG6xZmyQjN9Ob0Kc5rcfgoJ%2FcxocRDyH0skjQEgmMb7eYfQJ7rZxaj6NDtCxEDfw%3D%3D; Max-Age=31536000; Expires=Mon, 05-Feb-2024 05:50:06 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
orest-vlv.com/favicon.ico
52.7.54.238404 653 B URL HTTP/1.1 orest-vlv.com/favicon.ico
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcredirect?visitid=f0f29021-a518-11ed-bb34-0a304eff1e3f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Sun, 05 Feb 2023 05:50:06 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: UtTEqxsS
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 339e6b8a91701f9042fd65a0ae130f58
d2c05cde761951605b2e89804b7fded1887bcdbc
47f6823110a28a24e413ded4a2843ca5ad6febd6aa9c2a16ce7cf9be663ae878
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 05:50:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 09 Feb 2023 04:58:52 GMT
ETag: "d2c05cde761951605b2e89804b7fded1887bcdbc"
Last-Modified: Sun, 05 Feb 2023 04:58:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 880
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79495ddd1c57b50f-OSL
inspxtrc.com/?a=12209&c=359&s2=wbbvput8peblkddm2u283o58&s1=719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkddm2u283o58
52.210.117.3302 Found 399 B URL HTTP/1.1 inspxtrc.com/?a=12209&c=359&s2=wbbvput8peblkddm2u283o58&s1=719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkddm2u283o58
IP 52.210.117.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (327), with CRLF line terminators
Hash 51c3b6985c80696c3abad08ff21dbf90
5c09a9eb14d739bbc57e183d2d2309be283ae79f
f36fa15e12f27df4b2d17a7e2ce6bafe608e77e32b8ac16850e2445e7cf06cb8
GET /?a=12209&c=359&s2=wbbvput8peblkddm2u283o58&s1=719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkddm2u283o58 HTTP/1.1
Host: inspxtrc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Cookie: trk=2HRFYMFkCSuDk+5toKe6/cny+JKvcV5e/utsyLg558egZ6BKZDHsRQ==; c1291=U9R5llbTiYaSKJx+vWq4wC+daIX/MYNddUiCqk6HahYju18+aFrywQ==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 399
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Feb 2023 05:50:06 GMT
Location: https://www.c-date.no/r/?v=1&CID=NO_a_3281_v99g0000&affid=12209_719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd_wbbvput8peblkddm2u283o58&accid=12209&subid1=719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd&subid2=wbbvput8peblkddm2u283o58&visid=1763461514
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=sIs0PgeMGmAK1lhhn2FWMsny+JKvcV5eS3KIY7JM6fvEX/13ontRcQ==; domain=.inspxtrc.com; path=/; SameSite=None; secure; HttpOnly
trk=2HRFYMFkCSuDk+5toKe6/cny+JKvcV5eS3KIY7JM6fvEX/13ontRcQ==; domain=.inspxtrc.com; expires=Wed, 05-Feb-2025 05:50:06 GMT; path=/; SameSite=None; secure; HttpOnly
c1291=sIs0PgeMGmBPUH5n9Eet6BgGoXUUWaYUdUiCqk6HahYju18+aFrywQ==; domain=.inspxtrc.com; expires=Tue, 07-Mar-2023 05:50:06 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4912
Expires: Sun, 05 Feb 2023 07:11:59 GMT
Date: Sun, 05 Feb 2023 05:50:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2dc69adbcc02e452e578fc8714434b05
64b3896f3088ae827d0b629f999e344bf0522584
c09d30bec007e47de7c4ebc3ae9dc9a104a577eb2e5a2f10d0b389c65ca5a5f9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=91024
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 05:50:07 GMT
Etag: "63de041f-117"
Expires: Mon, 06 Feb 2023 07:07:11 GMT
Last-Modified: Sat, 04 Feb 2023 07:07:11 GMT
Server: nginx
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61ef2f28-06d6-4c28-b598-e80a6c49ef77.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61ef2f28-06d6-4c28-b598-e80a6c49ef77.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f4a8749b09484bfc2a8fe4b33c69624
