Report - oilkjm.25be5.tt.wy5532.com/

Report Overview

Submitted URL
oilkjm.25be5.tt.wy5532.com/
IP
81.171.22.7
ASN
#60781 LeaseWeb Netherlands B.V.
Submitted
2023-02-01 20:34:56
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cartining-specute.com	unknown	2021-02-01T00:37:43Z	2023-03-13T06:57:55Z	772 B	688 B	18.197.36.77
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	520 B	578 B	142.250.74.163
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
1.no04trckingmic.com	unknown	2022-03-11T11:41:39Z	2023-03-11T15:51:31Z	573 B	560 B	34.90.46.36
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	62 kB	34.120.237.76
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	622 B	603 B	64.233.162.157
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	4.5 kB	9.1 kB	216.58.211.3
oilkjm.25be5.tt.wy5532.com	unknown	2023-01-12T15:06:06Z	2023-01-12T19:15:08Z	1.5 kB	1.6 kB	81.171.22.7
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
orest-vlv.com	unknown	2023-01-16T11:21:19Z	2023-03-13T02:10:56Z	1.6 kB	4.4 kB	54.237.193.255
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.215.56.181
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340 B	964 B	172.64.155.188
www.motenorskejenter.com	unknown	2022-08-12T20:06:03Z	2023-03-11T15:51:32Z	36 kB	487 kB	185.222.108.79
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	399 B	1.1 kB	216.58.207.228
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	381 B	21 kB	142.250.74.46
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	418 B	630 B	142.250.74.106
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	809 B	102 kB	142.250.74.40
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	986 B	17 kB	142.250.74.35
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	459 B	165 kB	216.58.211.3
ads.exoclick.com	32908	2012-11-29T01:05:16Z	2023-03-13T06:42:45Z	371 B	922 B	205.185.216.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-01	medium	oilkjm.25be5.tt.wy5532.com/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (31)

	URL	Size	First Seen	Last Seen
	www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__#1	13 B	2023-03-07	2024-01-25
Pretty URL www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__#1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:40 Last Seen2024-01-25 20:47:49 Times Seen46 Hash 05f28bb921549365be73a3649e0e8ca1 4d98499fa4beca06c003b1fcac34c5e3195d730c e122c7c9b2fe1be0609499f46553440c5392b70d3cf34f726aa5d27810a668a1 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfahlwUAAAAALNBRGqVznEJwQn6uYl8yCqKbfMR&co=aHR0cHM6Ly93d3cubW90ZW5vcnNrZWplbnRlci5jb206NDQz&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=normal&cb=5nklow5v9rik	69 B	2023-03-07	2024-04-19
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfahlwUAAAAALNBRGqVznEJwQn6uYl8yCqKbfMR&co=aHR0cHM6Ly93d3cubW90ZW5vcnNrZWplbnRlci5jb206NDQz&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=normal&cb=5nklow5v9rik IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-19 12:57:47 Times Seen99061 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	oilkjm.25be5.tt.wy5532.com/	383 B	2023-03-13	2023-03-13
Pretty URL oilkjm.25be5.tt.wy5532.com/ IP 81.171.22.7 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:25:48 Last Seen2023-03-13 14:25:48 Times Seen1 Hash 8b84b7300668d9fb73c46023c26fce73 e0f465a83a5258e4603f0dc549d6403623ad34cd 1a3690a753def70be37fab7a410f9e228f650c9b97d8fee803c94525ba5a055b Loading...

	orest-vlv.com/zcvisitor/dd4c0616-a26f-11ed-9b97-0a3a0252f259/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=fe5ef520-6592-11ed-9380-0a918cbcbb97	849 B	2023-03-13	2023-03-13
Pretty URL orest-vlv.com/zcvisitor/dd4c0616-a26f-11ed-9b97-0a3a0252f259/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=fe5ef520-6592-11ed-9380-0a918cbcbb97 IP 54.237.193.255 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:25:48 Last Seen2023-03-13 14:25:48 Times Seen1 Hash 4b8439ad2f1d4240b5609348209b5991 297c76e14252c456e5623dad8e26f35124c59980 7ba618c911c5323d274d48a2edede014dfbdd1f32af725b1f63b08a082358395 Loading...

	www.motenorskejenter.com/Scripts/jquery-3.1.1.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1	87 kB	2023-03-07	2024-03-12
Pretty URL www.motenorskejenter.com/Scripts/jquery-3.1.1.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 IP 185.222.108.79 ASN #205316 Supporta Interactiva B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:40 Last Seen2024-03-12 10:48:12 Times Seen107 Hash e21a794753fcdecf1e4b036860343c3c 169968091303117d6b8e275e4e4575d60755d8ac fc4982691b4178e9a72866bc354d7f9fba97e26363833be19ef7ed900962cc83 Loading...

	www.motenorskejenter.com/Scripts/ExternalScoringService/ExternalScoringService.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1	624 B	2023-03-07	2023-12-31
Pretty URL www.motenorskejenter.com/Scripts/ExternalScoringService/ExternalScoringService.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:40 Last Seen2023-12-31 06:48:39 Times Seen49 Hash 8c9d71abf306d458a391eb43ca645bb7 7bbdffb55e5bb7fbd1c3888e33e9508d383b6e09 f292d7f179479bf54b7df2a6ea0ad5b2a70a4da6624b9292de83a8d15f80dc9e Loading...

	www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js	412 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:01:06 Last Seen2023-03-13 15:37:41 Times Seen1 Hash 10fa8a547b2ef125150037f815579540 32d80f0b24826584a73c4113d51300b7666282cb a0a04c24a9bdaac0e8aa2d22df95a7ae8c0d744a31b732da3d6e4bb279c79e40 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfahlwUAAAAALNBRGqVznEJwQn6uYl8yCqKbfMR&co=aHR0cHM6Ly93d3cubW90ZW5vcnNrZWplbnRlci5jb206NDQz&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=normal&cb=5nklow5v9rik	36 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfahlwUAAAAALNBRGqVznEJwQn6uYl8yCqKbfMR&co=aHR0cHM6Ly93d3cubW90ZW5vcnNrZWplbnRlci5jb206NDQz&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=normal&cb=5nklow5v9rik IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:25:48 Last Seen2023-03-13 14:25:48 Times Seen1 Hash 036f953ec95492a37653e9196365fd5c 19e6fc33dc0c8cbe6f46be759c64921f8230be2f fec00d644d865ec11b0dc1dfdbb98aaaaea85e77a15a4b635fcdbb9bcf55c875 Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 14:06:43 Times Seen36960768 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.motenorskejenter.com/Scripts/APIScripts/APILandersSignup.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1	37 kB	2023-03-08	2023-03-26
Pretty URL www.motenorskejenter.com/Scripts/APIScripts/APILandersSignup.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 IP 185.222.108.79 ASN #205316 Supporta Interactiva B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:52:45 Last Seen2023-03-26 13:26:38 Times Seen3 Hash a14d142af52ca2ca3fea9c3a35c6499c a84bbe96923dcd59a79ec6a01914f1d0843c0e74 0a2026cc1e94ed53495c7384856dbd248c981b1e910139c0032f83355f7dbeeb Loading...

	www.google.com/recaptcha/api.js?onload=GCOnLoadCallBack	909 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js?onload=GCOnLoadCallBack IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:44:32 Last Seen2023-03-13 15:35:44 Times Seen1 Hash f98d12a7986ef45dac25eab2f9ef1b15 d86d3eaaf1e6e689722c329da7e1288b25b43e87 3209e8861b3346e8073b88cf67eed5c1ae85697b899a871c3b3d7c3fef7ab018 Loading...

