abs-teknikk.no/
3.11.87.175301 Moved Permanently 231 B IP 3.11.87.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 99cb9e1e55628bedcfe3ca592f137123
0fd19b31a628a83d9e387e4d71715c27f84c4849
3aa22d806f48c90f816b48573bb0ae04e69d461497ab743c0c2e48a27ebefedb
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 08 Dec 2022 02:02:13 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 231
Connection: keep-alive
Location: https://abs-teknikk.no/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4554
Expires: Thu, 08 Dec 2022 03:18:08 GMT
Date: Thu, 08 Dec 2022 02:02:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21202
Expires: Thu, 08 Dec 2022 07:55:36 GMT
Date: Thu, 08 Dec 2022 02:02:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 01:08:07 GMT
content-type: application/json
age: 3247
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5805
Expires: Thu, 08 Dec 2022 03:38:59 GMT
Date: Thu, 08 Dec 2022 02:02:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: k3WSkftY/QHeFY71Q6OzTGtUkQUivGjTTH+ZOjjSEy6Nljg7p+6u67n3O231YlffTGcPJ4qkH60=
x-amz-request-id: 4N3YMXRRXPJ9D9MA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 01:47:44 GMT
age: 870
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:14 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 88303399f174df5fd05772d3e227df1b
e54ff1df5558cd43ac73858722f0574bc9138dc3
c5324f844aa183a6ad99f6f21c83c4cc04b7d6ad1d306e2e55ae43b609138f48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5324F844AA183A6AD99F6F21C83C4CC04B7D6AD1D306E2E55AE43B609138F48"
Last-Modified: Wed, 07 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Thu, 08 Dec 2022 08:01:29 GMT
Date: Thu, 08 Dec 2022 02:02:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 01:07:55 GMT
age: 3259
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2984
Cache-Control: max-age=114860
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:14 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:56:34 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.41.253.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.253.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6yGyMU7YsPOkAvjilgrCbQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZlJNi0o44EAkTO2h7vUh6wkN3eI=
abs-teknikk.no/
3.11.87.175200 OK 16 kB IP 3.11.87.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash b13797fe2db355d58282d5eddb556676
96f1f21dd32b26a6220441376532a8c736e05f5b
cb86bc311d0230379c8ff7d717896f5595b6eba158e9490962faf47b7eb0e890
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: text/html; charset=UTF-8
content-length: 15496
x-powered-by: PHP/7.4.33
link: <https://abs-teknikk.no/wp-json/>; rel="https://api.w.org/", <https://abs-teknikk.no/wp-json/wp/v2/pages/13>; rel="alternate"; type="application/json", <https://abs-teknikk.no/>; rel=shortlink
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cb4dd119f7430c320eac60b72355bd8c
e5694c4e08731720fa303127f2f4b2fe5ab9fba9
116e36f240390df2689f722ba0174ff342f7c6ce3a6b91853342c93def2a0825
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-189137356-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-189137356-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash f384a915302d411e00c3dce4e880a2b1
3aa5251ef83ac2ccf6bcb05f289c856596cc0f02
0a66389a2a2734c32134ffa4e2842519ced09b90ccdb535870944eb91e406fc6
GET /gtag/js?id=UA-189137356-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Dec 2022 02:02:15 GMT
expires: Thu, 08 Dec 2022 02:02:15 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LcQF08aAAAAAHLxsikFZuhkdHZyPDGO_McL_y7J&ver=3.0
142.250.74.132200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LcQF08aAAAAAHLxsikFZuhkdHZyPDGO_McL_y7J&ver=3.0
IP 142.250.74.132:0
File type ASCII text, with very long lines (884), with no line terminators
Hash fed67ae1cd7db02dbf9c87985c2f1867
6a47b3f34cfda9ff80b6ef99fb9036aabf493ac3
37449e2fd779ffe3ee4d063d03ace378424f2bc2ae459a2f2b45b9e65b469274
GET /recaptcha/api.js?render=6LcQF08aAAAAAHLxsikFZuhkdHZyPDGO_McL_y7J&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 08 Dec 2022 02:02:15 GMT
date: Thu, 08 Dec 2022 02:02:15 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b9083cdf8a3f174763927ae3e9ca3934
1d1ca843e0517b384f693ff52b55fcafc48f9ee7
0f42326e84100eb58e3ac1d2eb5e21f7f0ba3502ddea7f607627a465cc234801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 314 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 76b834c74c9ebe31b7d5e1fab22eeeb9
ad1ce341002dd540e690e49387190a6817e0fd6a
b23f8fa257d28a152b5095b2b3f1f2f8ec32b6efabf856356427e2713dd3b4b2
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 02:02:15 GMT
Content-Type: application/ocsp-response
Content-Length: 314
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 22:36:11 GMT
Expires: Wed, 14 Dec 2022 22:36:10 GMT
Etag: "ad1ce341002dd540e690e49387190a6817e0fd6a"
Cache-Control: max-age=591834,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7761eaf72b00b4f7-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 314 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 76b834c74c9ebe31b7d5e1fab22eeeb9
ad1ce341002dd540e690e49387190a6817e0fd6a
b23f8fa257d28a152b5095b2b3f1f2f8ec32b6efabf856356427e2713dd3b4b2
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 02:02:15 GMT
Content-Type: application/ocsp-response
Content-Length: 314
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 22:36:11 GMT
Expires: Wed, 14 Dec 2022 22:36:10 GMT