299d7514cf29c2dbd919581883239ef44c0984dd
22a61b6e7b48eeb44339469a353efdef0dc089be670fb490627dd33adc59168b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61ef2f28-06d6-4c28-b598-e80a6c49ef77.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4526
x-amzn-requestid: 0942d90f-c9a6-40e6-9439-5da97a42cd35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fye2wEngoAMFmGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddab5e-5d3234d519561b4040eff4c3;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:48:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WqipgPOkYYXuD4D0MYHUEn4Gusno3xTQyHrwq-XlF9mwiPP0BtQGWg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 09:56:11 GMT
age: 71636
etag: "299d7514cf29c2dbd919581883239ef44c0984dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01d9feca-e9dc-4ee4-9694-bcc983e3a7c1.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01d9feca-e9dc-4ee4-9694-bcc983e3a7c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d632f8be93820b9746f76146fe3ff0e
7e5e9b16819af678ba84ddb6f45c073e659e2f4e
26ad66cf5e4fe4de99ad31b5c4f0fa3d05c085be04610de8ad80989528c100bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01d9feca-e9dc-4ee4-9694-bcc983e3a7c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6434
x-amzn-requestid: ccf74c35-c654-4a9a-8121-ab27fc4cd862
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WWYFbJoAMFgSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f5-10dedb6a287acd2b10cdfdb4;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3bv0yNuzTWh742AZFesuU0caKmg0nMFc3P0bLYkhGd-TAeg5R9W_vQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:24 GMT
age: 27583
etag: "7e5e9b16819af678ba84ddb6f45c073e659e2f4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a85f9ff-45f7-4467-9bcf-99adfc764c87.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a85f9ff-45f7-4467-9bcf-99adfc764c87.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e011d457dc1153c2be3958161c109d4c
7579fae4b76a48eba7acd8f8572db91191db0c19
03156808efbab06a9a28138dd185c7870a1144f758b9743878f480de863eb884
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a85f9ff-45f7-4467-9bcf-99adfc764c87.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4493
x-amzn-requestid: 36c0c96d-9e8f-4acd-a10b-e2ff8252d62a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsdDBHAcIAMFaVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db4213-1e55f43267ecaba247c2b963;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 04:54:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NPR9b5py6BzkCiWXJYNpRrkapxpGeAuk4BqrkUIpx-Oir8zxmcb5cg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 08:05:24 GMT
age: 78283
etag: "7579fae4b76a48eba7acd8f8572db91191db0c19"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jIvBQjGh9JzWQM0YpEYiqP5CcBrkwqLVjAYhMWJ1P1H0MRkm7kpnpg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:12:06 GMT
age: 27481
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:58 GMT
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
age: 27549
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b596a8e984911df703e15c72d25d513
a1fa1355f4de6f246d35bed9f128e13fc9dc4e72
aba708124199ec6b0ce86ac14c6c18d233ff405071a7f22522217c2fcb0aa9b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13557
x-amzn-requestid: 981a0f31-e874-4392-a81d-12d667020700
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH8-JGEsoAMFhZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca85a-7398031f2676734c65447e5b;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3dw5Oj2su-_kCvpC1jDJsyAEUPzaexgTzhAC9yAYSyXTFRVge2FR6Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:43 GMT
age: 27564