	www.motenorskejenter.com/Landers/GetJavascript/1325?countryId=160&c=d3d11de7-e90d-45cc-a651-e37d54e4f3e4	1.1 kB	2023-03-08	2023-03-29
Pretty URL www.motenorskejenter.com/Landers/GetJavascript/1325?countryId=160&c=d3d11de7-e90d-45cc-a651-e37d54e4f3e4 IP 185.222.108.79 ASN #205316 Supporta Interactiva B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:52:45 Last Seen2023-03-29 22:32:32 Times Seen3 Hash df513aee3c0d9484fd27147cc6315ce9 deae114e1b6bba9bc9ae91e2ebcb9a75daa42eff 10d4870aa07235e5f78b3db3a733d876f1e27bb3641c1499bd8205adb1c29d6a Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LfahlwUAAAAALNBRGqVznEJwQn6uYl8yCqKbfMR	178 B	2023-03-08	2023-03-25
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LfahlwUAAAAALNBRGqVznEJwQn6uYl8yCqKbfMR IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:44:05 Last Seen2023-03-25 22:25:27 Times Seen2 Hash 0a1d95b9aa6dfd33c4319f29c2060957 d03cfa17c9091525736221decde5408cf60b831a e6e982763ad372badb40a74347536c335c0911c9f84cab216e1dd31bee9865bd Loading...

	orest-vlv.com/zcredirect?visitid=dd4c0616-a26f-11ed-9b97-0a3a0252f259&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	359 B	2023-03-13	2023-03-13
Pretty URL orest-vlv.com/zcredirect?visitid=dd4c0616-a26f-11ed-9b97-0a3a0252f259&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false IP 54.237.193.255 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:25:48 Last Seen2023-03-13 14:25:48 Times Seen1 Hash 0a9a9d09e5bd886292fabc06a7d970aa d607eb21ce00e79f8c0aeb3e997c159018234e8b 3bff95ace5a08919b7acc20f3756dc0f9c2dfa2a5cae2f670f7e3415693b888d Loading...

	www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__	343 B	2023-03-08	2024-03-06
Pretty URL www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__ IP 185.222.108.79 ASN #205316 Supporta Interactiva B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:52:45 Last Seen2024-03-06 19:24:51 Times Seen40 Hash fb0dc9612cc50b820ba049664f893cfa 2ecb779f0d6e8a3b2ef00b1c2ab679cabd139103 32120a4b5f62afc8290c70d004e38d889803f4a6de218bfa8b78279769f3f6f5 Loading...

	www.motenorskejenter.com/Scripts/ExternalScoringService/EHawkTalon.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1	50 kB	2023-03-07	2023-12-31
Pretty URL www.motenorskejenter.com/Scripts/ExternalScoringService/EHawkTalon.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 IP 185.222.108.79 ASN #205316 Supporta Interactiva B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:40 Last Seen2023-12-31 06:48:38 Times Seen27 Hash 441813d48d54ccbf03be506cc04b05c5 4b3ae78d7183499c0701ae264ac5807269d8eefc e09a556f2a0d224ddc13076759a2e3e47bd2ee479255b195a59f9dda8455f8f3 Loading...

	www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__	199 B	2023-03-13	2023-03-13
Pretty URL www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__ IP 185.222.108.79 ASN #205316 Supporta Interactiva B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:25:48 Last Seen2023-03-13 14:25:48 Times Seen1 Hash fbd501de8f183b0e72845976630ff042 702e0927f4a92bc925bb7d512ea3692428d84fdf 8788fe130471d183c7d30fbd5af004e250ba40a03d35d1c56f6080c50eb9d10e Loading...

	www.motenorskejenter.com/Scripts/APIScripts/APIcaller.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1	5.6 kB	2023-03-07	2023-10-19
Pretty URL www.motenorskejenter.com/Scripts/APIScripts/APIcaller.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 IP 185.222.108.79 ASN #205316 Supporta Interactiva B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:02:59 Last Seen2023-10-19 03:10:03 Times Seen43 Hash 018bbbf2bcdbef3d1d2410a749970c59 ded8cc13a5283632cc3fe06c7e6f5387f87fee3c 0a0e745c49f9dbb8430dc9d59516d01460887d69bda5e20059e5ea28e44dc87c Loading...

	www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__	391 B	2023-03-08	2023-10-18
Pretty URL www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__ IP 185.222.108.79 ASN #205316 Supporta Interactiva B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:52:45 Last Seen2023-10-18 05:01:36 Times Seen32 Hash 19a79304e82e1cdd25ddc154edbb513d fc6ac1d28fc62086371d9404451677da214f9217 02ea1450a7d4105c20724c603f731ccc0d9eb5590db3686891b0338b287251f7 Loading...

	www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__	184 B	2023-03-13	2023-03-13
Pretty URL www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__ IP 185.222.108.79 ASN #205316 Supporta Interactiva B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:25:48 Last Seen2023-03-13 14:25:48 Times Seen1 Hash 7e5baa1e4ccd6a9e6b83013f073b06e1 a6b8b80be35779f3234d9905dfdb423cb0d8a71f f05ea8276fb99dc47c8ed173ab255020aad01c3fbef76399f4aa5159f1a143b6 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TBF4SKT&l=newDataLayer	97 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TBF4SKT&l=newDataLayer IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:25:48 Last Seen2023-03-13 14:25:48 Times Seen1 Hash 274d3ee9053eecc7cdb0c232ea476580 2e6ece5dc869bfda63cb25c7e47db3ba5f06002e 2933a515c7a31fd364fc6c4b7b5faaa81e537ab41497f97fecbdd799d0a52e64 Loading...

	www.motenorskejenter.com/Scripts/APIScripts/APICookieFunctions.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1	602 B	2023-03-07	2024-03-12
Pretty URL www.motenorskejenter.com/Scripts/APIScripts/APICookieFunctions.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 IP 185.222.108.79 ASN #205316 Supporta Interactiva B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:40 Last Seen2024-03-12 10:48:12 Times Seen107 Hash 00cdba30ebbd853e57b3fac6132e5a57 fcd8f75f2c1137faee6ffd98102ed171598c1fd5 de34f5d40f64167fa07796e8e34a55f8ff34f5242e5831a7407fedd291b6e4e2 Loading...

	ads.exoclick.com/tag_gen.js	1.0 kB	2023-03-07	2023-05-03
Pretty URL ads.exoclick.com/tag_gen.js IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-05-03 11:49:17 Times Seen218 Hash e04e1dcc070d00703ed07cf1d8d4dbbb a56c0470b9aa925085e51a6271a4a2185006fc13 3f89c138ce1226da6cf58792344304839adeea6fc1fad2ba4ff9fc137abb70a0 Loading...

		Size	First Seen	Last Seen
	#1 Eval - f36e4d0961d40ef71e8bd20ba0f929fe	16 kB	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash f36e4d0961d40ef71e8bd20ba0f929fe cae72965339f0db453f17b1831fad21b4cb08360 e1a4bc1babc09967a368fe423660be9c79500204b341c68b432adb9ee56baa3b Loading...