Etag: "ad1ce341002dd540e690e49387190a6817e0fd6a"
Cache-Control: max-age=591834,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7761eaf72a33fac8-OSL
worldmodel.biz/optout/set/lat?jsonp=__mtz_cb_369613290&key=2241c61e4c10670366&cv=1575636617&t=1575636617573
5.149.248.141200 OK 0 B URL HTTP/1.1 worldmodel.biz/optout/set/lat?jsonp=__mtz_cb_369613290&key=2241c61e4c10670366&cv=1575636617&t=1575636617573
IP 5.149.248.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /optout/set/lat?jsonp=__mtz_cb_369613290&key=2241c61e4c10670366&cv=1575636617&t=1575636617573 HTTP/1.1
Host: worldmodel.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 02:02:15 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Set-Cookie: __mntz_lat_2241c61e4c10670366=1575636617;Path=/;Max-Age=3153600000;SameSite=None;Secure
worldmodel.biz/optout/set/lt?jsonp=__mtz_cb_913769698&key=2241c61e4c10670366&cv=124879&t=1575636617573
5.149.248.141200 OK 0 B URL HTTP/1.1 worldmodel.biz/optout/set/lt?jsonp=__mtz_cb_913769698&key=2241c61e4c10670366&cv=124879&t=1575636617573
IP 5.149.248.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /optout/set/lt?jsonp=__mtz_cb_913769698&key=2241c61e4c10670366&cv=124879&t=1575636617573 HTTP/1.1
Host: worldmodel.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 02:02:15 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Set-Cookie: __mntz_lt_2241c61e4c10670366=124879;Path=/;Max-Age=3153600000;SameSite=None;Secure
abs-teknikk.no/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.3
3.11.87.175200 OK 475 B URL HTTP/2 abs-teknikk.no/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.3
IP 3.11.87.175:0
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash c7aa8936938be0b65781455878aa2085
0066e0c5ed75b3ccd5bb01db5f373d995c217a29
a764eb4204428f671190ad2bc84bcbd86cd9a6bfd05a7ded46bceb651503c508
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.3 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
content-length: 475
x-accel-version: 0.01
last-modified: Mon, 08 Feb 2021 09:04:02 GMT
etag: "38a-5bacf738a5ed2-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
3.11.87.175200 OK 507 B URL HTTP/2 abs-teknikk.no/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
IP 3.11.87.175:0
File type ASCII text, with very long lines (999), with no line terminators
Hash 22f32f77e17fa7640cda0a401c2b0844
019765feeed7ea2a9e9e506ce000978ea3ecd171
269c0f075ceb9464731b25afc21ae41536b76ef76bf0cf856c42e3e6311ec6ce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
content-length: 507
x-accel-version: 0.01
last-modified: Wed, 19 Oct 2022 13:38:22 GMT
etag: "3e7-5eb635285a712-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/uploads/2017/07/mathias2.jpg
3.11.87.175200 OK 14 kB URL HTTP/2 abs-teknikk.no/wp-content/uploads/2017/07/mathias2.jpg
IP 3.11.87.175:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x609, components 3\012- data
Hash b80f7463bff6a6afbce1ebb3ecbfa273
faad42066881a2cfcbb3f2f7f0bb24fba33608b6
65048def70bc2a230e78dbae0d90eeb78433ab2e2e94262fa42c75cc2269c9a5
GET /wp-content/uploads/2017/07/mathias2.jpg HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: image/jpeg
content-length: 13518
last-modified: Thu, 03 Aug 2017 08:14:39 GMT
etag: "5982db6f-34ce"
accept-ranges: bytes
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/uploads/2017/07/john2.jpg
3.11.87.175200 OK 13 kB URL HTTP/2 abs-teknikk.no/wp-content/uploads/2017/07/john2.jpg
IP 3.11.87.175:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x609, components 3\012- data
Hash c5358d2216a82d4295ed9d466f032c96
c4e0b781090ac5b88a558af7ad715ee8fce3696c
019e1a88cf46d42633a9b1233971397707eb49eeefcfb131296810cb6682a439
GET /wp-content/uploads/2017/07/john2.jpg HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: image/jpeg
content-length: 12830
last-modified: Thu, 03 Aug 2017 08:14:39 GMT
etag: "5982db6f-321e"
accept-ranges: bytes
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/uploads/2017/07/torkild2.jpg
3.11.87.175200 OK 14 kB URL HTTP/2 abs-teknikk.no/wp-content/uploads/2017/07/torkild2.jpg
IP 3.11.87.175:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x609, components 3\012- data
Hash 753f20f8c5748a300de8f1e09535f64d
e87776de28d46043cca50aa4dd9ab044513d0e2b
100cb20b2299b89249912ee5da30b530004b9902b445d187dae1ffec7b105019
GET /wp-content/uploads/2017/07/torkild2.jpg HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: image/jpeg
content-length: 14438
last-modified: Thu, 03 Aug 2017 08:14:41 GMT
etag: "5982db71-3866"
accept-ranges: bytes
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/uploads/2020/11/P1422949_2.jpg
3.11.87.175200 OK 50 kB URL HTTP/2 abs-teknikk.no/wp-content/uploads/2020/11/P1422949_2.jpg
IP 3.11.87.175:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x1000, components 3\012- data
Hash 2087cf3fd61dc2f5accf95b475132043
efd95849f0775d986bace9683d3de278da3ef681
c412b00097ccd14c7a006e325d374d35330454cab29267110d3738c5ce3b6bcb
GET /wp-content/uploads/2020/11/P1422949_2.jpg HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: image/jpeg
content-length: 50285
last-modified: Thu, 19 Nov 2020 09:06:10 GMT
etag: "5fb63582-c46d"
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Rajdhani%3A300%2Cregular%2C500%2C600%2C700&subset=devanagari%2Clatin%2Clatin-ext&ver=2.6.2
142.250.74.106200 OK 834 B URL HTTP/2 fonts.googleapis.com/css?family=Rajdhani%3A300%2Cregular%2C500%2C600%2C700&subset=devanagari%2Clatin%2Clatin-ext&ver=2.6.2