etag: "a1fa1355f4de6f246d35bed9f128e13fc9dc4e72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.c-date.no/r/static/base/client/images/regs_background.9d30139acb65885176a5d5c878e4bd3d.jpg
104.18.101.209200 OK 87 kB URL HTTP/2 www.c-date.no/r/static/base/client/images/regs_background.9d30139acb65885176a5d5c878e4bd3d.jpg
IP 104.18.101.209:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1440x1024, components 3\012- data
Hash 9d30139acb65885176a5d5c878e4bd3d
6f1236760a7d1860d266eec85112345ca04d7a22
54664dd5c1c201d2360c5b8417a79471abd4fd5333b2f919098b6c977ff1ad49
GET /r/static/base/client/images/regs_background.9d30139acb65885176a5d5c878e4bd3d.jpg HTTP/1.1
Host: www.c-date.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.c-date.no/r/?v=1&CID=NO_a_3281_v99g0000&affid=12209_719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd_wbbvput8peblkddm2u283o58&accid=12209&subid1=719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd&subid2=wbbvput8peblkddm2u283o58&visid=1763461514
Connection: keep-alive
Cookie: staticToken=stkn.eyJ0eXBlIjoiQVNUIiwidmVyc2lvbiI6MX0.DbcllFep9fFV_3epD-LDyvaUkLVCjx4R5FU-VUbWNjiZojSRUKNCA2gAMPDTBMjbP90TdNkg_YU0ycKw6dtMygKheaY2vUgg3wU7Ij5K_Uk.gqm-NKwe3HSTqKVCSmv4mt-eV2NHLa5DNwTDhiLHTaLAAC2SHRzUfW2gUYf0IyNryadnyaOEN54FRQ8qMk2k_SvXYDQYNGEdrgk8nN0niLdbhjCf8skPU_D8u2-gxMg20ULC0wX4hsUMZ-VjLLU7taSaMyy0xKlmOjgM78ZZh0I; ipx_guestdiary={"clientId":"e57a6260-a516-11ed-944f-d513f9c81ee9"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 05:50:07 GMT
content-type: image/jpeg
content-length: 87400
cache-control: max-age=31536000, public
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
expires: Sun, 07 May 2023 07:48:25 GMT
last-modified: Mon, 02 May 2022 10:37:24 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 23666502
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79495de26892b511-OSL
X-Firefox-Spdy: h2
www.c-date.no/r/app.e93828bc1157717c27693f00f4388dfe.js?v=1
104.18.101.209200 OK 60 kB URL HTTP/2 www.c-date.no/r/app.e93828bc1157717c27693f00f4388dfe.js?v=1
IP 104.18.101.209:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash faf3acea4928228283db8a5a463536d6
0177c3c47518d5aa7a5b703c511a4952fbc79ffe
1ae3b2450391a2dcd5ff3fc9b191ebad5ca4261f361971470bb01fce09b3d117
GET /r/app.e93828bc1157717c27693f00f4388dfe.js?v=1 HTTP/1.1
Host: www.c-date.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.c-date.no/r/?v=1&CID=NO_a_3281_v99g0000&affid=12209_719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd_wbbvput8peblkddm2u283o58&accid=12209&subid1=719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd&subid2=wbbvput8peblkddm2u283o58&visid=1763461514
Connection: keep-alive
Cookie: staticToken=stkn.eyJ0eXBlIjoiQVNUIiwidmVyc2lvbiI6MX0.DbcllFep9fFV_3epD-LDyvaUkLVCjx4R5FU-VUbWNjiZojSRUKNCA2gAMPDTBMjbP90TdNkg_YU0ycKw6dtMygKheaY2vUgg3wU7Ij5K_Uk.gqm-NKwe3HSTqKVCSmv4mt-eV2NHLa5DNwTDhiLHTaLAAC2SHRzUfW2gUYf0IyNryadnyaOEN54FRQ8qMk2k_SvXYDQYNGEdrgk8nN0niLdbhjCf8skPU_D8u2-gxMg20ULC0wX4hsUMZ-VjLLU7taSaMyy0xKlmOjgM78ZZh0I; ipx_guestdiary={"clientId":"e57a6260-a516-11ed-944f-d513f9c81ee9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 05:50:07 GMT
content-type: text/javascript; charset=utf-8
cf-bgj: minify
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains
last-modified: Sun, 05 Feb 2023 03:35:17 GMT
cf-cache-status: HIT
age: 7065
vary: Accept-Encoding
server: cloudflare
cf-ray: 79495de2588bb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.c-date.no/api/v2/auth/loginAnonymous
104.18.101.209200 OK 1.8 kB URL HTTP/2 www.c-date.no/api/v2/auth/loginAnonymous
IP 104.18.101.209:0
Hash c2de08353be949195b9401b9faa2996a