	#2 Eval - 703b9b4ee324ed5bea800395d6e7b778	64 B	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash 703b9b4ee324ed5bea800395d6e7b778 d9dbc963793c903a99ad1184d4a8c8b76f00a92b ac3659fff3d443c469cac8e740b2ebacc39f1260da426918c1fedd90dea242fd Loading...

	#3 Eval - 459ec9cfee68d036557a8679627d303d	22 B	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash 459ec9cfee68d036557a8679627d303d 25b45ef0c0ea6e24c150ab10bec3eac40902795a b004954a8ae3697a3df5d38a4d92354a8918e637c53204ae3cf8f6ade91de69f Loading...

	#4 Eval - 6a3c1e3a120be4e035e322c68dd503f9	22 B	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash 6a3c1e3a120be4e035e322c68dd503f9 a5e4b5e2582288db30e3e8a309e79dd3bc30df9b f00c4fa0123db2791dc34da467be1797fe727652a37bcd967753739158deed2d Loading...

	#5 Eval - a4bb2bdea68d10c4e5d6b90f1ea51e68	22 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 14:25:48 Last Seen2023-03-13 14:25:48 Times Seen1 Hash a4bb2bdea68d10c4e5d6b90f1ea51e68 6d5b960705836df526bf5231e7275b359d2bfd8c cfceccd84ee0e1b15c4282ab0b89810322efaf4923b980393848a3f2180066f3 Loading...

		Size	First Seen	Last Seen
	#1 Write - 696a4245ee331137a12cb203f7a3f365	118 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 14:25:48 Last Seen2023-03-13 14:25:48 Times Seen1 Hash 696a4245ee331137a12cb203f7a3f365 8e598446b5397ba0c15cbab35116b7bb101d8d2c 87d0b000976e13ec2f9bbc55892ec61e227008de574b43a14bf006cbf146d232 Loading...

	#2 Write - 8f7d1736e74ac74e6980a661a8acacce	126 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 14:25:48 Last Seen2023-03-13 14:25:48 Times Seen1 Hash 8f7d1736e74ac74e6980a661a8acacce fdb01ce4f5e078b068cbeadd070b3847b7cb5ae2 8930a4c9be990230b8a400a75b15acb96137d406ef5a83ef19e003900af44b10 Loading...

HTTP Transactions (76)

URL IP Response Size

oilkjm.25be5.tt.wy5532.com/

81.171.22.7

200 OK

487 B

URL HTTP/1.1
oilkjm.25be5.tt.wy5532.com/
IP
81.171.22.7:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (487), with no line terminators
Size
487 B (487 bytes)
Hash
7ed5237ddaef395d987d743f8e1be72a
feb7f9632b2ea73697648cca278812682b6e8c34
0bd66f94f33a0dc73d953e63e54d63396ff62acb49f0347c415f155847d4644e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: oilkjm.25be5.tt.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 487
content-type: text/html; charset=utf-8
date: Wed, 01 Feb 2023 20:34:44 GMT
server: nginx
set-cookie: sid=dce75e04-a26f-11ed-bdbf-34de27052d9a; path=/; domain=.wy5532.com; expires=Mon, 19 Feb 2091 23:48:51 GMT; max-age=2147483647; HttpOnly

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4061
Expires: Wed, 01 Feb 2023 21:42:26 GMT
Date: Wed, 01 Feb 2023 20:34:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11018
Expires: Wed, 01 Feb 2023 23:38:23 GMT
Date: Wed, 01 Feb 2023 20:34:45 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 19:36:02 GMT
content-type: application/json
age: 3523
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8940
Expires: Wed, 01 Feb 2023 23:03:45 GMT
Date: Wed, 01 Feb 2023 20:34:45 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: PqxN1Xv5O8RNfz0xVq7xx7Nz6oyZk1z/A8pIsbUumR5hBBN+diebUB/x6bN/NjWp/dB0HTgWEPM=
x-amz-request-id: ZWVXNXRW37NA7VDM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 20:22:48 GMT
age: 717
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 20:34:45 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

oilkjm.25be5.tt.wy5532.com/favicon.ico

81.171.22.7

404 Not Found

9 B

URL HTTP/1.1
oilkjm.25be5.tt.wy5532.com/favicon.ico
IP
81.171.22.7:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: oilkjm.25be5.tt.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oilkjm.25be5.tt.wy5532.com/
Cookie: sid=dce75e04-a26f-11ed-bdbf-34de27052d9a

HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Wed, 01 Feb 2023 20:34:44 GMT
server: nginx

oilkjm.25be5.tt.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NTI5MDg4NCwiaWF0IjoxNjc1MjgzNjg0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3ZzcjhsY2k1MWdpaDY0bHMwajRoNDQiLCJuYmYiOjE2NzUyODM2ODQsInRzIjoxNjc1MjgzNjg0OTY4NjAzfQ.Oiu_OZLJAJu51cXWtwC0rYcQHFVrAPvu4YW9tvD8YqY&sid=dce75e04-a26f-11ed-bdbf-34de27052d9a

81.171.22.7

302 Found

11 B

URL HTTP/1.1
oilkjm.25be5.tt.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NTI5MDg4NCwiaWF0IjoxNjc1MjgzNjg0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3ZzcjhsY2k1MWdpaDY0bHMwajRoNDQiLCJuYmYiOjE2NzUyODM2ODQsInRzIjoxNjc1MjgzNjg0OTY4NjAzfQ.Oiu_OZLJAJu51cXWtwC0rYcQHFVrAPvu4YW9tvD8YqY&sid=dce75e04-a26f-11ed-bdbf-34de27052d9a
IP
81.171.22.7:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

HTTP Headers

GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NTI5MDg4NCwiaWF0IjoxNjc1MjgzNjg0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3ZzcjhsY2k1MWdpaDY0bHMwajRoNDQiLCJuYmYiOjE2NzUyODM2ODQsInRzIjoxNjc1MjgzNjg0OTY4NjAzfQ.Oiu_OZLJAJu51cXWtwC0rYcQHFVrAPvu4YW9tvD8YqY&sid=dce75e04-a26f-11ed-bdbf-34de27052d9a HTTP/1.1
Host: oilkjm.25be5.tt.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oilkjm.25be5.tt.wy5532.com/
Cookie: sid=dce75e04-a26f-11ed-bdbf-34de27052d9a
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Wed, 01 Feb 2023 20:34:45 GMT
location: http://orest-vlv.com/zcvisitor/dd4c0616-a26f-11ed-9b97-0a3a0252f259/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=fe5ef520-6592-11ed-9380-0a918cbcbb97
server: nginx
set-cookie: sid=dce75e04-a26f-11ed-bdbf-34de27052d9a; path=/; domain=.wy5532.com; expires=Mon, 19 Feb 2091 23:48:53 GMT; max-age=2147483647; HttpOnly

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 19:49:05 GMT
age: 2741
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8429
Expires: Wed, 01 Feb 2023 22:55:15 GMT
Date: Wed, 01 Feb 2023 20:34:46 GMT
Connection: keep-alive

orest-vlv.com/zcvisitor/dd4c0616-a26f-11ed-9b97-0a3a0252f259/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=fe5ef520-6592-11ed-9380-0a918cbcbb97

54.237.193.255

200

1.1 kB

URL HTTP/1.1
orest-vlv.com/zcvisitor/dd4c0616-a26f-11ed-9b97-0a3a0252f259/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=fe5ef520-6592-11ed-9380-0a918cbcbb97
IP
54.237.193.255:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1098 bytes)
Hash
e5413ec3726b861e4bf22f261bd95892
0c258c2d913a876940811724da8b3ea0b5c1c4c3
fc935d55cf02c600a9bd8c724731ef4e89ad8d493631a5dfa461b682483a7e24