IP 142.250.74.106:0
Hash 8bc2299a24c69f3c13d0d397e3bd8fb0
8420a0fcf6032bb3fc853501eff685f062df3036
7f075db757e8e8a280ccc10b29cf467994e3f08f36784a5a71ad7c74559c0e09
GET /css?family=Rajdhani%3A300%2Cregular%2C500%2C600%2C700&subset=devanagari%2Clatin%2Clatin-ext&ver=2.6.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 02:02:15 GMT
date: Thu, 08 Dec 2022 02:02:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/uploads/2017/07/logo-1.png
3.11.87.175200 OK 98 kB URL HTTP/2 abs-teknikk.no/wp-content/uploads/2017/07/logo-1.png
IP 3.11.87.175:0
File type PNG image data, 1500 x 626, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e3cf28bfe819751d17e934b9c4fb898
4947a16354b84e63215dced63d5d88363f31c9af
dc870147f636a25b237a61e08dab73f1beb40eb3143326346c00b13d3321fefb
GET /wp-content/uploads/2017/07/logo-1.png HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: image/png
content-length: 98507
last-modified: Wed, 02 Aug 2017 06:57:15 GMT
etag: "598177cb-180cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/uploads/2020/11/P1422946_2.jpg
3.11.87.175200 OK 75 kB URL HTTP/2 abs-teknikk.no/wp-content/uploads/2020/11/P1422946_2.jpg
IP 3.11.87.175:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x1000, components 3\012- data
Hash abcee74699a5c66cb2a26987d84953a8
3e47a04ceef6bdc2e98814559160166569284ee3
a9d5fb07dc821cc3483fed7f1812e1f0a2af45476d1d8ab4200400d833e85392
GET /wp-content/uploads/2020/11/P1422946_2.jpg HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: image/jpeg
content-length: 75175
last-modified: Thu, 19 Nov 2020 09:07:13 GMT
etag: "5fb635c1-125a7"
accept-ranges: bytes
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/uploads/2018/10/nyansatt-1.2.jpg
3.11.87.175200 OK 84 kB URL HTTP/2 abs-teknikk.no/wp-content/uploads/2018/10/nyansatt-1.2.jpg
IP 3.11.87.175:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x1000, components 3\012- data
Hash 239cea3b01d96e219111ecc37d099dd4
097e0168169fc66ad8a5addbca6287c415a44e41
f134aeb150b1e0b09284e6fedcd0be9e9666ad7aa30a88d8db0ee81b2a354e91
GET /wp-content/uploads/2018/10/nyansatt-1.2.jpg HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: image/jpeg
content-length: 84461
last-modified: Fri, 12 Oct 2018 11:16:15 GMT
etag: "5bc0827f-149ed"
accept-ranges: bytes
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/uploads/2018/10/nyansatt-2.1.jpg
3.11.87.175200 OK 71 kB URL HTTP/2 abs-teknikk.no/wp-content/uploads/2018/10/nyansatt-2.1.jpg
IP 3.11.87.175:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x1000, components 3\012- data
Hash e6f4573632c0dc0a64c1decac6eaf0d7
3868d46e5fb82c935554ffe355dc00e54073ef91
d973f5a9d7b7b6c4335f798c871cf5b4410d49c2cd972b4e2ca1cfa350d0bb66
GET /wp-content/uploads/2018/10/nyansatt-2.1.jpg HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: image/jpeg
content-length: 70674
last-modified: Fri, 12 Oct 2018 11:16:19 GMT
etag: "5bc08283-11412"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rajdhani/v15/LDIxapCSOBg7S-QT7p4HM-Y.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/rajdhani/v15/LDIxapCSOBg7S-QT7p4HM-Y.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14976, version 1.0\012- data
Hash cac31f26b77ee8053a76a54ce2f8ce48
c92bcfc9121164049c1b30655db9481d0e454464
759a9000e47b028799d7a4ca602634a7ac7adf415775df070a335d18d9b66f38
GET /s/rajdhani/v15/LDIxapCSOBg7S-QT7p4HM-Y.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://abs-teknikk.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 21:06:09 GMT
expires: Thu, 07 Dec 2023 21:06:09 GMT
cache-control: public, max-age=31536000
age: 17766
last-modified: Wed, 27 Apr 2022 15:42:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
abs-teknikk.no/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
3.11.87.175200 OK 22 kB URL HTTP/2 abs-teknikk.no/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 3.11.87.175:0
Hash 58eb93c773724a20d5c1ec62ea1ed2dd
2419ad24794d5d250f1eb71ee08a8db37f1ccafc
f290e26a0b94cf017ca84e163bba2935468856ee331ff864ba85e9249ecf0267
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 13:32:03 GMT
vary: Accept-Encoding
etag: W/"62ebca53-48b9"
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/rajdhani/v15/LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/rajdhani/v15/LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15732, version 1.0\012- data
Hash ad9c55ecf03998391f7149c29543452a
dcd4cf87ae721dd01a6ee29be033c7d70f9c198d
433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601
GET /s/rajdhani/v15/LDI2apCSOBg7S-QT7pbYF_Oreec.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://abs-teknikk.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15732
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:48:23 GMT
expires: Wed, 06 Dec 2023 15:48:23 GMT
cache-control: public, max-age=31536000
age: 123232
last-modified: Wed, 27 Apr 2022 16:21:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/uploads/2017/07/aIMG_8999.jpg
3.11.87.175200 OK 190 kB URL HTTP/2 abs-teknikk.no/wp-content/uploads/2017/07/aIMG_8999.jpg
IP 3.11.87.175:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1429x2000, components 3\012- data
Size 190 kB (190131 bytes)
Hash d84cdc138d4b4ea8fb98848dc024f69d
9d20c3b45cff6625b4e2d90cc851b2689c04dcdf
ef0bc6a73dc553a5c16aa1c3d3a488bceb9af30ffb0f9fee4c3798b89bd9a0c3