fc3bef8333672f39e26652f50c5850354a1a829b
ee1555b504d75dc96b7f71525acbc93eccfe269ecf665298d57bfd9ce292b05e
POST /api/v2/auth/loginAnonymous HTTP/1.1
Host: www.c-date.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json;charset=UTF-8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.c-date.no/r/?v=1&CID=NO_a_3281_v99g0000&affid=12209_719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd_wbbvput8peblkddm2u283o58&accid=12209&subid1=719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd&subid2=wbbvput8peblkddm2u283o58&visid=1763461514
Authorization: Basic V0VCOnBhc3M=
Content-Type: application/json;charset=UTF-8
Origin: https://www.c-date.no
Connection: keep-alive
Cookie: staticToken=stkn.eyJ0eXBlIjoiQVNUIiwidmVyc2lvbiI6MX0.DbcllFep9fFV_3epD-LDyvaUkLVCjx4R5FU-VUbWNjiZojSRUKNCA2gAMPDTBMjbP90TdNkg_YU0ycKw6dtMygKheaY2vUgg3wU7Ij5K_Uk.gqm-NKwe3HSTqKVCSmv4mt-eV2NHLa5DNwTDhiLHTaLAAC2SHRzUfW2gUYf0IyNryadnyaOEN54FRQ8qMk2k_SvXYDQYNGEdrgk8nN0niLdbhjCf8skPU_D8u2-gxMg20ULC0wX4hsUMZ-VjLLU7taSaMyy0xKlmOjgM78ZZh0I; ipx_guestdiary={"clientId":"e57a6260-a516-11ed-944f-d513f9c81ee9"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 05:50:07 GMT
content-type: application/json;charset=UTF-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform, max-age=0, private
pragma: no-cache
expires: 0
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-encoding: gzip
set-cookie: staticToken=stkn.eyJ0eXBlIjoiQVNUIiwidmVyc2lvbiI6MX0.9SxhbPdkur6xQYob5ZL6qBlff3HB9TxUwJYBPhHCTnP65HnqkmbW1CKNpot9L1LFCXOEVwZ4BehGVN2NFyD1gTfgwMf6EGpgxsldHb1u-5s.H_n8g_V-RGH2wkTmUW8ACdOkjjgTL8N8BsXa_YcuuIodkCEfYgOyRUgcCEPrBKjAAImorzIujpxbPdFUkf754qmrss_sEtxGdfXHNO4xlyUsibooVGofU42PRrQR235eJUzwYmq-0C5l9fCGeArmNGdeqvux5aGE4vtQskI2ALY; Expires=Wed, 22-Mar-2023 05:50:06 GMT; Path=/; Secure; HttpOnly
irouted=.biz28; path=/; Secure; HttpOnly
content-security-policy:
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79495de2d8d1b511-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ad2930ffabcba79a8aad23e1e2b7f2ec
54212fccd97a791d90ecec746e633b6d01d74a9e
86311a8bb1620ccb286ea3d026597f1cc89fdbf6a73ea5935621a541383b9be9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 685
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 05:50:08 GMT
Last-Modified: Sun, 05 Feb 2023 05:38:43 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ad2930ffabcba79a8aad23e1e2b7f2ec
54212fccd97a791d90ecec746e633b6d01d74a9e
86311a8bb1620ccb286ea3d026597f1cc89fdbf6a73ea5935621a541383b9be9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2317
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 05:50:08 GMT
Etag: "63dc5e19-117"
Last-Modified: Sun, 05 Feb 2023 05:11:31 GMT
Server: ECS (amb/6B7D)
X-Cache: HIT
Content-Length: 278
www.c-date.no/r/static/base/client/images/logo-green.a109bb3c854c882ebd6ced399cbf26b5.svg
104.18.101.209200 OK 2.4 kB URL HTTP/2 www.c-date.no/r/static/base/client/images/logo-green.a109bb3c854c882ebd6ced399cbf26b5.svg
IP 104.18.101.209:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (1092)
Hash c7457604f60bad95a93cdfc262600a52
04321a23b36d7eeb6c8ae09fd35f09e1083e71da
23dddd3318218084dde0ee193413dbdcf85bab640b990750ea92640df138eaff
GET /r/static/base/client/images/logo-green.a109bb3c854c882ebd6ced399cbf26b5.svg HTTP/1.1
Host: www.c-date.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.c-date.no/r/?v=1&CID=NO_a_3281_v99g0000&affid=12209_719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd_wbbvput8peblkddm2u283o58&accid=12209&subid1=719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd&subid2=wbbvput8peblkddm2u283o58&visid=1763461514
Connection: keep-alive