HTTP Headers

GET /zcvisitor/dd4c0616-a26f-11ed-9b97-0a3a0252f259/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=fe5ef520-6592-11ed-9380-0a918cbcbb97 HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oilkjm.25be5.tt.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Wed, 01 Feb 2023 20:34:46 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: WHSJlLjw

push.services.mozilla.com/

34.215.56.181

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.56.181:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 13I9yo7aJh3Wza4iCo8+JQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 94NHeazKVD6NsqQZ3Wf5KqobJVQ=

orest-vlv.com/zcredirect?visitid=dd4c0616-a26f-11ed-9b97-0a3a0252f259&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

54.237.193.255

200

848 B

URL HTTP/1.1
orest-vlv.com/zcredirect?visitid=dd4c0616-a26f-11ed-9b97-0a3a0252f259&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
54.237.193.255:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (381)
Size
848 B (848 bytes)
Hash
23562a80f9bc52dc9d95fa6c02ccab17
f5c3b532f2e76db9157d8b94406ff3c9b0edef00
36b695131fb1b1509cecfbb63dda1384ebd67188acc44403d9349246aefcbd7f

HTTP Headers

GET /zcredirect?visitid=dd4c0616-a26f-11ed-9b97-0a3a0252f259&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/dd4c0616-a26f-11ed-9b97-0a3a0252f259/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=fe5ef520-6592-11ed-9380-0a918cbcbb97
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Wed, 01 Feb 2023 20:34:46 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: rUPXBtjg

orest-vlv.com/favicon.ico

54.237.193.255

404

653 B

URL HTTP/1.1
orest-vlv.com/favicon.ico
IP
54.237.193.255:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size
653 B (653 bytes)
Hash
ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcredirect?visitid=dd4c0616-a26f-11ed-9b97-0a3a0252f259&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

HTTP/1.1 404 
Date: Wed, 01 Feb 2023 20:34:46 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: WHSJlLjw

cartining-specute.com/zp-redirect?target=https%3A%2F%2F1.no04trckingmic.com%2Fclick%3Fpid%3D631%26offer_id%3D314%26sub1%3Dwn5ejq0cf157gsam256lr294%26sub2%3D%26sub3%3D%26l%3D1661789823wn5ejq0cf157gsam256lr294&caid=7dbc9d3a-61fa-4e19-a1a1-64bb0bcd0601&zpid=dd4c0616-a26f-11ed-9b97-0a3a0252f259&cid=wn5ejq0cf157gsam256lr294&rt=R

18.197.36.77

302 Found

0 B

URL HTTP/2
cartining-specute.com/zp-redirect?target=https%3A%2F%2F1.no04trckingmic.com%2Fclick%3Fpid%3D631%26offer_id%3D314%26sub1%3Dwn5ejq0cf157gsam256lr294%26sub2%3D%26sub3%3D%26l%3D1661789823wn5ejq0cf157gsam256lr294&caid=7dbc9d3a-61fa-4e19-a1a1-64bb0bcd0601&zpid=dd4c0616-a26f-11ed-9b97-0a3a0252f259&cid=wn5ejq0cf157gsam256lr294&rt=R
IP
18.197.36.77:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zp-redirect?target=https%3A%2F%2F1.no04trckingmic.com%2Fclick%3Fpid%3D631%26offer_id%3D314%26sub1%3Dwn5ejq0cf157gsam256lr294%26sub2%3D%26sub3%3D%26l%3D1661789823wn5ejq0cf157gsam256lr294&caid=7dbc9d3a-61fa-4e19-a1a1-64bb0bcd0601&zpid=dd4c0616-a26f-11ed-9b97-0a3a0252f259&cid=wn5ejq0cf157gsam256lr294&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://orest-vlv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 01 Feb 2023 20:34:46 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://1.no04trckingmic.com/click?pid=631&offer_id=314&sub1=wn5ejq0cf157gsam256lr294&sub2=&sub3=&l=1661789823wn5ejq0cf157gsam256lr294
pragma: no-cache
set-cookie: cc-v4=Uw9wVCemZZbbTlt%2FqR8AcVmpG6V%2FLjwpyiUk3p7wlG5W6gaMLN16rLuIQ0Kl501K2k4Adt8HSqRO%2FQmqfgNW3y%2Fz7OeRxVMSoTR2fSbpY08bskegDCG8AKO5OkMs23PcbjAb%2BkibtstFJX4G8XmqNA%3D%3D; Max-Age=31536000; Expires=Thu, 01-Feb-2024 20:34:46 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
59bf7264a9625352d54664df35b1277f
35c006ab75a5fb7bbdb72dc2e71281d8174fbdea
7f848c9d3589b8743266f860ddb80b71828eb585d6279e5e7b777ad9e579c9c6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 20:34:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 13:31:04 GMT
Expires: Wed, 08 Feb 2023 13:31:03 GMT
Etag: "35c006ab75a5fb7bbdb72dc2e71281d8174fbdea"
Cache-Control: max-age=578775,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792d78446fc41c0a-OSL

1.no04trckingmic.com/click?pid=631&offer_id=314&sub1=wn5ejq0cf157gsam256lr294&sub2=&sub3=&l=1661789823wn5ejq0cf157gsam256lr294

34.90.46.36

302 Found

0 B

URL HTTP/2
1.no04trckingmic.com/click?pid=631&offer_id=314&sub1=wn5ejq0cf157gsam256lr294&sub2=&sub3=&l=1661789823wn5ejq0cf157gsam256lr294
IP
34.90.46.36:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=631&offer_id=314&sub1=wn5ejq0cf157gsam256lr294&sub2=&sub3=&l=1661789823wn5ejq0cf157gsam256lr294 HTTP/1.1
Host: 1.no04trckingmic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 0
location: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63dacce7a52ab60001670d50; expires=Thu, 01 Feb 2024 20:34:47 GMT; secure; SameSite=None
afoffers={"314":1675283687}; expires=Thu, 01 Feb 2024 20:34:47 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__

185.222.108.79

200 OK

12 kB

URL HTTP/2
www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6411), with CRLF line terminators
Size
12 kB (11516 bytes)
Hash
f12e6d016690637e9f5b47f0931e2d5e
b0866e872492dee0d3b5e936d5f34d92043215e5
b983085ce595428c630a623e440bb1a7d828018a7c7e124f414d2c47c03cac2a

HTTP Headers

GET /landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__ HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: httpd
set-cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; domain=.motenorskejenter.com; expires=Tue, 21-Mar-2023 20:34:47 GMT; path=/
ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; domain=.motenorskejenter.com; expires=Tue, 21-Mar-2023 20:34:47 GMT; path=/
MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; expires=Fri, 03-Feb-2023 20:34:47 GMT; path=/
__RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; path=/; HttpOnly
ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3;Path=/;Domain=www.motenorskejenter.com
x-aspnetmvc-version: 3.0
x-aspnet-version: 
x-powered-by: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 11516
X-Firefox-Spdy: h2

www.motenorskejenter.com/Content/Landers/fontawesome/fontawesome-all.min.css?v=0644c896fdf77f387a5d4f4af615c8796c3826e1