GET /wp-content/uploads/2017/07/aIMG_8999.jpg HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: image/jpeg
content-length: 190131
last-modified: Mon, 31 Jul 2017 13:39:49 GMT
etag: "597f3325-2e6b3"
accept-ranges: bytes
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/uploads/2017/07/aIMG_9070.jpg
3.11.87.175200 OK 213 kB URL HTTP/2 abs-teknikk.no/wp-content/uploads/2017/07/aIMG_9070.jpg
IP 3.11.87.175:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1429x2000, components 3\012- data
Size 213 kB (212578 bytes)
Hash b7958e806fbeb1ab7a7917b839ed5afe
03b04349455fdb0e8c7edbccf91372c45cca0831
cd12573e33d39c457c5dbc1c2b9f224f6af1e152ab8aaf3e0791503ede7010a1
GET /wp-content/uploads/2017/07/aIMG_9070.jpg HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: image/jpeg
content-length: 212578
last-modified: Mon, 31 Jul 2017 13:40:02 GMT
etag: "597f3332-33e62"
accept-ranges: bytes
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/themes/uncode/library/js/plugins.js?ver=2085341656
3.11.87.175200 OK 372 kB URL HTTP/2 abs-teknikk.no/wp-content/themes/uncode/library/js/plugins.js?ver=2085341656
IP 3.11.87.175:0
Size 372 kB (372003 bytes)
Hash 818c12cb13868d76ce0b05b469bc3424
299a3791beb8a191db2d6ed696426f202b4d5769
6e9a112e90aec29beea9be4e85142d580b62405baf068cc0df4d52e299a01d2c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/uncode/library/js/plugins.js?ver=2085341656 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:33:11 GMT
vary: Accept-Encoding
etag: W/"6363c317-133f70"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/uploads/2017/07/redblue2.svg
3.11.87.175200 OK 424 B URL HTTP/2 abs-teknikk.no/wp-content/uploads/2017/07/redblue2.svg
IP 3.11.87.175:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (696), with no line terminators
Hash a2a61a152505afa40c5a5a8a7d256151
117ecd23899630345250f2a83ac87902ad6c59c1
3608cd64327d8b6dd17b0ec778e1ffdbadeb62e26274e488b4f5efaf1333d717
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2017/07/redblue2.svg HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: image/svg+xml
content-length: 424
x-accel-version: 0.01
last-modified: Wed, 02 Aug 2017 07:09:55 GMT
etag: "2b8-555bff371f6c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
worldmodel.biz/2241c61e4c10670366.js
5.149.248.141200 OK 199 kB URL HTTP/1.1 worldmodel.biz/2241c61e4c10670366.js
IP 5.149.248.141:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 199 kB (199312 bytes)
Hash f2d662e2a4aeadad28ef846c7b822770
7564b6e58a0d7c297251690a85e19ca169985713
b4d1ae5008febd8abd10095dded4ae14f1e13fea94bc4f5ca793c6cc435a780f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /2241c61e4c10670366.js HTTP/1.1
Host: worldmodel.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 02:02:15 GMT
Content-Type: application/javascript
Content-Length: 199312
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 15:30:05 GMT
ETag: "6352bafd-30a90"
Expires: Thu, 08 Dec 2022 02:32:15 GMT
Cache-Control: max-age=1800, public
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8617
Expires: Thu, 08 Dec 2022 04:25:53 GMT
Date: Thu, 08 Dec 2022 02:02:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0c8a8dbe6c3ae6eaa2e464296708f5c
98556b27bc3759d0ceb8200ff5bc7b9567e428a5
bfc64a0e18c0137360f746eca256f464e26d23a04521ea629c46ae50ea6af173
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9058
x-amzn-requestid: 1f7fdd3d-1e65-46f7-8ef2-d164bf81e72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz4FtuIAMFjsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-4866b3fd61fdb35d34317038;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6ET1Tfo1QXRpjkWyOE7jfYnWToK8h7ojB31efNc09awacwlCIYEPjA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:05:24 GMT
age: 68212
etag: "98556b27bc3759d0ceb8200ff5bc7b9567e428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 8937
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8617
Expires: Thu, 08 Dec 2022 04:25:53 GMT
Date: Thu, 08 Dec 2022 02:02:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8617
Expires: Thu, 08 Dec 2022 04:25:53 GMT
Date: Thu, 08 Dec 2022 02:02:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00cdac5a7f801c10e53b8651ceb94c46
d83d7a30038bbf534c531c3786c3458c66d6504a
4d767e2c8aee11a230ecbb4c5c2339a65ca380e87b713f2ad6c1efc02df07238
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4565
x-amzn-requestid: 153e9d72-d9e1-498e-b74b-f4fad27f4efd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_pHs4oAMFYYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-44aa3006114060145bd0b16d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZsZPiQ026zur9XITdqX8eyH813-2rXyG6RrSLF4pZ4Wtk4mQJZd1SA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:51:32 GMT
age: 15044
etag: "d83d7a30038bbf534c531c3786c3458c66d6504a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8617
Expires: Thu, 08 Dec 2022 04:25:53 GMT
Date: Thu, 08 Dec 2022 02:02:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43fdc85bfd574fa803f0bcdc216ef622
27f558d5cdc150a50f080c054423500666b63d74
fafd2a81cddacdb4e5fd7c9963a784e6e56d06ac98f0bd4124fd74fa3ba015e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5245
x-amzn-requestid: 9770ebcd-fb1e-4b81-bb87-1e98ef024741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy-E8HugoAMFsKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911085-54eb7a48323113d52329abf5;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:15:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d2DHUS5fGT4uoPPdjDXmHUOQVF93ULtO4zSHRmrx7KMu3lO0y0K9ag==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:24:13 GMT