Cookie: staticToken=stkn.eyJ0eXBlIjoiQVNUIiwidmVyc2lvbiI6MX0.DbcllFep9fFV_3epD-LDyvaUkLVCjx4R5FU-VUbWNjiZojSRUKNCA2gAMPDTBMjbP90TdNkg_YU0ycKw6dtMygKheaY2vUgg3wU7Ij5K_Uk.gqm-NKwe3HSTqKVCSmv4mt-eV2NHLa5DNwTDhiLHTaLAAC2SHRzUfW2gUYf0IyNryadnyaOEN54FRQ8qMk2k_SvXYDQYNGEdrgk8nN0niLdbhjCf8skPU_D8u2-gxMg20ULC0wX4hsUMZ-VjLLU7taSaMyy0xKlmOjgM78ZZh0I; ipx_guestdiary={"clientId":"e57a6260-a516-11ed-944f-d513f9c81ee9"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 05:50:07 GMT
content-type: image/svg+xml
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 05 Feb 2023 03:25:00 GMT
cf-cache-status: HIT
age: 340
vary: Accept-Encoding
server: cloudflare
cf-ray: 79495de308e7b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.c-date.no/api/v2/auth/loginAnonymous
104.18.101.209200 OK 1.5 kB URL HTTP/2 www.c-date.no/api/v2/auth/loginAnonymous
IP 104.18.101.209:0
File type JSON data\012- , ASCII text, with very long lines (1991), with no line terminators
Hash d1705faf2d54241a1e06fd296cbb2bf0
91e496cee0c1fbe83e708f77272213096991bbe9
db7c863e1f0b80556972c11905cd24a8c9b8833a6f7e3ffd0f01f6bf901e9dd1
POST /api/v2/auth/loginAnonymous HTTP/1.1
Host: www.c-date.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json;charset=UTF-8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.c-date.no/r/?v=1&CID=NO_a_3281_v99g0000&affid=12209_719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd_wbbvput8peblkddm2u283o58&accid=12209&subid1=719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd&subid2=wbbvput8peblkddm2u283o58&visid=1763461514
Authorization: Basic V0VCOnBhc3M=
Content-Type: application/json;charset=UTF-8
Origin: https://www.c-date.no
Connection: keep-alive
Cookie: staticToken=stkn.eyJ0eXBlIjoiQVNUIiwidmVyc2lvbiI6MX0.DbcllFep9fFV_3epD-LDyvaUkLVCjx4R5FU-VUbWNjiZojSRUKNCA2gAMPDTBMjbP90TdNkg_YU0ycKw6dtMygKheaY2vUgg3wU7Ij5K_Uk.gqm-NKwe3HSTqKVCSmv4mt-eV2NHLa5DNwTDhiLHTaLAAC2SHRzUfW2gUYf0IyNryadnyaOEN54FRQ8qMk2k_SvXYDQYNGEdrgk8nN0niLdbhjCf8skPU_D8u2-gxMg20ULC0wX4hsUMZ-VjLLU7taSaMyy0xKlmOjgM78ZZh0I; ipx_guestdiary={"clientId":"e57a6260-a516-11ed-944f-d513f9c81ee9"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 05:50:07 GMT
content-type: application/json;charset=UTF-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform, max-age=0, private
pragma: no-cache
expires: 0
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-encoding: gzip
content-security-policy:
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
set-cookie: staticToken=stkn.eyJ0eXBlIjoiQVNUIiwidmVyc2lvbiI6MX0.9OXnYAGPqfZPNSxp3XU1C7SNasPiAoV6XN2yhKXTdC3rwPqqEBcwc3B4x91Ix-P60UHqNuxyYErakR9I0qUKH1sf0iiGvArQekhjxD9z3PI.VqExpVAS2DRK60QY3udb7jDOVqyrBWB4Sj_KRe0rPkx3g7i_13l6iiqbBv9-1KJoFbYipDU880oNalp0erJt5HuPSDpZbjOBmWhH-6knniMZKEnHEO9uftLqghQ4l86ifvtOMWBNIuiVcJpyH_DBRKg_-NCJJ_jfX8ZEA1BBCbA; Expires=Wed, 22-Mar-2023 05:50:06 GMT; Path=/; Secure; HttpOnly
irouted=.biz26; path=/; Secure; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79495de2e8d7b511-OSL
X-Firefox-Spdy: h2
api.c-date.com/api/v1/events/pre-registration
104.18.101.209200 OK 0 B URL HTTP/2 api.c-date.com/api/v1/events/pre-registration
IP 104.18.101.209:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/events/pre-registration HTTP/1.1
Host: api.c-date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://www.c-date.no/
Origin: https://www.c-date.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 05:50:08 GMT
content-length: 0
cf-ray: 79495de428e00b4d-OSL
access-control-allow-origin: https://www.c-date.no
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform, max-age=0, private
expires: 0
set-cookie: irouted=.biz28; path=/; Secure; HttpOnly
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type