185.222.108.79

200 OK

20 kB

URL HTTP/2
www.motenorskejenter.com/Content/Landers/fontawesome/fontawesome-all.min.css?v=0644c896fdf77f387a5d4f4af615c8796c3826e1
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
ASCII text, with very long lines (65394)
Size
20 kB (20233 bytes)
Hash
69dafb2461f11ad0643eed49ef88d95c
3c834bcfd66c37046fd00580bc4298ef27c54bd0
2b4c59e4fe79433cb2158192434a377e5995e352a95db5567eeaca2b13b6f634

HTTP Headers

GET /Content/Landers/fontawesome/fontawesome-all.min.css?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:54 GMT
accept-ranges: bytes
etag: "d48eb0de4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by: 
x-aspnet-version: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 20233
X-Firefox-Spdy: h2

www.motenorskejenter.com/Content/Landers/jquery-ui-1.12.1/jquery-ui.min.css?v=0644c896fdf77f387a5d4f4af615c8796c3826e1

185.222.108.79

200 OK

9.8 kB

URL HTTP/2
www.motenorskejenter.com/Content/Landers/jquery-ui-1.12.1/jquery-ui.min.css?v=0644c896fdf77f387a5d4f4af615c8796c3826e1
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
ASCII text, with very long lines (29137)
Size
9.8 kB (9844 bytes)
Hash
fe6c34b1df591cda0c96574c7f257443
0a62aad248c0dbbb8830db6e90641cf75a78b2b1
2374d5ef0b79f492cff9a936457a5deb9853cd9f74f01bf7e0c653e7c0e3ce7c

HTTP Headers

GET /Content/Landers/jquery-ui-1.12.1/jquery-ui.min.css?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:54 GMT
accept-ranges: bytes
etag: "d0d2aade4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by: 
x-aspnet-version: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 9844
X-Firefox-Spdy: h2

www.motenorskejenter.com/Content/Landers/landers-default.css?v=0644c896fdf77f387a5d4f4af615c8796c3826e1

185.222.108.79

200 OK

1.3 kB

URL HTTP/2
www.motenorskejenter.com/Content/Landers/landers-default.css?v=0644c896fdf77f387a5d4f4af615c8796c3826e1
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.3 kB (1287 bytes)
Hash
5038c461ab70a489c48ec28f138dd098
e8ab1ed9659a57f83d95bc1e6da0c5bbb213f144
389f94f065064881738443dc4b4b81547446683b2a6a75007fcbf5b31d02233b

HTTP Headers

GET /Content/Landers/landers-default.css?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 15:15:48 GMT
accept-ranges: bytes
etag: "f7914a7997fad81:0"
vary: Accept-Encoding
server: httpd
x-powered-by: 
x-aspnet-version: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 1287
X-Firefox-Spdy: h2

www.motenorskejenter.com/Content/Landers/modal-popup.css?v=0644c896fdf77f387a5d4f4af615c8796c3826e1

185.222.108.79

200 OK

642 B

URL HTTP/2
www.motenorskejenter.com/Content/Landers/modal-popup.css?v=0644c896fdf77f387a5d4f4af615c8796c3826e1
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
642 B (642 bytes)
Hash
2a3cf91ce193937fffd15431626b17a5
2599e4dd9b131811959e312048392590b2feae36
643efce94839100318eb69a589733922075c8b6f9e89d283afa9a0beba76bcee

HTTP Headers

GET /Content/Landers/modal-popup.css?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:54 GMT
accept-ranges: bytes
etag: "d0d2aade4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by: 
x-aspnet-version: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 642
X-Firefox-Spdy: h2

www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2

185.222.108.79

200 OK

9.7 kB

URL HTTP/2
www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
9.7 kB (9694 bytes)
Hash
a85827a6da64bfadfec349ffed065d2e
d0592ac4b97aeb08dcf480338a90a0bba30ffa58
8169a9a745bc208ad3a7c74a75daab8eb6e65379ba62cf828b172b65e6b72f3d

HTTP Headers

GET /landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
expires: Tue, 30 Jan 2024 11:25:13 GMT
last-modified: Sun, 29 Jan 2023 19:15:10 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version: 
x-powered-by: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 9694
X-Firefox-Spdy: h2

www.motenorskejenter.com/Landers/DisplayImage/2019_1325_160_footerlogo.png?c=6221bdd1-da8b-43b2-a48e-00e31f1fbc71

185.222.108.79

200 OK

552 B

URL HTTP/2
www.motenorskejenter.com/Landers/DisplayImage/2019_1325_160_footerlogo.png?c=6221bdd1-da8b-43b2-a48e-00e31f1fbc71
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
PNG image data, 29 x 10, 8-bit colormap, non-interlaced\012- data
Size
552 B (552 bytes)
Hash
e2d18104fb00ce266f0ef2e76f735219
e396ab6b693de90ab0b37c00adaf60e4e95f99fc
de240d711f7f63a63f704cdc6c70d1e89e206d4a0c62889caf7500e50f157d12

HTTP Headers

GET /Landers/DisplayImage/2019_1325_160_footerlogo.png?c=6221bdd1-da8b-43b2-a48e-00e31f1fbc71 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/png
expires: Tue, 30 Jan 2024 11:25:13 GMT
last-modified: Mon, 07 Oct 2019 13:56:01 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version: 
x-powered-by: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 552
X-Firefox-Spdy: h2

www.motenorskejenter.com/Content/Landers/jquery-ui-1.12.1/jquery-ui.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1

185.222.108.79

200 OK

91 kB

URL HTTP/2
www.motenorskejenter.com/Content/Landers/jquery-ui-1.12.1/jquery-ui.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
ASCII text, with very long lines (32074)
Size
91 kB (91268 bytes)
Hash
d42c336053327b851f6b0f46647223f6
cfa3258c251e1c5d93bff2c2789a947e35f48cc7
0c400c92206c20de505b7f327ad5d8de77b66806492565cca629eda7118f4add

HTTP Headers

GET /Content/Landers/jquery-ui-1.12.1/jquery-ui.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:54 GMT
accept-ranges: bytes
etag: "5999b6de4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by: 
x-aspnet-version: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 91268
X-Firefox-Spdy: h2

www.motenorskejenter.com/Scripts/APIScripts/APILandersSignup.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1

185.222.108.79

200 OK

12 kB

URL HTTP/2
www.motenorskejenter.com/Scripts/APIScripts/APILandersSignup.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
ASCII text, with very long lines (36867), with no line terminators
Size
12 kB (12124 bytes)
Hash
54a1da9c8142bf4eefae2e38c137795c
71a45053fe7e7233f27ef6bc2c64eb3b89a57616
ddfd1baa38329a39a9037ff4fe39b498a39db763c8a52d1a06aa6dd000e71639

HTTP Headers

GET /Scripts/APIScripts/APILandersSignup.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 17 Oct 2022 11:22:09 GMT
accept-ranges: bytes
etag: "25e740b21ae2d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by: 
x-aspnet-version: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 12124
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:34:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.motenorskejenter.com/Scripts/APIScripts/APICookieFunctions.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1

185.222.108.79

200 OK

515 B

URL HTTP/2
www.motenorskejenter.com/Scripts/APIScripts/APICookieFunctions.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
ASCII text, with very long lines (602), with no line terminators
Size
515 B (515 bytes)
Hash
aa89779ff46171a494219e66429d2736
324e2364ca8f4f2de73a26676bd2b3fb7af83b97
824e5e6151075e795344346f116467aa22e01709179943bd1d6cea2fbcea4824