age: 13083
etag: "27f558d5cdc150a50f080c054423500666b63d74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 62965
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2d14fc1b5d2e6d6f4751a2fe741b990
86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef
bfe88cb97ccec5af627853d0bbc02f4799c4b8a25a995c8578365cb5a2914d6a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8626
x-amzn-requestid: c5f3e36b-87f1-4938-819c-7b1a6ec6bfeb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4BXHJ0oAMFaKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d5-15635f9a10d25d8c1d702bbd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zQXtGXxwwTmn7gMQQj5wM69mPzAmYXRyfTbYfgUovTGsS0y048GZDg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:51:32 GMT
age: 15044
etag: "86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2ce419dc08e7ad2dc06ea4078e7caf06
e3f29ebb9f8e24a2d4de345f12853244bf897d63
1f0308c60e06cd1ca0b62f6a4d5dd085d8c98c37e17c50d5bb4e96eaecaf0c3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=92814
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:16 GMT
Etag: "63900d36-118"
Expires: Fri, 09 Dec 2022 03:49:10 GMT
Last-Modified: Wed, 07 Dec 2022 03:49:10 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2ce419dc08e7ad2dc06ea4078e7caf06
e3f29ebb9f8e24a2d4de345f12853244bf897d63
1f0308c60e06cd1ca0b62f6a4d5dd085d8c98c37e17c50d5bb4e96eaecaf0c3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=92814
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:16 GMT
Etag: "63900d36-118"
Expires: Fri, 09 Dec 2022 03:49:10 GMT
Last-Modified: Wed, 07 Dec 2022 03:49:10 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2ce419dc08e7ad2dc06ea4078e7caf06
e3f29ebb9f8e24a2d4de345f12853244bf897d63
1f0308c60e06cd1ca0b62f6a4d5dd085d8c98c37e17c50d5bb4e96eaecaf0c3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=92814
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:16 GMT
Etag: "63900d36-118"
Expires: Fri, 09 Dec 2022 03:49:10 GMT
Last-Modified: Wed, 07 Dec 2022 03:49:10 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2ce419dc08e7ad2dc06ea4078e7caf06
e3f29ebb9f8e24a2d4de345f12853244bf897d63
1f0308c60e06cd1ca0b62f6a4d5dd085d8c98c37e17c50d5bb4e96eaecaf0c3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=92814
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:16 GMT
Etag: "63900d36-118"
Expires: Fri, 09 Dec 2022 03:49:10 GMT
Last-Modified: Wed, 07 Dec 2022 03:49:10 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2ce419dc08e7ad2dc06ea4078e7caf06
e3f29ebb9f8e24a2d4de345f12853244bf897d63
1f0308c60e06cd1ca0b62f6a4d5dd085d8c98c37e17c50d5bb4e96eaecaf0c3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=92814
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:16 GMT
Etag: "63900d36-118"
Expires: Fri, 09 Dec 2022 03:49:10 GMT
Last-Modified: Wed, 07 Dec 2022 03:49:10 GMT
Server: nginx
Content-Length: 280
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,0288D1&scale=2.0
142.250.74.142200 OK 980 B URL HTTP/2 mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,0288D1&scale=2.0
IP 142.250.74.142:0
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 1c35128c26299a39bcaae4acb9c04f0c
527082158709755f24753d2e926030d50df97a88
e2d09246c364f928ce2aed8cc7e36ba71301f8104d3f027be10b1a493b0983ef
GET /vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,0288D1&scale=2.0 HTTP/1.1
Host: mt.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBCS/LucBg==
server: scaffolding on HTTPServer2
content-length: 980
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Wed, 07 Dec 2022 09:04:27 GMT
expires: Mon, 21 Aug 2023 13:54:49 GMT
cache-control: public, max-age=22222222
content-type: image/png
age: 61069
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
marryjoy.net/metric/?wid=52642&sid=&tid=8769&mid=&rid=LOADED&custom1=abs-teknikk.no&custom2=%2F&custom3=worldmodel.biz&t=1670464935675
104.21.23.198200 OK 43 B URL HTTP/2 marryjoy.net/metric/?wid=52642&sid=&tid=8769&mid=&rid=LOADED&custom1=abs-teknikk.no&custom2=%2F&custom3=worldmodel.biz&t=1670464935675
IP 104.21.23.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /metric/?wid=52642&sid=&tid=8769&mid=&rid=LOADED&custom1=abs-teknikk.no&custom2=%2F&custom3=worldmodel.biz&t=1670464935675 HTTP/1.1
Host: marryjoy.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 02:02:16 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZTZiMs%2BO1VNvNie0dSfPpitGMW261g5eU86oCAx9l%2FQ44Q%2F0%2FwxCMbaMLA6vLBLKg1SOYRUbKt5efjyexbBevEoYka1vitv9c0F4qAK1tYjgbi10o6R2T9Te5G5QMQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7761eafd69c6b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
marryjoy.net/metric/?wid=52642&sid=&tid=8769&mid=&rid=FINISHED&custom1=abs-teknikk.no&t=1670464935677
104.21.23.198200 OK 43 B URL HTTP/2 marryjoy.net/metric/?wid=52642&sid=&tid=8769&mid=&rid=FINISHED&custom1=abs-teknikk.no&t=1670464935677
IP 104.21.23.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /metric/?wid=52642&sid=&tid=8769&mid=&rid=FINISHED&custom1=abs-teknikk.no&t=1670464935677 HTTP/1.1
Host: marryjoy.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 02:02:16 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9m%2FNSEHgpcqr0940V0liKddPBhuaNMBtcxSkUS%2BUIPpuwvzBCocBDaRmobAs7r4qSzEldWRnBQROnJA%2FiDXOxpNMOa%2BPHzW10JNdPfEOYOnl0vC7lfaTYirdMJvrkc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7761eafd69c8b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