access-control-allow-methods: POST
content-security-policy:
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2
api.c-date.com/api/v1/events/pre-registration
104.18.101.209200 OK 0 B URL HTTP/2 api.c-date.com/api/v1/events/pre-registration
IP 104.18.101.209:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/events/pre-registration HTTP/1.1
Host: api.c-date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://www.c-date.no/
Origin: https://www.c-date.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 05:50:08 GMT
content-length: 0
cf-ray: 79495de4e9030b4d-OSL
access-control-allow-origin: https://www.c-date.no
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform, max-age=0, private
expires: 0
set-cookie: irouted=.biz28; path=/; Secure; HttpOnly
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type
access-control-allow-methods: POST
content-security-policy:
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1092c4dd4d9ca4d09462ae46e1dd7c1
17444ff60be1afbc40d3653fa936f9eaf9478068
ea8362c7249080b34288ee675f70333607fc3be37e716fdcf63e4901849def9f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7288
x-amzn-requestid: 1aa297f5-2f9a-45be-b823-1eb4d5887769
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WrwH-iIAMFyhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded17e-2b630b4a302b8ae118883b71;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:43:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z2oKgp1keqEkvN6jjsUepMbrxD4JCXKAOHrMNJHcuXN0CpulUh5GLA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:39 GMT
etag: "17444ff60be1afbc40d3653fa936f9eaf9478068"
content-type: image/jpeg
age: 29195
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.c-date.com/api/v1/events/pre-registration
104.18.101.209200 OK 0 B URL HTTP/2 api.c-date.com/api/v1/events/pre-registration
IP 104.18.101.209:0
POST /api/v1/events/pre-registration HTTP/1.1
Host: api.c-date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json;charset=UTF-8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.c-date.no/
Authorization: Bearer stkn.eyJ0eXBlIjoiQUFUIiwidmVyc2lvbiI6MX0.KPdqCIOSrovax_LQ113KDkyya8449j3KvE_B5xKXimQGIPzQPrGI2BsVJle07psmQHsKbu-LfKXRyf7funF0NUXCICDPKvDs4Jtv2EybbSs.6Uf5u04fv6Ya-UUNH0jtjAN1V7H7Wuk7RRGcvoltyzv7kguJZKbt_91GdTVMOErvBlhmMiQV5EgxDGDrZJwn9Alf8vpqBJyQhbx4NTBu4_DxcHj8WUEI93fkt4WZ0N32XuBM6x3ZrhXk2dVOLozrAt5XZebMJKoKWnMDWIiX0lc
Content-Type: application/json;charset=UTF-8
Content-Length: 615
Origin: https://www.c-date.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 05:50:08 GMT
content-type: application/json;charset=UTF-8
cf-ray: 79495de5391f0b4d-OSL
access-control-allow-origin: https://www.c-date.no
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform, max-age=0, private
content-encoding: gzip
expires: 0
set-cookie: irouted=.biz25; path=/; Secure; HttpOnly
strict-transport-security: max-age=15552000; includeSubDomains
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
content-security-policy:
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2
www.c-date.no/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675569600
104.18.101.209200 OK 0 B URL HTTP/2 www.c-date.no/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675569600
IP 104.18.101.209:0
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675569600 HTTP/1.1