HTTP Headers

GET /Scripts/APIScripts/APICookieFunctions.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:56 GMT
accept-ranges: bytes
etag: "8d9a13e04ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by: 
x-aspnet-version: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 515
X-Firefox-Spdy: h2

www.motenorskejenter.com/Landers/GetJavascript/1325?countryId=160&c=d3d11de7-e90d-45cc-a651-e37d54e4f3e4

185.222.108.79

200 OK

716 B

URL HTTP/2
www.motenorskejenter.com/Landers/GetJavascript/1325?countryId=160&c=d3d11de7-e90d-45cc-a651-e37d54e4f3e4
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
ASCII text, with CRLF line terminators
Size
716 B (716 bytes)
Hash
af9e146a5236ee89a3ca7335033bc2c6
ed66ea42374c5427ef228abff24495380fbf0c9d
7beebfb0406f5f2dbafd4d46d9ad53ae25b5c6004fa12c24f77b3cddc00b40a7

HTTP Headers

GET /Landers/GetJavascript/1325?countryId=160&c=d3d11de7-e90d-45cc-a651-e37d54e4f3e4 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Tue, 30 Jan 2024 11:25:13 GMT
last-modified: Sun, 29 Jan 2023 19:15:10 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version: 
x-powered-by: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 716
X-Firefox-Spdy: h2

www.motenorskejenter.com/Scripts/ExternalScoringService/EHawkTalon.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1

185.222.108.79

200 OK

17 kB

URL HTTP/2
www.motenorskejenter.com/Scripts/ExternalScoringService/EHawkTalon.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (22228), with CRLF line terminators
Size
17 kB (17439 bytes)
Hash
0e64756cd3ae508f4bbb1d3e983d6ec9
8d5a6f62cfa307827db2f53b582c552db0e7ff57
efefe1d4bc68844f7f4686d8ee5f4da92f99506bb769dc565aee8412a9c0653d

HTTP Headers

GET /Scripts/ExternalScoringService/EHawkTalon.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=7776000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:57 GMT
accept-ranges: bytes
etag: "20864ee04ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by: 
x-aspnet-version: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 17439
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:34:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?onload=GCOnLoadCallBack

216.58.207.228

200 OK

581 B

URL HTTP/2
www.google.com/recaptcha/api.js?onload=GCOnLoadCallBack
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (909), with no line terminators
Size
581 B (581 bytes)
Hash
356d3bbd29cad570a180137a51f22a3e
eab25e2852ae62205db4e9965f106ed5482358fd
3814c7e27143b6ebb6d9f1c1f64e69e58baf79445fdb067ca3c69c1d119b81e6

HTTP Headers

GET /recaptcha/api.js?onload=GCOnLoadCallBack HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Wed, 01 Feb 2023 20:34:47 GMT
date: Wed, 01 Feb 2023 20:34:47 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 581
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:34:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4787
Expires: Wed, 01 Feb 2023 21:54:34 GMT
Date: Wed, 01 Feb 2023 20:34:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4787
Expires: Wed, 01 Feb 2023 21:54:34 GMT
Date: Wed, 01 Feb 2023 20:34:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4787
Expires: Wed, 01 Feb 2023 21:54:34 GMT
Date: Wed, 01 Feb 2023 20:34:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4787
Expires: Wed, 01 Feb 2023 21:54:34 GMT
Date: Wed, 01 Feb 2023 20:34:47 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8597 bytes)
Hash
27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:53:10 GMT
age: 45697
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:34:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15857 bytes)
Hash
4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:15:18 GMT
age: 47969
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.motenorskejenter.com/Scripts/jquery-3.1.1.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1

185.222.108.79

200 OK

40 kB

URL HTTP/2
www.motenorskejenter.com/Scripts/jquery-3.1.1.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
Unicode text, UTF-8 text, with very long lines (65266)
Size
40 kB (39515 bytes)
Hash
a41c4155df999613d1ffc5cbc8beab8d
cbca27587222173118ee6245c870d6cd9668b3b7
c2068251a72fc8259ceb1f6a1eb20c6860c81761e14a13e1e131a07fe4985bce

HTTP Headers

GET /Scripts/jquery-3.1.1.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=7776000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:56 GMT
accept-ranges: bytes
etag: "d88effdf4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by: 
x-aspnet-version: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 39515
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 22:03:43 GMT
age: 81064
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_sprite-icons.png?c=8858dd8b-f1fa-40b9-b955-a840010ca6cf

185.222.108.79

200 OK

13 kB

URL HTTP/2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_sprite-icons.png?c=8858dd8b-f1fa-40b9-b955-a840010ca6cf
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
PNG image data, 241 x 217, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (13297 bytes)
Hash
9b71759f08141db8fdbe17cf10554ffd
5d9cc4cd25a359dfaacc3fc32e57ee6e303f0051
c134236c058b0fc67e1b0c9ff2677bba26d61403e77627f4c897f21183562ecb

HTTP Headers

GET /Landers/DisplayImage/2020_1325_160_sprite-icons.png?c=8858dd8b-f1fa-40b9-b955-a840010ca6cf HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/png
expires: Tue, 30 Jan 2024 11:25:14 GMT
last-modified: Mon, 23 Nov 2020 15:34:43 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version: 
x-powered-by: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 13297
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8735 bytes)
Hash
23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hjIm9dNf6UE9rpIlKWeLwWuF7Pm6yJeAZgbwchvJcuDy-zkXEr502w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:18 GMT
age: 81809
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_spritethumbs.jpg?c=91e46f4d-1aa4-4aaa-87fb-db9fa5f5aa57

185.222.108.79

200 OK

22 kB

URL HTTP/2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_spritethumbs.jpg?c=91e46f4d-1aa4-4aaa-87fb-db9fa5f5aa57
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x1250, components 3\012- data
Size
22 kB (22262 bytes)
Hash
42ff332b55cd131984c597327ed43dea
7fb54e1d6cd6f75a5202bf58cc5db9bf882df832
cd06ea0c96a20ff45504ae1c57d50416e5de0aa2f4ac2c8124d2146b75da77b8

HTTP Headers

GET /Landers/DisplayImage/2020_1325_160_spritethumbs.jpg?c=91e46f4d-1aa4-4aaa-87fb-db9fa5f5aa57 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/jpeg
expires: Tue, 30 Jan 2024 11:25:14 GMT
last-modified: Mon, 23 Nov 2020 15:34:49 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version: 
x-powered-by: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 22262
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6819 bytes)
Hash
ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4MpUHqMYJoNA7QuRuQwbJIodNkhizq6EL5SPbIoSKFQjtoAKQgLuEg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:25 GMT
age: 81802
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide01.jpg?c=51adcfdb-6b8d-48d1-85f8-4ad601e09fc8

185.222.108.79

200 OK

37 kB

URL HTTP/2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide01.jpg?c=51adcfdb-6b8d-48d1-85f8-4ad601e09fc8
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x604, components 3\012- data
Size
37 kB (36686 bytes)
Hash
17b23ee00b30b0d9dc2ed950d8417f7e
017617fef4a0e7cb2785975b0ef917d448b25407
2e21c332f1c02b7e494e57705bb294ca8ff159a88e00e911e8dde292e67ae814