marryjoy.net/metric/?wid=52642&sid=&mid=&tid=8769&rid=LAUNCHED&t=1670464935515
104.21.23.198200 OK 43 B URL HTTP/2 marryjoy.net/metric/?wid=52642&sid=&mid=&tid=8769&rid=LAUNCHED&t=1670464935515
IP 104.21.23.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /metric/?wid=52642&sid=&mid=&tid=8769&rid=LAUNCHED&t=1670464935515 HTTP/1.1
Host: marryjoy.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 02:02:16 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdvjZP6YCAXbF%2Fj5z24DwVys1wd2F47C3NCswTm7LqL4Y%2F3GbKOH1Gylyntqkhz3ls6OvZUU21u3QTsvJ5fcyokI30oImsZjbVydwcwIWacAaWtpXb66%2B5sRl4i7VH0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7761eafd79cdb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
marryjoy.net/metric/?wid=52642&sid=&tid=8769&mid=&rid=BEFORE_OPTOUT_REQ&t=1670464935676
104.21.23.198200 OK 43 B URL HTTP/2 marryjoy.net/metric/?wid=52642&sid=&tid=8769&mid=&rid=BEFORE_OPTOUT_REQ&t=1670464935676
IP 104.21.23.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /metric/?wid=52642&sid=&tid=8769&mid=&rid=BEFORE_OPTOUT_REQ&t=1670464935676 HTTP/1.1
Host: marryjoy.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 02:02:16 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XeDayPAvhzNcV4BuVOtcV9KTyVwbY1pLdonMKTDzqVnkTh8ZrcKc%2Ba2jceLc6IE2EnMgZCToMlxPQJeAM7klrXjdRmqOf%2Bbs9188P4IcVgaGOKtHze5rA7s9ynupZw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7761eafd69ccb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2ce419dc08e7ad2dc06ea4078e7caf06
e3f29ebb9f8e24a2d4de345f12853244bf897d63
1f0308c60e06cd1ca0b62f6a4d5dd085d8c98c37e17c50d5bb4e96eaecaf0c3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=92814
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:16 GMT
Etag: "63900d36-118"
Expires: Fri, 09 Dec 2022 03:49:10 GMT
Last-Modified: Wed, 07 Dec 2022 03:49:10 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 38ab64c8d5e963bd13caddb191950d94
b2aeb62771557e894a0c7a8e4e46dc13cc4c7f84
d1d95cac0816e3a1ed1fdc7e944029c805cd863e658ba87338436cd66d969cca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/mapfiles/openhand_8_8.cur
142.250.74.3200 OK 326 B URL HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 142.250.74.3:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Thu, 08 Dec 2022 02:02:16 GMT
expires: Thu, 08 Dec 2022 02:02:16 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 38ab64c8d5e963bd13caddb191950d94
b2aeb62771557e894a0c7a8e4e46dc13cc4c7f84
d1d95cac0816e3a1ed1fdc7e944029c805cd863e658ba87338436cd66d969cca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
abs-teknikk.no/wp-json/contact-form-7/v1/contact-forms/110/feedback/schema
3.11.87.175200 OK 212 B URL HTTP/2 abs-teknikk.no/wp-json/contact-form-7/v1/contact-forms/110/feedback/schema
IP 3.11.87.175:0
File type JSON data\012- , ASCII text, with very long lines (528), with no line terminators
Hash f2201d162d5c3ba11d3afa09777647a5
e55543f0ae6c68baf51ab746bb74d9597da2d339
34dbccbb433fe7af6df244148f1d9c5f358db6ab581e3137a1931d6c0b9ffc4d
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/110/feedback/schema HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://abs-teknikk.no/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:16 GMT
content-type: application/json; charset=UTF-8
content-length: 212
x-powered-by: PHP/7.4.33
x-robots-tag: noindex
link: <https://abs-teknikk.no/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Origin,Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c7a5f887bbc7d30b9cfe15163c3d8ddb
21d65790a1d10a06d198b54218365aa474126e1c
2a2e7930f967d947cc5293c95221913e24596773577bbf56ff402db6236bbda1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
abs-teknikk.no/wp-content/uploads/2017/07/cropped-favicon-192x192.png
3.11.87.175200 OK 13 kB URL HTTP/2 abs-teknikk.no/wp-content/uploads/2017/07/cropped-favicon-192x192.png
IP 3.11.87.175:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash f2bc8851917fc4222d9b610ee421c015
16a087f442e3b6fc02ee37248b49e084833424ef
af9cdb6fd85c5d7cac4c5bff09e9754c3828e89c4d9c2cdde1321431350f7942
GET /wp-content/uploads/2017/07/cropped-favicon-192x192.png HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Cookie: cookie_consent_performance=0; cookie_consent_targeting=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:16 GMT
content-type: image/png
content-length: 13262
last-modified: Fri, 04 Aug 2017 08:02:57 GMT
etag: "59842a31-33ce"
accept-ranges: bytes
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/uploads/2017/07/cropped-favicon-32x32.png
3.11.87.175200 OK 1.3 kB URL HTTP/2 abs-teknikk.no/wp-content/uploads/2017/07/cropped-favicon-32x32.png
IP 3.11.87.175:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 2737269e451df4204220ebb68a6a05ac
42d189bf87d8c2b08c6810f5dfa730af37fc75bc
6f2f7b11a34b056a6f8165a385d3b1b26fb8263878414b61d126f1c762bc9a83
GET /wp-content/uploads/2017/07/cropped-favicon-32x32.png HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Cookie: cookie_consent_performance=0; cookie_consent_targeting=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:16 GMT
content-type: image/png
content-length: 1292
last-modified: Fri, 04 Aug 2017 08:02:57 GMT
etag: "59842a31-50c"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3041a0828d1aeb289bac655852c04bbb