Host: www.c-date.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: staticToken=stkn.eyJ0eXBlIjoiQVNUIiwidmVyc2lvbiI6MX0.DbcllFep9fFV_3epD-LDyvaUkLVCjx4R5FU-VUbWNjiZojSRUKNCA2gAMPDTBMjbP90TdNkg_YU0ycKw6dtMygKheaY2vUgg3wU7Ij5K_Uk.gqm-NKwe3HSTqKVCSmv4mt-eV2NHLa5DNwTDhiLHTaLAAC2SHRzUfW2gUYf0IyNryadnyaOEN54FRQ8qMk2k_SvXYDQYNGEdrgk8nN0niLdbhjCf8skPU_D8u2-gxMg20ULC0wX4hsUMZ-VjLLU7taSaMyy0xKlmOjgM78ZZh0I; ipx_guestdiary={"clientId":"e57a6260-a516-11ed-944f-d513f9c81ee9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 05:50:07 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-control-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 79495de298aab511-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.c-date.com/api/v1/events/pre-registration
104.18.101.209200 OK 0 B URL HTTP/2 api.c-date.com/api/v1/events/pre-registration
IP 104.18.101.209:0
POST /api/v1/events/pre-registration HTTP/1.1
Host: api.c-date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json;charset=UTF-8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.c-date.no/
Authorization: Bearer stkn.eyJ0eXBlIjoiQUFUIiwidmVyc2lvbiI6MX0.fPKJ9OgSxjuwqMzchf5ruWQ_0CYhH4IOdPtzs4jyHkaGS8SuHJgOsR8z-zMptIskndCxPJlivL-nI_Qn7TOA2eIIJujDVEmvtqO8Dcl7ZzM.d_VmvvJ9XT0qJIAlTL8YQJ5WnjRu9f7VqSESVYgBFrn_E4dgVTyv3mCnbOonYegww5HTftYsEp--NYutiC-oicqpe1pgsOFjiza5xeYQB3K8SLm2b4yZAGuB9CDnyQKE6vd6ErddTdNMtVsEdfGHTR0hF-2o0fzLoy-itQjWS5Q
Content-Type: application/json;charset=UTF-8
Content-Length: 435
Origin: https://www.c-date.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 05:50:08 GMT
content-type: application/json;charset=UTF-8
cf-ray: 79495de4e9010b4d-OSL
access-control-allow-origin: https://www.c-date.no
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform, max-age=0, private
content-encoding: gzip
expires: 0
set-cookie: irouted=.biz26; path=/; Secure; HttpOnly
strict-transport-security: max-age=15552000; includeSubDomains
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
content-security-policy:
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2
www.c-date.no/r/static/base/client/images/favicon.v2.ico
104.18.101.209200 OK 0 B URL HTTP/2 www.c-date.no/r/static/base/client/images/favicon.v2.ico
IP 104.18.101.209:0
GET /r/static/base/client/images/favicon.v2.ico HTTP/1.1
Host: www.c-date.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.c-date.no/r/?v=1&CID=NO_a_3281_v99g0000&affid=12209_719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd_wbbvput8peblkddm2u283o58&accid=12209&subid1=719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd&subid2=wbbvput8peblkddm2u283o58&visid=1763461514
Connection: keep-alive
Cookie: staticToken=stkn.eyJ0eXBlIjoiQVNUIiwidmVyc2lvbiI6MX0.DbcllFep9fFV_3epD-LDyvaUkLVCjx4R5FU-VUbWNjiZojSRUKNCA2gAMPDTBMjbP90TdNkg_YU0ycKw6dtMygKheaY2vUgg3wU7Ij5K_Uk.gqm-NKwe3HSTqKVCSmv4mt-eV2NHLa5DNwTDhiLHTaLAAC2SHRzUfW2gUYf0IyNryadnyaOEN54FRQ8qMk2k_SvXYDQYNGEdrgk8nN0niLdbhjCf8skPU_D8u2-gxMg20ULC0wX4hsUMZ-VjLLU7taSaMyy0xKlmOjgM78ZZh0I; ipx_guestdiary={"clientId":"e57a6260-a516-11ed-944f-d513f9c81ee9"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 05:50:08 GMT
content-type: image/x-icon
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 05 Feb 2023 03:46:22 GMT
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
cf-ray: 79495de298acb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.c-date.com/api/v1/events/pre-registration
104.18.101.209200 OK 0 B URL HTTP/2 api.c-date.com/api/v1/events/pre-registration
IP 104.18.101.209:0
POST /api/v1/events/pre-registration HTTP/1.1
Host: api.c-date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json;charset=UTF-8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.c-date.no/
Authorization: Bearer stkn.eyJ0eXBlIjoiQUFUIiwidmVyc2lvbiI6MX0.AtUotvYc9-lINNC8Tbr0FRAslkJOTk_FNrABYq3dqsFgdmdQDTZ6NGityHeGvay6-faeWWMl0xfNVlEceqRFWqbpQ2AB_tyxzEzX8taSCMs.u6w4AAdYb8hWXMsWxQswllAZ2UwNliTHNfIgL-WlEOvr5G6ex-ZmlBhP6QFz5dxLNVZLq5BOcFvRqSja7rPG0-yAV-AxJTuxwNEx-dwSpZ0RQq9jfGnUJ_THl-VfxTfl1gdGkFFo7ipsfghddkx1KcdAUiY8e6B404h-iwSeYno