HTTP Headers

GET /Landers/DisplayImage/2020_1325_160_imageslide01.jpg?c=51adcfdb-6b8d-48d1-85f8-4ad601e09fc8 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/jpeg
expires: Tue, 30 Jan 2024 11:25:14 GMT
last-modified: Mon, 23 Nov 2020 15:34:07 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version: 
x-powered-by: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 36686
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-P3PN8TQ

142.250.74.40

200 OK

63 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-P3PN8TQ
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (6140)
Size
63 kB (63152 bytes)
Hash
fc2d6807508a0358d2fe6de29f4b2545
4c15011c963fb223814e99d6981f28b3dd318107
d6ca0617cec7b96686dda4d1497506351b4e42b73924c1bf506bf88323687921

HTTP Headers

GET /gtm.js?id=GTM-P3PN8TQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Feb 2023 20:34:47 GMT
expires: Wed, 01 Feb 2023 20:34:47 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 Feb 2023 19:28:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 63152
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide02.jpg?c=eb28dad9-e8c4-4a09-b74f-980819c070f3

185.222.108.79

200 OK

26 kB

URL HTTP/2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide02.jpg?c=eb28dad9-e8c4-4a09-b74f-980819c070f3
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x604, components 3\012- data
Size
26 kB (25722 bytes)
Hash
2516f50dc3ef7805aab58c61bdb56795
e0e191429642aabc0f9cd14c2dd41ab4f77faa19
4a4e1e3da45aacaf275a732805c2295778b1270c492493b28b56eb4b26963777

HTTP Headers

GET /Landers/DisplayImage/2020_1325_160_imageslide02.jpg?c=eb28dad9-e8c4-4a09-b74f-980819c070f3 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/jpeg
expires: Tue, 30 Jan 2024 11:25:15 GMT
last-modified: Mon, 23 Nov 2020 15:34:11 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version: 
x-powered-by: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 25722
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5736 bytes)
Hash
2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:57:42 GMT
age: 81425
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:34:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide03.jpg?c=dc692280-edb5-4a0e-a356-260cf8b01cf0

185.222.108.79

200 OK

37 kB

URL HTTP/2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide03.jpg?c=dc692280-edb5-4a0e-a356-260cf8b01cf0
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x604, components 3\012- data
Size
37 kB (36739 bytes)
Hash
e15aed53b2e37eb06758351ca0827ae1
7d38e0c356827fdd6e17f61c4dc7430d49ac35af
78b30456af5d324e7f47781001acd8bd748828782570c716de37f99c7556fe4c

HTTP Headers

GET /Landers/DisplayImage/2020_1325_160_imageslide03.jpg?c=dc692280-edb5-4a0e-a356-260cf8b01cf0 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/jpeg
expires: Tue, 30 Jan 2024 11:25:15 GMT
last-modified: Mon, 23 Nov 2020 15:34:16 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version: 
x-powered-by: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 36739
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-TBF4SKT&l=newDataLayer

142.250.74.40

200 OK

38 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TBF4SKT&l=newDataLayer
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
38 kB (38008 bytes)
Hash
cbea8c6c2d20c266ac94fda3e43e7333
baf598fe44b13f0114e088dad919955b55396f3d
1d1713a6f0dda65e89620ef20be3482f3d012e1d3a001338484a69666d53a36e

HTTP Headers

GET /gtm.js?id=GTM-TBF4SKT&l=newDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Feb 2023 20:34:47 GMT
expires: Wed, 01 Feb 2023 20:34:47 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 Feb 2023 19:28:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38008
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.motenorskejenter.com/Content/Landers/webfonts/fa-solid-900.woff2

185.222.108.79

200 OK

118 kB

URL HTTP/2
www.motenorskejenter.com/Content/Landers/webfonts/fa-solid-900.woff2
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
Web Open Font Format (Version 2), TrueType, length 117536, version 329.-17761\012- data
Size
118 kB (117536 bytes)
Hash
e57324a466c24a207fd9ad0f5f5e3c9c
2f9b04644e684a6bb1033e297cc474c57aa267f2
5538a328926c9517ffb8670fccce94f6137d58c21ff4b10ecd772abfa16a012b

HTTP Headers

GET /Content/Landers/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.motenorskejenter.com/Content/Landers/fontawesome/fontawesome-all.min.css?v=0644c896fdf77f387a5d4f4af615c8796c3826e1
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/font-woff2
last-modified: Fri, 29 Jul 2022 13:26:55 GMT
accept-ranges: bytes
etag: "771516df4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by: 
x-aspnet-version: 
date: Wed, 01 Feb 2023 20:34:47 GMT
content-length: 117536
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

142.250.74.35

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.motenorskejenter.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 02:42:35 GMT
expires: Wed, 31 Jan 2024 02:42:35 GMT
cache-control: public, max-age=31536000
age: 150733
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.35

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.motenorskejenter.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 04:05:29 GMT
expires: Tue, 30 Jan 2024 04:05:29 GMT
cache-control: public, max-age=31536000
age: 232159
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.motenorskejenter.com/Scripts/APIScripts/APIcaller.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1

185.222.108.79

200 OK

2.2 kB

URL HTTP/2
www.motenorskejenter.com/Scripts/APIScripts/APIcaller.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
ASCII text, with very long lines (5619), with no line terminators
Size
2.2 kB (2215 bytes)
Hash
824c0c3b3bbb5602f317dde984081fea
f64e2e1cd5876d9987f884681d5095fd52e90f06
39df17b35c11c7d809597f61e9bff11b84997e2456536e62ac76fd1df6a0c3e7

HTTP Headers

GET /Scripts/APIScripts/APIcaller.min.js?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:56 GMT
accept-ranges: bytes
etag: "196212e04ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by: 
x-aspnet-version: 
date: Wed, 01 Feb 2023 20:34:48 GMT
content-length: 2215
X-Firefox-Spdy: h2

www.motenorskejenter.com/views/_customs/_bpb/ml/mle9/main/images/favicon.ico?v=0644c896fdf77f387a5d4f4af615c8796c3826e1

185.222.108.79

200 OK

1.2 kB

URL HTTP/2
www.motenorskejenter.com/views/_customs/_bpb/ml/mle9/main/images/favicon.ico?v=0644c896fdf77f387a5d4f4af615c8796c3826e1
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
667f44f56e8a33771a7972f4d34c826e
2aea5fada9366377348fea3da3c4e1a30bd3c8a6
35007e3b9b76d719e791ca2316c7ad245430b9f2ad2be20ecb3e816246d50551

HTTP Headers

GET /views/_customs/_bpb/ml/mle9/main/images/favicon.ico?v=0644c896fdf77f387a5d4f4af615c8796c3826e1 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=7776000
content-type: image/x-icon
last-modified: Fri, 29 Jul 2022 13:27:10 GMT
accept-ranges: bytes
etag: "9fe70e84ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by: 
x-aspnet-version: 
date: Wed, 01 Feb 2023 20:34:48 GMT
content-length: 1150
X-Firefox-Spdy: h2

www.motenorskejenter.com/Landers/GetEmailProviders?countryId=160

185.222.108.79

200 OK

2.6 kB

URL HTTP/2
www.motenorskejenter.com/Landers/GetEmailProviders?countryId=160
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
JSON data\012- , ASCII text, with very long lines (2584), with no line terminators
Size
2.6 kB (2584 bytes)
Hash
2c307d337e2268c62f138b71595b0964
836736e096e8a8e4c4e8ceaa5bace5c61b3533ec
723a876f3c193e870165ab4e1659656d5bbc6dcb7d832054f843e42129f458a0