e7ac7db3b4861c0c269170a4b9f9cfcc07f30647
07600c5e37975e1e64911afe5150beb53526a4c552295fec54cda73347ebd833
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1825
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:16 GMT
Etag: "63900605-1d7"
Last-Modified: Thu, 08 Dec 2022 01:31:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 08 Dec 2022 00:46:55 GMT
expires: Thu, 08 Dec 2022 02:46:55 GMT
cache-control: public, max-age=7200
age: 4521
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/plugins/ua/linkid.js
142.250.74.14200 OK 859 B URL HTTP/2 www.google-analytics.com/plugins/ua/linkid.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 01:14:33 GMT
expires: Thu, 08 Dec 2022 02:14:33 GMT
cache-control: public, max-age=3600
age: 2863
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c7a5f887bbc7d30b9cfe15163c3d8ddb
21d65790a1d10a06d198b54218365aa474126e1c
2a2e7930f967d947cc5293c95221913e24596773577bbf56ff402db6236bbda1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 9+1dLgl6mDAC5B1nVii0YgHL2qEjqx0Ica+ZMd3hldS3CNfQ6mjwaoLNDydX1NOxwuLNRm+6ial36/G8BOZuJQ==
content-length: 27340
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 02:02:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3041a0828d1aeb289bac655852c04bbb
e7ac7db3b4861c0c269170a4b9f9cfcc07f30647
07600c5e37975e1e64911afe5150beb53526a4c552295fec54cda73347ebd833
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1825
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 02:02:16 GMT
Etag: "63900605-1d7"
Last-Modified: Thu, 08 Dec 2022 01:31:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.facebook.com/tr/?id=2456863221249142&ev=PageView&dl=https%3A%2F%2Fabs-teknikk.no%2F&rl=&if=false&ts=1670464936701&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670464936701.2008995293&it=1670464936473&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=2456863221249142&ev=PageView&dl=https%3A%2F%2Fabs-teknikk.no%2F&rl=&if=false&ts=1670464936701&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670464936701.2008995293&it=1670464936473&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2456863221249142&ev=PageView&dl=https%3A%2F%2Fabs-teknikk.no%2F&rl=&if=false&ts=1670464936701&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670464936701.2008995293&it=1670464936473&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 08 Dec 2022 02:02:17 GMT
X-Firefox-Spdy: h2
ssl.gstatic.com/ui/v1/star/star4.png
142.250.74.163200 OK 294 B URL HTTP/2 ssl.gstatic.com/ui/v1/star/star4.png
IP 142.250.74.163:0
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash c3e38fc01d8bd2d4a1150aa6b4414852
e4d1abd103711b8e2d863b75815f893f602b7561
e5b7b36c80b9444eefd181c2862412165e771328f66b0b95ee96d6c59957d13e
GET /ui/v1/star/star4.png HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gstatic-ui-assets
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="gstatic-ui-assets"
report-to: {"group":"gstatic-ui-assets","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gstatic-ui-assets"}]}
content-length: 294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 01:58:46 GMT
expires: Sun, 03 Dec 2023 01:58:46 GMT
cache-control: public, max-age=31536000
age: 432211
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.2
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.2
IP 3.11.87.175:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.2 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 12:08:53 GMT
vary: Accept-Encoding
etag: W/"63762455-5fa"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 3.11.87.175:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 13:32:02 GMT
vary: Accept-Encoding
etag: W/"62ebca52-4ac6"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/themes/uncode/library/css/uncode-icons.css?ver=2085341656
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-content/themes/uncode/library/css/uncode-icons.css?ver=2085341656
IP 3.11.87.175:0
GET /wp-content/themes/uncode/library/css/uncode-icons.css?ver=2085341656 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: text/css
last-modified: Thu, 03 Nov 2022 13:33:10 GMT
vary: Accept-Encoding
etag: W/"6363c316-f141"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/uploads/2020/11/ABS-Teknikk-promo-2020.mp4?_=1
3.11.87.175206 Partial Content 0 B URL HTTP/2 abs-teknikk.no/wp-content/uploads/2020/11/ABS-Teknikk-promo-2020.mp4?_=1
IP 3.11.87.175:0
GET /wp-content/uploads/2020/11/ABS-Teknikk-promo-2020.mp4?_=1 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Thu, 08 Dec 2022 02:02:16 GMT
content-type: video/mp4
content-length: 29178384
last-modified: Mon, 30 Nov 2020 11:51:16 GMT
etag: "5fc4dcb4-1bd3a10"
content-range: bytes 0-29178383/29178384
X-Firefox-Spdy: h2
marryjoy.net/optout/get?jsonp=__mtz_cb_31999925&key=2241c61e4c10670366&t=1670464935677
104.21.23.198200 OK 0 B URL HTTP/2 marryjoy.net/optout/get?jsonp=__mtz_cb_31999925&key=2241c61e4c10670366&t=1670464935677
IP 104.21.23.198:0
GET /optout/get?jsonp=__mtz_cb_31999925&key=2241c61e4c10670366&t=1670464935677 HTTP/1.1
Host: marryjoy.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 02:02:16 GMT
content-type: application/javascript
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcMMtjHd8BNbKA%2B4G9%2FMTiTHCPoXqhurzk5Ja8pXqJaE%2Bfh2q0omJoKsYSYV7q0JAfkgm6i0V6a%2BBs928EpjOWTL0hCcdw5teD0nq%2Bdb1yEdrB1BECCAl7ERQO%2F4VgM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7761eafd59bdb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/uploads/2020/11/P1400093.jpg
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-content/uploads/2020/11/P1400093.jpg
IP 3.11.87.175:0
GET /wp-content/uploads/2020/11/P1400093.jpg HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: image/jpeg
content-length: 72783
last-modified: Thu, 19 Nov 2020 09:09:06 GMT
etag: "5fb63632-11c4f"
accept-ranges: bytes
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 3.11.87.175:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 13:38:22 GMT
vary: Accept-Encoding
etag: W/"634ffdce-26d1"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 3.11.87.175:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 13:38:22 GMT
vary: Accept-Encoding
etag: W/"634ffdce-3016"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 3.11.87.175:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: text/css
last-modified: Thu, 04 Aug 2022 13:32:02 GMT
vary: Accept-Encoding
etag: W/"62ebca52-15b64"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
IP 3.11.87.175:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
last-modified: Mon, 08 Feb 2021 09:04:02 GMT
vary: Accept-Encoding
etag: W/"6020fe82-267aa"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 3.11.87.175:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: text/css
last-modified: Wed, 19 Oct 2022 13:38:22 GMT
vary: Accept-Encoding
etag: W/"634ffdce-aab"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 3.11.87.175:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
last-modified: Mon, 08 Feb 2021 09:04:02 GMT
vary: Accept-Encoding
etag: W/"6020fe82-2bd8"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16
IP 3.11.87.175:0
GET /wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
last-modified: Mon, 08 Feb 2021 09:04:02 GMT
vary: Accept-Encoding
etag: W/"6020fe82-1940"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/uploads/2020/11/ABS-Teknikk-promo-2020.mp4?_=1
3.11.87.175206 Partial Content 0 B URL HTTP/2 abs-teknikk.no/wp-content/uploads/2020/11/ABS-Teknikk-promo-2020.mp4?_=1
IP 3.11.87.175:0
GET /wp-content/uploads/2020/11/ABS-Teknikk-promo-2020.mp4?_=1 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Thu, 08 Dec 2022 02:02:16 GMT
content-type: video/mp4
content-length: 29178384
last-modified: Mon, 30 Nov 2020 11:51:16 GMT
etag: "5fc4dcb4-1bd3a10"
content-range: bytes 0-29178383/29178384
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/themes/uncode/library/css/style.css?ver=2085341656
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-content/themes/uncode/library/css/style.css?ver=2085341656
IP 3.11.87.175:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/uncode/library/css/style.css?ver=2085341656 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: text/css
last-modified: Thu, 03 Nov 2022 13:33:10 GMT
vary: Accept-Encoding
etag: W/"6363c316-c67ef"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/themes/uncode/library/css/style-custom.css?ver=2085341656
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-content/themes/uncode/library/css/style-custom.css?ver=2085341656
IP 3.11.87.175:0
GET /wp-content/themes/uncode/library/css/style-custom.css?ver=2085341656 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: text/css
last-modified: Thu, 03 Nov 2022 13:33:23 GMT
vary: Accept-Encoding
etag: W/"6363c323-38dea"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/themes/uncode/library/js/init.js?ver=2085341656
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-content/themes/uncode/library/js/init.js?ver=2085341656
IP 3.11.87.175:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/uncode/library/js/init.js?ver=2085341656 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:33:11 GMT
vary: Accept-Encoding
etag: W/"6363c317-27917"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/themes/uncode/library/js/app.js?ver=2085341656
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-content/themes/uncode/library/js/app.js?ver=2085341656
IP 3.11.87.175:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/uncode/library/js/app.js?ver=2085341656 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:33:11 GMT
vary: Accept-Encoding
etag: W/"6363c317-50e38"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 3.11.87.175:0
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 13:32:02 GMT
vary: Accept-Encoding
etag: W/"62ebca52-194b"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1
IP 3.11.87.175:0
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 01:01:16 GMT
vary: Accept-Encoding
etag: W/"636c4d5c-2e7a"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 3.11.87.175:0
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
last-modified: Fri, 13 Aug 2021 06:29:15 GMT
vary: Accept-Encoding
etag: W/"6116113b-15db1"
content-encoding: gzip
X-Firefox-Spdy: h2
abs-teknikk.no/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.3
3.11.87.175200 OK 0 B URL HTTP/2 abs-teknikk.no/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.3
IP 3.11.87.175:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.3 HTTP/1.1
Host: abs-teknikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abs-teknikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 02:02:15 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 13:32:03 GMT
vary: Accept-Encoding
etag: W/"62ebca53-4a7"
content-encoding: gzip
X-Firefox-Spdy: h2