Content-Type: application/json;charset=UTF-8
Content-Length: 439
Origin: https://www.c-date.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 05:50:08 GMT
content-type: application/json;charset=UTF-8
cf-ray: 79495de4f90a0b4d-OSL
access-control-allow-origin: https://www.c-date.no
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform, max-age=0, private
content-encoding: gzip
expires: 0
set-cookie: irouted=.biz22; path=/; Secure; HttpOnly
strict-transport-security: max-age=15552000; includeSubDomains
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
content-security-policy:
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2
www.c-date.no/r/?v=1&CID=NO_a_3281_v99g0000&affid=12209_719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd_wbbvput8peblkddm2u283o58&accid=12209&subid1=719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd&subid2=wbbvput8peblkddm2u283o58&visid=1763461514
104.18.101.209200 OK 0 B URL HTTP/2 www.c-date.no/r/?v=1&CID=NO_a_3281_v99g0000&affid=12209_719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd_wbbvput8peblkddm2u283o58&accid=12209&subid1=719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd&subid2=wbbvput8peblkddm2u283o58&visid=1763461514
IP 104.18.101.209:0
GET /r/?v=1&CID=NO_a_3281_v99g0000&affid=12209_719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd_wbbvput8peblkddm2u283o58&accid=12209&subid1=719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd&subid2=wbbvput8peblkddm2u283o58&visid=1763461514 HTTP/1.1
Host: www.c-date.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Cookie: staticToken=stkn.eyJ0eXBlIjoiQVNUIiwidmVyc2lvbiI6MX0.DbcllFep9fFV_3epD-LDyvaUkLVCjx4R5FU-VUbWNjiZojSRUKNCA2gAMPDTBMjbP90TdNkg_YU0ycKw6dtMygKheaY2vUgg3wU7Ij5K_Uk.gqm-NKwe3HSTqKVCSmv4mt-eV2NHLa5DNwTDhiLHTaLAAC2SHRzUfW2gUYf0IyNryadnyaOEN54FRQ8qMk2k_SvXYDQYNGEdrgk8nN0niLdbhjCf8skPU_D8u2-gxMg20ULC0wX4hsUMZ-VjLLU7taSaMyy0xKlmOjgM78ZZh0I; ipx_guestdiary={"clientId":"e57a6260-a516-11ed-944f-d513f9c81ee9"}
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 05:50:07 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79495de14811b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.c-date.no/r/non-critical.bb0edb86916a12d73bf731ccb1fbc6c3.css?v=1
104.18.101.209200 OK 0 B URL HTTP/2 www.c-date.no/r/non-critical.bb0edb86916a12d73bf731ccb1fbc6c3.css?v=1
IP 104.18.101.209:0
GET /r/non-critical.bb0edb86916a12d73bf731ccb1fbc6c3.css?v=1 HTTP/1.1
Host: www.c-date.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.c-date.no/r/?v=1&CID=NO_a_3281_v99g0000&affid=12209_719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd_wbbvput8peblkddm2u283o58&accid=12209&subid1=719fbd40-273d-47b8-882f-683d1074b172wbbvput8peblkd&subid2=wbbvput8peblkddm2u283o58&visid=1763461514
Connection: keep-alive
Cookie: staticToken=stkn.eyJ0eXBlIjoiQVNUIiwidmVyc2lvbiI6MX0.DbcllFep9fFV_3epD-LDyvaUkLVCjx4R5FU-VUbWNjiZojSRUKNCA2gAMPDTBMjbP90TdNkg_YU0ycKw6dtMygKheaY2vUgg3wU7Ij5K_Uk.gqm-NKwe3HSTqKVCSmv4mt-eV2NHLa5DNwTDhiLHTaLAAC2SHRzUfW2gUYf0IyNryadnyaOEN54FRQ8qMk2k_SvXYDQYNGEdrgk8nN0niLdbhjCf8skPU_D8u2-gxMg20ULC0wX4hsUMZ-VjLLU7taSaMyy0xKlmOjgM78ZZh0I; ipx_guestdiary={"clientId":"e57a6260-a516-11ed-944f-d513f9c81ee9"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 05:50:07 GMT
content-type: text/css; charset=utf-8
cf-bgj: minify
cf-polished: origSize=61364
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains
last-modified: Sun, 05 Feb 2023 03:35:17 GMT
cf-cache-status: HIT
age: 7065
vary: Accept-Encoding
server: cloudflare
cf-ray: 79495de2588cb511-OSL
content-encoding: br
X-Firefox-Spdy: h2