HTTP Headers

GET /Landers/GetEmailProviders?countryId=160 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=63dacce7a52ab60001670d50&pi=314_631__
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3; _gcl_au=1.1.2013768783.1675283711
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: application/json; charset=utf-8
expires: Tue, 30 Jan 2024 07:37:31 GMT
last-modified: Wed, 25 Jan 2023 23:21:30 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version: 
x-powered-by: 
date: Wed, 01 Feb 2023 20:34:48 GMT
content-length: 2584
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js

216.58.211.3

200 OK

164 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (771)
Size
164 kB (163774 bytes)
Hash
57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b

HTTP Headers

GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.motenorskejenter.com
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 17:09:34 GMT
expires: Tue, 30 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
age: 185114
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_bgbtnmale.png?c=a0112eee-72f1-435d-8b69-316fab07ad70

185.222.108.79

200 OK

1.9 kB

URL HTTP/2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_bgbtnmale.png?c=a0112eee-72f1-435d-8b69-316fab07ad70
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
PNG image data, 80 x 81, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1921 bytes)
Hash
26c0a0d619be855ef507fe2682d92d03
de0a3621d65a3c9f5d4006542643bf1941095634
986e8143ddc49d4587ab23ce2c8f9b9fe0ec54052ddd70dd86b43c58f5bf3dd8

HTTP Headers

GET /Landers/DisplayImage/2020_1325_160_bgbtnmale.png?c=a0112eee-72f1-435d-8b69-316fab07ad70 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3; _gcl_au=1.1.2013768783.1675283711
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/png
expires: Tue, 30 Jan 2024 11:25:15 GMT
last-modified: Mon, 23 Nov 2020 15:34:34 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version: 
x-powered-by: 
date: Wed, 01 Feb 2023 20:34:48 GMT
content-length: 1921
X-Firefox-Spdy: h2

www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_bgbtnfemale.png?c=0b9166df-ff27-42e5-8775-8a5e655e4707

185.222.108.79

200 OK

2.0 kB

URL HTTP/2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_bgbtnfemale.png?c=0b9166df-ff27-42e5-8775-8a5e655e4707
IP
185.222.108.79:0
ASN
#205316 Supporta Interactiva B.V.

File type
PNG image data, 80 x 81, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2003 bytes)
Hash
4a66304dbc6330dea9bce47045e8cd47
3a20238c81257043a91a84e950d63cd7e6918408
a68f73561fe094b562c154813d9a7938790f09f3366eac11bae2e1bc01de0ada

HTTP Headers

GET /Landers/DisplayImage/2020_1325_160_bgbtnfemale.png?c=0b9166df-ff27-42e5-8775-8a5e655e4707 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=FxQw2TdV-dPxTeF96bo1ADvE7zH7VN_wRMEB5FdgElWG68SPmHfGthr4nLY8OSm8Z4-eBCaWytde4LQjUrX1SaWifT-4uv0Ad9Fvwjp527j31xR8Du6ZlxmdZttQLmtZdFPDiBwUF9Ic60Wgu9Xh3GN9UZLvEREbM8d3i3LRqb6RqkFReKZeKfVZZ3aa0paEowm9PlkMImIbFxhASel2Alb9Pl4FF96mom24NrKfRsU1; MCC=QUfSBt8wWAXKIxpRTJ1_KxKvdIUtmDxuyTOB280cWR6pUZgDvznJIz2dPEFF9ZG8lVWv8_ORiH2LimNlbQ4i2sbCP72b00WLqmJPQfmWVgd8TmpxHQi5svPBKlN-IkOonzdhDRXktj-iIEY4YGgkDw-lA6prVMa49A6_LRZ5FZYpmAxQlnC_UEx7JjbMDaw5BFnweEed4L6Pu-Qdy2RKvClrEdYsBujYm8ZztDjzmoyx0UMCjyKGw-qZ2UhNiWre_7JQMAOZ480jfkGAmf5T_O3FLk02xASTcGgKZHGUnqLhdOyatHdh-04AFeauE7-4vxbnK2DBPqfIuOiJg2N2Gz2YVHqz2Clp8mOOG2ygjdyyi97--00JQLm4n8Uz0r73ODxD3UNkKKVyqqItUhBGm7-0KJUmghvmOFShnT03-SuJxxFVSgWWEit32eFEze3Z0; __RequestVerificationToken=HqnmOgJvEIp8R6DWdLHvcNBQC4M-RBQrPV_taiNPkw7XuXTruSpFr2PL3fgj_MKI1yo6r6Z-R_GFmQPLQ7y9TIojsG75dh1jbGDIycGpIoI1; ARRAffinity=b6b3f2d84229dc70b3e1805d311f6280e7abcf3da76740dd833598bcb80162c3; _gcl_au=1.1.2013768783.1675283711
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/png
expires: Tue, 30 Jan 2024 11:25:15 GMT
last-modified: Mon, 23 Nov 2020 15:34:25 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version: 
x-powered-by: 
date: Wed, 01 Feb 2023 20:34:48 GMT
content-length: 2003
X-Firefox-Spdy: h2

ads.exoclick.com/tag_gen.js

205.185.216.42

200 OK

515 B

URL HTTP/1.1
ads.exoclick.com/tag_gen.js
IP
205.185.216.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (1030), with no line terminators
Size
515 B (515 bytes)
Hash
628e0302068ade64b5f411f39d5ce7e5
ff1a609269f34bad5ae67ed1678df3f7b905d018
c583ceaeae2e9a05e25c27b61520710f16b8b98ca7f9087a75ae90a040b8bc3f

HTTP Headers

GET /tag_gen.js HTTP/1.1
Host: ads.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 20:34:48 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 515
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"a56c0470b9aa925085e51a6271a"
X-HW: 1675283688.dop201.sk1.t,1675283688.cds009.sk1.shn,1675283688.dop201.sk1.t,1675283688.cds251.sk1.c
Access-Control-Allow-Origin: *, *

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 01 Feb 2023 19:45:20 GMT
expires: Wed, 01 Feb 2023 21:45:20 GMT
cache-control: public, max-age=7200
age: 2968
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-69440332-16&cid=882271957.1675283712&jid=1272732426&gjid=1011555519&_gid=1896111288.1675283712&_u=YEBAAAAAAAAAAC~&z=1656676727

64.233.162.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-69440332-16&cid=882271957.1675283712&jid=1272732426&gjid=1011555519&_gid=1896111288.1675283712&_u=YEBAAAAAAAAAAC~&z=1656676727
IP
64.233.162.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-69440332-16&cid=882271957.1675283712&jid=1272732426&gjid=1011555519&_gid=1896111288.1675283712&_u=YEBAAAAAAAAAAC~&z=1656676727 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.motenorskejenter.com
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.motenorskejenter.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 Feb 2023 20:34:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-69440332-16&cid=882271957.1675283712&jid=1272732426&_u=YEBAAAAAAAAAAC~&z=94091183

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-69440332-16&cid=882271957.1675283712&jid=1272732426&_u=YEBAAAAAAAAAAC~&z=94091183
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-69440332-16&cid=882271957.1675283712&jid=1272732426&_u=YEBAAAAAAAAAAC~&z=94091183 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 20:34:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 20:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Poppins:400,700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Poppins:400,700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Poppins:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 Feb 2023 20:34:47 GMT
date: Wed, 01 Feb 2023 20:34:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML