Overview

URLserviceclub.solutions/rd/c8965pgHNm1363446vzKt6paw467MQwM337
IP 40.115.44.9 (Netherlands)
ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-12 06:41:19 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (43)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
static-cdn.multiscreensite.com (2) 24670 2019-07-09 19:27:54 UTC 2022-11-12 04:56:37 UTC 54.230.111.43
googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-11-12 00:16:42 UTC 216.58.207.194
requirejs.org (1) 310293 2017-01-30 12:42:13 UTC 2022-11-11 11:23:35 UTC 185.199.109.153
t.co (1) 569 2012-07-25 19:09:44 UTC 2022-11-12 06:27:38 UTC 104.244.42.133
www.googleoptimize.com (1) 1604 2019-07-23 08:23:32 UTC 2022-11-12 05:15:09 UTC 142.250.74.78
www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-11-12 05:18:56 UTC 142.250.74.35
px.ads.linkedin.com (2) 522 2018-06-15 11:29:56 UTC 2019-09-20 11:09:24 UTC 13.107.42.14
in.hotjar.com (1) 1746 2018-10-22 17:15:59 UTC 2020-11-20 16:45:40 UTC 54.171.136.239
static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2020-04-26 08:32:02 UTC 54.230.111.113
ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ocsp2.globalsign.com (1) 1544 2012-05-23 18:10:04 UTC 2020-03-15 21:19:16 UTC 104.18.21.226
static.cdn-website.com (4) 22009 2021-08-11 07:15:10 UTC 2022-11-12 04:56:37 UTC 54.230.111.101
irp.cdn-website.com (4) 22331 2021-03-30 08:25:28 UTC 2022-11-12 04:55:28 UTC 54.230.111.25
webtrafficsource.com (2) 46468 2020-02-27 09:01:54 UTC 2022-11-12 00:26:51 UTC 34.107.149.195
cdn.linkedin.oribi.io (2) 0 2022-10-19 14:36:39 UTC 2022-11-12 05:19:24 UTC 54.230.111.78 Domain (oribi.io) ranked at: 21988
d32hwlnfiv2gyn.cloudfront.net (2) 0 2016-07-23 08:57:39 UTC 2022-11-12 04:55:47 UTC 54.230.245.70 Unknown ranking
www.linkedin.com (1) 608 2015-06-18 16:10:03 UTC 2020-04-27 12:38:34 UTC 13.107.42.14
storage.googleapis.com (1) 420 2015-06-16 19:08:42 UTC 2022-11-12 05:12:44 UTC 216.58.211.16
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-12 05:10:12 UTC 34.117.237.239
mrktormed.com (1) 0 2019-05-28 12:19:25 UTC 2022-11-10 16:52:21 UTC 52.173.201.39 Unknown ranking
13l14z2.com (1) 774264 2014-10-18 20:53:14 UTC 2022-11-11 15:34:50 UTC 34.107.149.195
snap.licdn.com (1) 1044 2014-10-06 08:43:45 UTC 2020-04-10 04:11:37 UTC 23.36.76.210
vars.hotjar.com (1) 1014 2020-11-05 16:23:46 UTC 2022-11-12 05:25:12 UTC 54.230.111.75
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-12 00:50:51 UTC 142.250.74.164
www.facebook.com (1) 99 2012-05-21 00:23:41 UTC 2021-06-08 06:38:51 UTC 31.13.72.36
analytics.twitter.com (1) 526 2013-04-10 19:53:18 UTC 2020-02-24 11:40:32 UTC 104.244.42.3
r3.o.lencr.org (11) 344 No data No data 23.36.77.32
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
www.motty.no (3) 0 No data No data 3.67.141.185 Unknown ranking
ocsp.pki.goog (15) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
cdn.motty.no (4) 0 No data No data 194.242.11.186 Unknown ranking
serviceclub.solutions (2) 0 2022-07-22 16:09:31 UTC 2022-11-12 05:21:45 UTC 40.115.44.9 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-11 05:46:42 UTC 34.102.187.140
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 44.242.3.166
widget.trustpilot.com (4) 6018 2017-09-05 07:45:53 UTC 2022-11-11 22:40:04 UTC 54.230.111.79
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 31.13.72.12
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.100
owenfeel.com (1) 0 2022-04-05 12:21:46 UTC 2022-11-11 09:17:34 UTC 34.78.223.0 Unknown ranking
lirp.cdn-website.com (1) 21043 2021-06-02 21:12:55 UTC 2022-11-12 04:55:28 UTC 54.230.111.87
static.ads-twitter.com (1) 614 2018-06-23 22:08:39 UTC 2020-04-02 08:58:40 UTC 151.101.84.157
script.hotjar.com (1) 887 2020-11-28 08:50:05 UTC 2022-11-12 05:25:12 UTC 54.230.111.93

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-12 2 serviceclub.solutions/rd/c8965pgHNm1363446vzKt6paw467MQwM337 Phishing
2022-11-12 2 serviceclub.solutions/track/c8965pgHNm1363446vzKt6paw467MQwM337 Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 40.115.44.9
Date UQ / IDS / BL URL IP
2022-11-16 00:57:56 +0000 0 - 0 - 2 serviceclub.solutions/rd/u9192moYCe2160976Hhv (...) 40.115.44.9
2022-11-15 06:34:59 +0000 0 - 0 - 2 serviceclub.solutions/rd/u9164jWsdX857310bKfP (...) 40.115.44.9
2022-11-12 06:41:19 +0000 0 - 0 - 2 serviceclub.solutions/rd/c8965pgHNm1363446vzK (...) 40.115.44.9
2022-11-11 21:22:27 +0000 0 - 0 - 3 gopromos.today/rd/c8806bxDqq434028zlyq980LCn3 (...) 40.115.44.9
2022-11-09 11:24:17 +0000 0 - 0 - 2 serviceclub.solutions/rd/c8394upKXN22Glkj2900 (...) 40.115.44.9


Last 5 reports on ASN: MICROSOFT-CORP-MSN-AS-BLOCK
Date UQ / IDS / BL URL IP
2023-02-05 08:00:14 +0000 0 - 2 - 12 h5.gefun37352.top/ 52.139.170.40
2023-02-05 07:57:19 +0000 0 - 0 - 1 firstappad.me/15GGb0 20.113.188.243
2023-02-05 07:33:52 +0000 0 - 3 - 0 visitors.israa.edu.ps/ 20.223.144.241
2023-02-05 06:57:13 +0000 0 - 0 - 5 267904dee258-shared.lowcodeunit.com/ 20.42.128.102
2023-02-05 06:34:48 +0000 0 - 2 - 0 web-rstrdamx.dyndns.berlin/519b146398f212e5d6 (...) 20.58.2.51


Last 5 reports on domain: serviceclub.solutions
Date UQ / IDS / BL URL IP
2023-02-03 13:53:18 +0000 0 - 0 - 2 serviceclub.solutions/rd/u21933FYvDb2539494el (...) 20.13.26.77
2023-01-12 07:47:32 +0000 0 - 0 - 1 serviceclub.solutions/track/o17101TZBYj16dUOD (...) 20.13.26.77
2023-01-11 07:50:05 +0000 0 - 0 - 2 serviceclub.solutions/rd/c16925YADJD3088185Rg (...) 20.13.26.77
2022-12-02 13:06:59 +0000 0 - 0 - 2 serviceclub.solutions/rd/c10393KFHvW3088185PU (...) 20.13.26.77
2022-12-02 08:45:18 +0000 0 - 0 - 2 serviceclub.solutions/rd/c10787KORpt3087035Up (...) 20.13.26.77


No other reports with similar screenshot

JavaScript

Executed Scripts (61)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (99)


Request Response
                                        
                                            GET /rd/c8965pgHNm1363446vzKt6paw467MQwM337 HTTP/1.1 
Host: serviceclub.solutions
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         40.115.44.9
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Sat, 12 Nov 2022 06:41:07 GMT
Content-Length: 243


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   243
Md5:    45e3305389edc4d26f20f3ed270de653
Sha1:   7adeb5558d16808f2b60fee7258382fb86cd2d79
Sha256: ced6411122f104b7f8adbbe3cdf5f3d8cba7649a9576e292e77379214d51dd4b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6120
Expires: Sat, 12 Nov 2022 08:23:07 GMT
Date: Sat, 12 Nov 2022 06:41:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5404
Cache-Control: max-age=105624
Date: Sat, 12 Nov 2022 06:41:07 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 12:01:31 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 05:44:01 GMT
cache-control: public,max-age=3600
age: 3426
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED5C27510100FFC4481BE474EBCB020D147C645BEB110604D5284EEEB8B97C02"
Last-Modified: Fri, 11 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17668
Expires: Sat, 12 Nov 2022 11:35:35 GMT
Date: Sat, 12 Nov 2022 06:41:07 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: edR/nLfVdsWK9ZHtLhlCSfabB7NErx7sIYbAp3yxJ9O/QSyVxmbnvWvODx8V9FyBgA28/2h6qXI=
x-amz-request-id: XMQXT9MAZ5VKEHF3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 06:12:53 GMT
age: 1694
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /track/c8965pgHNm1363446vzKt6paw467MQwM337 HTTP/1.1 
Host: serviceclub.solutions
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://serviceclub.solutions/rd/c8965pgHNm1363446vzKt6paw467MQwM337
Upgrade-Insecure-Requests: 1

search
                                         40.115.44.9
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Location: https://owenfeel.com/?a=4762&oc=14770&c=43604&m=3&s1=14&s2=337-8965&s3=1363446-6-467
Date: Sat, 12 Nov 2022 06:41:07 GMT
Content-Length: 131


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   131
Md5:    9eb81f00a547dc366584df2030de07cf
Sha1:   5ad46f0a7541d48eb2e90792c5e38e62d8bff109
Sha256: cd4e82a3fa344501b932a8087fb943af44d4a199ef010e10b93f56cb9bf1ecfb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 12 Nov 2022 06:41:07 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 06:25:00 GMT
cache-control: public,max-age=3600
age: 968
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:08 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 16 Nov 2022 06:41:07 GMT
ETag: "54a6b4098f8e54e4e3708ee27290ccf7c772d4e8"
Last-Modified: Sat, 12 Nov 2022 06:41:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 768d47b92deeb503-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    1f8e560aa1e7aa781c2671aaad3ed825
Sha1:   54a6b4098f8e54e4e3708ee27290ccf7c772d4e8
Sha256: 0db17f2313ae978efd392764591eba2361aed4a1b2602d5a789029a1bdf8f4a9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6231
Cache-Control: max-age=101375
Date: Sat, 12 Nov 2022 06:41:08 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 10:50:43 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /?a=4762&oc=14770&c=43604&m=3&s1=14&s2=337-8965&s3=1363446-6-467 HTTP/1.1 
Host: owenfeel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://serviceclub.solutions/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         34.78.223.0
HTTP/1.1 302 Found
content-type: text/html; charset=utf-8
                                        
date: Sat, 12 Nov 2022 06:41:08 GMT
content-length: 248
cache-control: private
location: https://mrktormed.com/click.track?CID=441252&AFID=423268&ADID=2536059&AffiliateReferenceID=14720-276866590&SID=4762
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: som=W+MgTsBvXMJ6KEbRXv6e8yRE3UxXU4/g6AQ/6an/BNSdmEdQPJ7tHg==; domain=.owenfeel.com; path=/; HttpOnly tib=ePE4nQb4y+98pne0tpFARCRE3UxXU4/g6AQ/6an/BNSdmEdQPJ7tHg==; domain=.owenfeel.com; expires=Tue, 12-Nov-2024 06:41:04 GMT; path=/; HttpOnly c14720=W+MgTsBvXMLYgay24NJ96GqQm6c53CmT+3kuL+e00sFmlAatq512KA==; domain=.owenfeel.com; expires=Mon, 12-Dec-2022 06:41:04 GMT; path=/; HttpOnly


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   248
Md5:    64c2682296f37a856b3e4d56dd7628be
Sha1:   22580464bb75633cd53e69c06d3ac35422ac3a5c
Sha256: edf5d348efcf45fd8791bf875a5674fee3c1dd416d7c96dc5ba828618cb9ac90
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sk9hr5mXITL9bnPx8z/ulA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         44.242.3.166
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6a20ytHjfX9Vyt/3e6T60D0R9KQ=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:09 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 10:32:32 GMT
Expires: Fri, 18 Nov 2022 10:32:31 GMT
Etag: "e3f0e04224d3aa62287ea51eb625ae8f38a4fbcb"
Cache-Control: max-age=531682,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 768d47be4e6eb529-OSL

                                        
                                            GET /click.track?CID=441252&AFID=423268&ADID=2536059&AffiliateReferenceID=14720-276866590&SID=4762 HTTP/1.1 
Host: mrktormed.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://serviceclub.solutions/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         52.173.201.39
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Sat, 12 Nov 2022 06:41:08 GMT
Content-Length: 246
Connection: keep-alive
Cache-Control: private
Location: https://www.motty.no/refinansiering-av-lan?adid=7655/?aff-id=423268&ClickID=11_127227825_c9675e8c-4fd9-4e79-a329-0a3b0f677a93
P3P: policyref="/p3p/P3P.mrktormed.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
X-AspNet-Version: 4.0.30319
Set-Cookie: LTTC6_441252=11_127227825_c9675e8c-4fd9-4e79-a329-0a3b0f677a93; expires=Mon, 12-Dec-2022 06:41:09 GMT; path=/; SameSite=None; secure; HttpOnly
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   246
Md5:    95ca55a066e21928cc3b087783fc82e4
Sha1:   715122059b15e91240f2045f3a0e9f5f48040552
Sha256: c56fde4491714e997245b54ddb6361a570c3b2d38fbd7f70652df33085c6c74d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4570
Expires: Sat, 12 Nov 2022 07:57:19 GMT
Date: Sat, 12 Nov 2022 06:41:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4570
Expires: Sat, 12 Nov 2022 07:57:19 GMT
Date: Sat, 12 Nov 2022 06:41:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4570
Expires: Sat, 12 Nov 2022 07:57:19 GMT
Date: Sat, 12 Nov 2022 06:41:09 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
age: 32157
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11715
Md5:    cd5bdc050716bb76afe8090fc81617e7
Sha1:   5109c156b180727767fc03c411190ccc0d3fb5fc
Sha256: 9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PrJoEROPymrtc0egNlWRoOMjohiCo3zReD01qAHwByaSiXarfRS0XQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:43 GMT
age: 31226
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9012
Md5:    516f1bfefb1c1a737ea2441f85343b32
Sha1:   0cc22d7bf9092fb30f31e2ca8f242c197b891669
Sha256: 733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b650f84-0cd0-4921-bc04-f0ea0459e4d1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8482
x-amzn-requestid: 79e5e211-afc8-4531-b361-6f6f3386f16e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUGJsIAMF7Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-5a0ba4a93eba91c81ba3a9bc;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CxrOwBRw0YlwOnKPJZI7h7YEwOAYS3ZtFa8q2o5rDvQct6pehCAFAg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:51:43 GMT
age: 31766
etag: "7764777ce9a862c1590712ef33032df72edefffd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8482
Md5:    084ca839d34b15916cd2f5034440a1ef
Sha1:   7764777ce9a862c1590712ef33032df72edefffd
Sha256: b8893d7f327f88316cb909ded7fd8f4e1809190a7da807677785bf953f6e33fb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4268
x-amzn-requestid: 19d2f4e7-b6c1-4093-b54c-70a9a476ad89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhSEwYIAMFg7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-6e2f5a6147153e5c32cc4499;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1tbxcsSYcJuquYxeYfqcwaQaHpWmL9jwX31h1ZIyXO6i5A8gIbFQmA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "a3af603900538ea10e094981d298a0b37d0ab896"
age: 32157
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4268
Md5:    701700f42e1b0e528a63c3bd2a4c54e7
Sha1:   a3af603900538ea10e094981d298a0b37d0ab896
Sha256: c84ac2d3524eb950a433aa01e1226d995d87948452e4e135a4661094923ca465
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6797
x-amzn-requestid: 3e8b7aaf-8e8a-4a04-8bc0-e18e6044a50a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM6-F3DIAMFzfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1df-3bfa53123a76e84f210fea38;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zz90ngWySbVf_cXv_HBcQpNfb4MCsTVTl5l5bBPL4MaPXAF4VIifdA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:13 GMT
age: 32156
etag: "1d791a0dadbfbab7c9b377783587ff728b2008d8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6797
Md5:    97c5c44bd44390f0c719f56ecee6d513
Sha1:   1d791a0dadbfbab7c9b377783587ff728b2008d8
Sha256: 5995012d66ee68690d198a0857848077bfe80d88b2f2987a54f2d896461f7275
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8633
x-amzn-requestid: 8bdfbfbb-5193-4c62-ba1b-c906f7548676
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhSEC1oAMF8tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-39b4c2954dbc8e4c40a2c9d8;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lxrfhO5oOGvECIrlZYKsfXOTZZksAIIHAafyRM-FdRXAaBVZs5cEQA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:21 GMT
age: 32148
etag: "2d90ff66079e8ffbaaa367a6bfc08927e7cc424d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8633
Md5:    eac2ed4bece6282c8273a58a88371e2e
Sha1:   2d90ff66079e8ffbaaa367a6bfc08927e7cc424d
Sha256: aea97fd7d90302edcb3e0c08507d682e02166e8ddd4d082fc4f5435af438594c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CC5295EC2FFFA9C35B854976DB6A1FA0EE7AE82A40C6B61D2A6D26453D0123FF"
Last-Modified: Wed, 09 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21569
Expires: Sat, 12 Nov 2022 12:40:38 GMT
Date: Sat, 12 Nov 2022 06:41:09 GMT
Connection: keep-alive

                                        
                                            GET /refinansiering-av-lan?adid=7655/?aff-id=423268&ClickID=11_127227825_c9675e8c-4fd9-4e79-a329-0a3b0f677a93 HTTP/1.1 
Host: www.motty.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://serviceclub.solutions/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         3.67.141.185
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
server: nginx
date: Sat, 12 Nov 2022 06:41:09 GMT
content-length: 24570
d-cache: from-cache
content-encoding: gzip
strict-transport-security: max-age=31536000; preload
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
vary: user-agent,accept-encoding
d-geo: EU
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8864), with CRLF, LF line terminators
Size:   24570
Md5:    ff203d4e73aa939f787992832ce94dcb
Sha1:   31e25e247bc6498154e5d835ae92d6c23c599803
Sha256: c392c0b95289dc28c49b39b5e91d64e71ce51fd942d0ea9380cad7072c53e896
                                        
                                            GET /mnlt/production/2981/_dm/s/rt/dist/scripts/d-js-jquery-migrate.min.js HTTP/1.1 
Host: static.cdn-website.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.101
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 3809
date: Thu, 10 Nov 2022 14:04:58 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-replication-status: FAILED
last-modified: Thu, 10 Nov 2022 13:55:39 GMT
etag: "3b9b4be11c442558448e1bcb0e914c6c"
cache-control: max-age=31536000
x-amz-version-id: 9HJbAWUXmNMnjA1CYJ5Bbhrw30f7Z44E
accept-ranges: bytes
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5G5F1GhqIkfZ7CHb9Nh24BCyhgzc1vBglvPaMaA4nYhobC3ElmxIiA==
age: 146172
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (558)
Size:   3809
Md5:    b13cd3038a1b55c2c2fae0b1638badf9
Sha1:   84d73a86a5dac83eac39566ffa09acb74932a231
Sha256: 85e9d3ece00c1bcdebc06e42ba3e6059b1588325cc3718c26d785bb6d6f427e5
                                        
                                            GET /libs/jquery/jquery-3.6.0.min.js HTTP/1.1 
Host: static.cdn-website.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.101
HTTP/2 200 OK
content-type: text/javascript
                                        
content-length: 27967
date: Mon, 31 Oct 2022 10:26:33 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-replication-status: FAILED
last-modified: Sun, 20 Jun 2021 11:54:25 GMT
etag: "8fb8fee4fcc3cc86ff6c724154c49c42"
cache-control: max-age=31536000
x-amz-version-id: DnPaSD2ax.ofdsMomR96m6B51pMZfReJ
accept-ranges: bytes
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: k0-kw9ttwtblW_3YOQobJdeWNDaOSa7o9V-PfP-yDzd3otCfWeykSg==
age: 1023276
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   27967
Md5:    e3b056b5f5833ed57baaeb7d1f759d66
Sha1:   aef9ffcd15bb3fd72f0846d557f46c1560cbb622
Sha256: bdb487a7bf608abf88dc492b5c4d82253539a3e1a885055541391cab973b7748
                                        
                                            GET /mnlt/production/2981/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js HTTP/1.1 
Host: static.cdn-website.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.101
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 100201
date: Thu, 10 Nov 2022 14:04:57 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-replication-status: PENDING
last-modified: Thu, 10 Nov 2022 13:55:39 GMT
etag: "cb4e91f4867e49a9378c3bb94cedd984"
cache-control: max-age=31536000
x-amz-version-id: 1gFvfOSVfUgIfyyqSLUV8q5s046MxGvD
accept-ranges: bytes
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: jHcA4jmjqwLnZL3OaeM2RrzdQ7i-Tyl0k3gTisoJUqRPuPHTSU1H-g==
age: 146171
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1040)
Size:   100201
Md5:    f6db36e32dfb63d7898080fb11fb8c48
Sha1:   fe9e1968c95583ce609b2c77eb186f3c5b8b82e7
Sha256: c6a484f949e442478594ddcf5a66825982461f46ad7104509301b0e47e062886
                                        
                                            GET /mnlt/production/2981/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-new.min.css HTTP/1.1 
Host: static.cdn-website.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.101
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 25264
date: Thu, 10 Nov 2022 14:04:56 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-replication-status: FAILED
last-modified: Thu, 10 Nov 2022 13:55:38 GMT
etag: "3be5aba0c4a986de4b085cf7c44e58b6"
cache-control: max-age=31536000
x-amz-version-id: wBxJxswLpXmdjmxyRmkBsyRVowPBNnE1
accept-ranges: bytes
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Mp7DmZOsK_-gW0pCif9qYL9PTbb94z705RvZovCR82S3j5c5b3_XmQ==
age: 146173
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35992)
Size:   25264
Md5:    7dffe0fbb5ea906f2ad094256c53315c
Sha1:   db48b3751a0bfa34dd1e712ad1638eeaf4286817
Sha256: 6c1eb1890e5319e45e18edea0dd717ea8ce305e3cc3828301a6767d04b363e47
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0373641DDD4D95497F329B16D2EC6558EC3F0A752379B5657EAC11BABDE17961"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=660
Expires: Sat, 12 Nov 2022 06:52:10 GMT
Date: Sat, 12 Nov 2022 06:41:10 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /fonts/fontawesome-webfont.woff?v=6 HTTP/1.1 
Host: static-cdn.multiscreensite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.motty.no
Connection: keep-alive
Referer: https://static.cdn-website.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.43
HTTP/2 200 OK
content-type: application/font-woff
                                        
content-length: 98024
date: Sat, 05 Nov 2022 05:57:07 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-replication-status: FAILED
last-modified: Wed, 05 Jun 2019 08:06:55 GMT
etag: "fee66e712a8a08eef5805a46892932ad"
cache-control: max-age=31536000
x-amz-version-id: bR46Z9gnVogjFEVmln4nlzTlCUFntZSU
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fa72qftj7-YbH8xsdve_32PxRvGc4Fw_RBqWlzrQtgUqVUnAfwS2gg==
age: 607444
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Size:   98024
Md5:    fee66e712a8a08eef5805a46892932ad
Sha1:   28b782240b3e76db824e12c02754a9731a167527
Sha256: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "579A2102F36944FD5D9957A82B5E5CFD022A4B478B11E78C50E8C5535919CD54"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15206
Expires: Sat, 12 Nov 2022 10:54:36 GMT
Date: Sat, 12 Nov 2022 06:41:10 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   51860
Md5:    903835466d3921648a63f6c41b39523e
Sha1:   993ecc170f194054794f1550137d0c816c729ddb
Sha256: f127e324f7e7f3391f79f07b8a8f1c8f3e901fe82a4af2533181ad8b97d6f209
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "579A2102F36944FD5D9957A82B5E5CFD022A4B478B11E78C50E8C5535919CD54"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11106
Expires: Sat, 12 Nov 2022 09:46:16 GMT
Date: Sat, 12 Nov 2022 06:41:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "579A2102F36944FD5D9957A82B5E5CFD022A4B478B11E78C50E8C5535919CD54"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15202
Expires: Sat, 12 Nov 2022 10:54:32 GMT
Date: Sat, 12 Nov 2022 06:41:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "579A2102F36944FD5D9957A82B5E5CFD022A4B478B11E78C50E8C5535919CD54"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11136
Expires: Sat, 12 Nov 2022 09:46:46 GMT
Date: Sat, 12 Nov 2022 06:41:10 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   51328
Md5:    87da6bf51ac65876c89d93ebe08ceac2
Sha1:   91af4952462dbad26fad0e43d3ef0115f4860bb3
Sha256: 84956e0517d3469ef1bc29a4da6fc8a266aa3a5ae8599337ab5e816dda390d61
                                        
                                            GET /fonts/css?family=Lato:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap HTTP/1.1 
Host: irp.cdn-website.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.25
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: CloudFront
date: Mon, 17 Oct 2022 06:06:23 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4gselRv5ek-y2s1Rfp99pcKrBJ85_ZvSu75u7JqwhATCdTaBfo5FVQ==
age: 2248486
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   88710
Md5:    8086f26fcd87ff0de07db4e3dd0341f0
Sha1:   c5e0db4bd732dfbcce092f9bcf44c59b1bfb81bf
Sha256: 9db6607281abe6479e17198078eeb960a9588ca3c362aef6868315c94b1a5603
                                        
                                            GET /fonts/dm-common-icons.ttf?5f0fg HTTP/1.1 
Host: static-cdn.multiscreensite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.motty.no
Connection: keep-alive
Referer: https://static.cdn-website.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.43
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 2368
date: Wed, 09 Nov 2022 03:02:38 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-replication-status: FAILED
last-modified: Mon, 19 Aug 2019 11:53:23 GMT
etag: "b71bfcb8a1c734ad0654e25cd41964f2"
cache-control: max-age=31536000
x-amz-version-id: PqntK7H35YcTmkMvqWIJAJRdU.53YusY
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6cpQcZykHvAyCmuv005O_bwKrD9DGwGIa4aNOnwh6BhWtyLh5Dfmdw==
age: 272313
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, dm-common-icons\012- data
Size:   2368
Md5:    b71bfcb8a1c734ad0654e25cd41964f2
Sha1:   2c7fb7007f8f6250c5c1c323f36c29873107c9ee
Sha256: 432d3ceb04bc5bb9c94242a57a06211ab0cbe6168af26354223a9b57df4266f0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/7yOT9-o9nws HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /optimize.js?id=OPT-N8J4MJ7 HTTP/1.1 
Host: www.googleoptimize.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.78
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 06:41:10 GMT
expires: Sat, 12 Nov 2022 06:41:10 GMT
cache-control: private, max-age=900
last-modified: Sat, 12 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43978
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43978
Md5:    2d59fba89a7096ef0a7c52420f540fa8
Sha1:   e1127c652d3881613578b291e17b0589235f2832
Sha256: 1abe99be5ba109f936a11b8d701c673bbac7b2660407d89e591c185559b346d2
                                        
                                            GET /track/code.js HTTP/1.1 
Host: 13l14z2.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.107.149.195
HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
                                        
set-cookie: uxid=ae9bc917-baf6-479f-8100-f168f0d77a5c; Path=/; Expires=Sun, 12 Nov 2023 06:41:10 GMT; Secure; SameSite=None
date: Sat, 12 Nov 2022 06:41:10 GMT
content-length: 962
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (484)
Size:   962
Md5:    feb2bbea1e972939fe4ccec7159eb072
Sha1:   4edee034d5ec92ce2d4661159c18db6cdb6becf4
Sha256: e96c87dc74005d82aedcfc1617cca43fb8aeec304a9d507db82a0fd579bea95e
                                        
                                            GET /2d20583b/dms3rep/multi/opt/background-1920w.jpg HTTP/1.1 
Host: lirp.cdn-website.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.87
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 69440
date: Sat, 12 Nov 2022 06:41:11 GMT
last-modified: Sun, 05 Jun 2022 21:04:34 GMT
x-amz-expiration: expiry-date="Sat, 03 Dec 2022 00:00:00 GMT", rule-id="delete images after 6 months"
etag: "a5bde78120352322c0ab89dd5e05caf8"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 7zLUNXaAfOOo185LHzLtUnlDHHVQsNbfPCYn8yAcTJjKL4cPpvc7Pg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x630, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   69440
Md5:    a5bde78120352322c0ab89dd5e05caf8
Sha1:   98e57ba0183ea861546c7270a6a6b229855bcf12
Sha256: 1ab742a469216709499d16281b3d46649bede878a766ff2c4e57af221c8148a0
                                        
                                            POST /s/gts1d4/1rvwe20eq8Y HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/1rvwe20eq8Y HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/7yOT9-o9nws HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /tr HTTP/1.1 
Host: webtrafficsource.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.motty.no/
Origin: https://www.motty.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.107.149.195
HTTP/2 204 No Content
                                        
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type
access-control-allow-methods: POST,GET
access-control-allow-origin: *
date: Sat, 12 Nov 2022 06:41:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST /tr HTTP/1.1 
Host: webtrafficsource.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://www.motty.no
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.107.149.195
HTTP/2 200 OK
                                        
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: Content-Length
date: Sat, 12 Nov 2022 06:41:10 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST /s/gts1d4/1rvwe20eq8Y HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /li.lms-analytics/insight.min.js HTTP/1.1 
Host: snap.licdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.210
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
last-modified: Wed, 09 Nov 2022 19:27:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=28923
date: Sat, 12 Nov 2022 06:41:10 GMT
content-length: 4530
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12826)
Size:   4530
Md5:    806d185619a4ef5951ab91810117e4ba
Sha1:   f40031c0ea5718f6d9a0a35e8ca60262daedc440
Sha256: 06489a801966cb9e7b467aed4edb63aa10bc2e588d259054ef696ade54e4b19f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6084
Cache-Control: max-age=167089
Date: Sat, 12 Nov 2022 06:41:10 GMT
Etag: "636f11f3-1d7"
Expires: Mon, 14 Nov 2022 05:05:59 GMT
Last-Modified: Sat, 12 Nov 2022 03:24:35 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /icons/refinancing.svg HTTP/1.1 
Host: cdn.motty.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://irp.cdn-website.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 12 Nov 2022 06:41:10 GMT
vary: Accept-Encoding
server: BunnyCDN-NO-830
cdn-pullzone: 46157
cdn-uid: 395a56fd-014e-4f58-9b1f-340626af5f6d
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
content-md5: a+z0+iLH+QNiVnOyEvOHqA==
last-modified: Fri, 18 Jun 2021 13:09:13 GMT
x-ms-request-id: 6cd077e4-301e-004c-114e-f30dea000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/08/2022 08:45:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e02bf58c679765e04405fe4f7e82d665
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1891), with no line terminators
Size:   20853
Md5:    cc1028f09a2e427010bedc93a640a327
Sha1:   f5d18ccf8342e5e7b6cc20cc580112f8b92ca671
Sha256: 3917ff0659c6406c500c5a6e2aaa2a8c752d92584af8d3ef0a8eb37881644a1a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /uwt.js HTTP/1.1 
Host: static.ads-twitter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.84.157
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Sat, 12 Nov 2022 06:41:10 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57596), with no line terminators
Size:   15375
Md5:    573e6a7f86f6f3063763360ef0672c01
Sha1:   b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
Sha256: 02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: tNV/ujlh+VzSEwrdpXBc1LyIhrgaLjPElrZEh+4lcMPcp7ygZfAi0OCnHi48uvBTXebA9xdKKhUdP8tsxWptsQ==
priority: u=3,i
content-length: 27337
x-fb-trip-id: 1904183273
date: Sat, 12 Nov 2022 06:41:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   27337
Md5:    0ac10debd3a9ea8147a26d045bb93e6e
Sha1:   ff45f3442508e8695f2303701682ebdb6e016464
Sha256: 5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
                                        
                                            GET /pagead/viewthroughconversion/691343174/?random=1668235269757&cv=11&fst=1668235269757&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.motty.no%2Frefinansiering-av-lan%3Fadid%3D7655%2F%3Faff-id%3D423268%26ClickID%3D11_127227825_c9675e8c-4fd9-4e79-a329-0a3b0f677a93&ref=http%3A%2F%2Fserviceclub.solutions%2F&tiba=Refinansiering%20av%20l%C3%A5n%20med%20lav%20rente%20%7C%20Motty&auid=2098401638.1668235270&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.194
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 06:41:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 985
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 12-Nov-2022 06:56:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2191), with no line terminators
Size:   985
Md5:    0aff4ce3188ee0bb756c2a2c2c815397
Sha1:   e712a12fd1696a92d892747ab1fb6924435cc0f0
Sha256: ad6595df6a14e7603e85446f1dd869ebee74a5fc8bf9e355e29057916a9ca63c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6085
Cache-Control: max-age=167089
Date: Sat, 12 Nov 2022 06:41:11 GMT
Etag: "636f11f3-1d7"
Expires: Mon, 14 Nov 2022 05:06:00 GMT
Last-Modified: Sat, 12 Nov 2022 03:24:35 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /docs/release/2.3.6/minified/require.js HTTP/1.1 
Host: requirejs.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.199.109.153
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: GitHub.com
x-origin-cache: HIT
last-modified: Sat, 18 May 2019 19:25:41 GMT
access-control-allow-origin: *
etag: W/"5ce05c35-451f"
expires: Fri, 11 Nov 2022 12:51:18 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: F674:1490:242132:24FF11:636E42EE
accept-ranges: bytes
date: Sat, 12 Nov 2022 06:41:11 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668235271.004362,VS0,VE102
vary: Accept-Encoding
x-fastly-request-id: 024e66b6790c83fd666b77a0811b5e2de1d56ce6
content-length: 6590
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17493)
Size:   6590
Md5:    65f3022df1eee0a8d8fe63f03a740659
Sha1:   89a0847a95af7fda86c9962787ab64285a558673
Sha256: 1b348e674fdee358f68ec8cf243fd745edd848fb97c05630c76621aebebc3197
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5499
Cache-Control: max-age=110708
Date: Sat, 12 Nov 2022 06:41:11 GMT
Etag: "636e3800-13a"
Expires: Sun, 13 Nov 2022 13:26:19 GMT
Last-Modified: Fri, 11 Nov 2022 11:54:40 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 314

                                        
                                            GET /box-c6ca1c87e308a39aabb76b56ba54398b.html HTTP/1.1 
Host: vars.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         54.230.111.75
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1035
date: Fri, 04 Nov 2022 12:22:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gDljDWdK9t5BZfC_mS9FNG-1cua0m-L0obdF-IFLBi_hROolTKNqCA==
age: 670745
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size:   1035
Md5:    b6d25d1350d6a014d80689f389e76f97
Sha1:   a957e3d99790759f71a4d9e2fdaf819f60e8c569
Sha256: fb2a1528b99d3eb4c9374642b5045efaf6e06666fdd48a55560a375449b01079
                                        
                                            GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.79
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Fri, 11 Nov 2022 06:47:38 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gz4ds1LLyPJJ5TOnYumzHJC6Dos-Rq_t4ejoucSV7RkToS_Zuh5TyQ==
age: 86013
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Size:   6124
Md5:    5add60196e5f96a414fb4b9586764e5d
Sha1:   633f471b3c2fcedeef9cad90cb5bf56f5fe55588
Sha256: 5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
                                        
                                            GET /application-sliders-widget.js HTTP/1.1 
Host: cdn.motty.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Cookie: _gcl_au=1.1.2098401638.1668235270; _ga_D9XCSC6T3J=GS1.1.1668235269.1.0.1668235269.0.0.0; _ga=GA1.2.2103762840.1668235270; _gid=GA1.2.1079412930.1668235270; _gat_UA-133846958-1=1; _gat_gtag_UA_108377723_24=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         194.242.11.186
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 12 Nov 2022 06:41:11 GMT
server: BunnyCDN-NO-830
cdn-pullzone: 46157
cdn-uid: 395a56fd-014e-4f58-9b1f-340626af5f6d
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=2592000
content-md5: nv0insJJXrZ07kcnzO4Gdg==
last-modified: Mon, 12 Sep 2022 09:03:18 GMT
x-ms-request-id: 3ede53fd-f01e-0021-654e-f3b9a1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/08/2022 08:46:29
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 73305160aba7fef9d01e4ec497bf69d1
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5868), with no line terminators
Size:   2269
Md5:    0352cd9bc16d92d3994108ebb9efdbdb
Sha1:   718b44c2c16f7f6831f145c4796cdad638a2d9d8
Sha256: 4a8e03ecf52c80cdb507dce52334de0a7dc1fd7d8d0462a17f5ab605bf3ea500
                                        
                                            GET /trustboxes/5419b637fa0340045cd0c936/index.html?templateId=5419b637fa0340045cd0c936&businessunitId=60e41e228b616600019987b4 HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.79
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 2114
last-modified: Tue, 04 Oct 2022 10:33:49 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Fri, 11 Nov 2022 09:06:16 GMT
cache-control: max-age=86400
etag: "bbd26c541b063878dddb6095c1f82221"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iJgfWh_vC5FL_aBrHBTgUHU8fHFA10Ut8drrtNRsUvfgPOKIUxfQfA==
age: 77696
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6784)
Size:   2114
Md5:    bbd26c541b063878dddb6095c1f82221
Sha1:   ad7402097c8a410e880016bf77b037e2def9a09f
Sha256: d7cc9429d7ddde82e2f3d9390e483ca72489b153a4356a401456411d5b40fa9a
                                        
                                            GET /trustboxes/5419b637fa0340045cd0c936/main.js HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b637fa0340045cd0c936/index.html?templateId=5419b637fa0340045cd0c936&businessunitId=60e41e228b616600019987b4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.79
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-length: 17075
last-modified: Tue, 04 Oct 2022 10:33:51 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 12 Nov 2022 00:45:28 GMT
cache-control: max-age=86400
etag: "8efe0f2f2944e9baaa88fd0174e1b459"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xL8wY47gIT2P1gaZug21xLfMZmn-YCx0GPqT13-vsGAULeugzuv0jg==
age: 21344
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (55461)
Size:   17075
Md5:    8efe0f2f2944e9baaa88fd0174e1b459
Sha1:   390574f839b7fb636c79834a1a53a0ebc1e2c87b
Sha256: 30b71113e1dbb5d3de637195adf9e5708923a611cb99f5670e7fd1c04c123d32
                                        
                                            GET /i/adsct?bci=3&eci=2&event_id=e7114524-d3f4-4925-9830-f47ba45f3298&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=be030113-4f0f-4721-8dbd-a6920d411aee&tw_document_href=https%3A%2F%2Fwww.motty.no%2Frefinansiering-av-lan%3Fadid%3D7655%2F%3Faff-id%3D423268%26ClickID%3D11_127227825_c9675e8c-4fd9-4e79-a329-0a3b0f677a93&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8uma&type=javascript&version=2.3.29 HTTP/1.1 
Host: t.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.244.42.133
HTTP/2 200 OK
content-type: image/gif;charset=utf-8
                                        
date: Sat, 12 Nov 2022 06:41:10 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=2a0a18c3-177f-4f42-afae-ca24b47c23ae; Max-Age=63072000; Expires=Mon, 11 Nov 2024 06:41:11 GMT; Path=/; Domain=t.co; Secure; SameSite=None
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: f5f8d2b861eb38ff
strict-transport-security: max-age=0
x-response-time: 110
x-connection-hash: c643e951e36fe1a2c5f7a98ea0f8dd376f1f8a80ed0fabc724592e77e2f6e373
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    377d257f2d2e294916143c069141c1c5
Sha1:   b7cae69682cf31dd670b65088db8395acda6ed3e
Sha256: ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
                                        
                                            GET /trustbox-data/5419b637fa0340045cd0c936?businessUnitId=60e41e228b616600019987b4&locale=no HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b637fa0340045cd0c936/index.html?templateId=5419b637fa0340045cd0c936&businessunitId=60e41e228b616600019987b4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.79
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
content-length: 420
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fallback-status: BYPASS
x-skip-cache-cookie: 0
x-xss-protection: 1; mode=block
cache-control: public,max-age=1800
date: Sat, 12 Nov 2022 06:27:46 GMT
etag: "1c2143f12226e19b4aeeddb956cc9a40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JUtoGgZQPIu80yIHWPeSbGRRmaxfza2dg67R9Z1dT9Bx7TMrkt09LA==
age: 805
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (895), with no line terminators
Size:   420
Md5:    d75ec9eefc6302805a2f96af21ed9b44
Sha1:   87dd83520b82bb1c496ef5d99405c69d6178557f
Sha256: f9b223b555a76dbc2687ea4b82830c0ed5b2f79ef76cbad9af30c94282f41b2b
                                        
                                            GET /modules.b738078c6419b4df4360.js HTTP/1.1 
Host: script.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.93
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 68482
date: Fri, 11 Nov 2022 12:14:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "8f0c4297c2d458710337dddf28967bf3"
last-modified: Fri, 11 Nov 2022 12:13:35 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rJDyQa1B0cVqXxH5Ji4e9UWqD9EZXrohuZNVllbpXv_oikV3FgpNzA==
age: 66425
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48714)
Size:   68482
Md5:    8f0c4297c2d458710337dddf28967bf3
Sha1:   d08ccfbb3663051f6b4c9cb5e04b545832d77906
Sha256: 4ad2290f9d61995edab85f4a0ac65d3134b6cba364b18b7f3047a939f3a775d3
                                        
                                            OPTIONS /partner/4393257/domain/motty.no/token HTTP/1.1 
Host: cdn.linkedin.oribi.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.motty.no/
Origin: https://www.motty.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.78
HTTP/2 200 OK
                                        
content-length: 0
date: Sat, 12 Nov 2022 01:14:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: A1WWG1WQxtGd8MY_4lGGbc1bM2xiiZIAilqSEbP4NrI2UGVRp59YAw==
age: 19617
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4057
Cache-Control: max-age=150305
Date: Sat, 12 Nov 2022 06:41:11 GMT
Etag: "636ed850-13a"
Expires: Mon, 14 Nov 2022 00:26:16 GMT
Last-Modified: Fri, 11 Nov 2022 23:18:40 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 314

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/1p-user-list/691343174/?random=1668235269757&cv=11&fst=1668232800000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.motty.no%2Frefinansiering-av-lan%3Fadid%3D7655%2F%3Faff-id%3D423268%26ClickID%3D11_127227825_c9675e8c-4fd9-4e79-a329-0a3b0f677a93&ref=http%3A%2F%2Fserviceclub.solutions%2F&tiba=Refinansiering%20av%20l%C3%A5n%20med%20lav%20rente%20%7C%20Motty&fmt=3&is_vtc=1&random=3137389259&rmt_tld=0&ipr=y HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 06:41:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-user-list/691343174/?random=1668235269757&cv=11&fst=1668232800000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.motty.no%2Frefinansiering-av-lan%3Fadid%3D7655%2F%3Faff-id%3D423268%26ClickID%3D11_127227825_c9675e8c-4fd9-4e79-a329-0a3b0f677a93&ref=http%3A%2F%2Fserviceclub.solutions%2F&tiba=Refinansiering%20av%20l%C3%A5n%20med%20lav%20rente%20%7C%20Motty&fmt=3&is_vtc=1&random=3137389259&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 06:41:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /partner/4393257/domain/motty.no/token HTTP/1.1 
Host: cdn.linkedin.oribi.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.motty.no
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.78
HTTP/2 200 OK
content-type: application/json
                                        
date: Sat, 12 Nov 2022 01:14:14 GMT
access-control-allow-origin: *
cache-control: public, max-age=25991
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DFZE2SejDPJDJ-YiMr9_466u2nMpmgRhN06P0E1KPT5PYNCbOvJpLw==
age: 19617
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /tr/?id=519377513014339&ev=PageView&dl=https%3A%2F%2Fwww.motty.no%2Frefinansiering-av-lan%3Fadid%3D7655%2F%3Faff-id%3D423268%26ClickID%3D11_127227825_c9675e8c-4fd9-4e79-a329-0a3b0f677a93&rl=http%3A%2F%2Fserviceclub.solutions%2F&if=false&ts=1668235270876&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1668235270876.2140663269&it=1668235270477&coo=false&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Nov 2022 06:41:11 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /i/adsct?bci=3&eci=2&event_id=e7114524-d3f4-4925-9830-f47ba45f3298&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=be030113-4f0f-4721-8dbd-a6920d411aee&tw_document_href=https%3A%2F%2Fwww.motty.no%2Frefinansiering-av-lan%3Fadid%3D7655%2F%3Faff-id%3D423268%26ClickID%3D11_127227825_c9675e8c-4fd9-4e79-a329-0a3b0f677a93&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8uma&type=javascript&version=2.3.29 HTTP/1.1 
Host: analytics.twitter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.244.42.3
HTTP/2 200 OK
content-type: image/gif;charset=utf-8
                                        
date: Sat, 12 Nov 2022 06:41:10 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_RXwEDvZjlnbauPodMcKNJg=="; Max-Age=63072000; Expires=Mon, 11 Nov 2024 06:41:11 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: ee79cb5716ed800a
strict-transport-security: max-age=631138519
x-response-time: 104
x-connection-hash: ef8dd55f9041aa309a54b5fdd44350943ae1b0443468ecab0a32111bc7c6369d
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    377d257f2d2e294916143c069141c1c5
Sha1:   b7cae69682cf31dd670b65088db8395acda6ed3e
Sha256: ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
                                        
                                            GET /collect?v=2&fmt=js&pid=4393257&time=1668235270397&url=https%3A%2F%2Fwww.motty.no%2Frefinansiering-av-lan%3Fadid%3D7655%2F%3Faff-id%3D423268%26ClickID%3D11_127227825_c9675e8c-4fd9-4e79-a329-0a3b0f677a93 HTTP/1.1 
Host: px.ads.linkedin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         13.107.42.14
HTTP/2 302 Found
                                        
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4393257%26time%3D1668235270397%26url%3Dhttps%253A%252F%252Fwww.motty.no%252Frefinansiering-av-lan%253Fadid%253D7655%252F%253Faff-id%253D423268%2526ClickID%253D11_127227825_c9675e8c-4fd9-4e79-a329-0a3b0f677a93%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJdMzetg7JIkAAAAYRqkh1FQFBrLVDUUyRBqadN6ZY1Yyhh64TCVl1v8PjGEhcn6fE6ciF_lM0hkQ; Max-Age=2592000; Expires=Mon, 12 Dec 2022 06:41:11 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure AnalyticsSyncHistory=AQIplTIqhJx2hgAAAYRqkh1FG3Ix2H2nBG8BX7NRmkoDsW_an2bkDcTSLSt5Ad328N1julw6WYNTkm-uxw6iiw; Max-Age=2592000; Expires=Mon, 12 Dec 2022 06:41:11 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure bcookie="v=2&a903c4a3-3650-474e-8b6a-e1d31a4a2014"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 12-Nov-2023 06:41:11 GMT; SameSite=None lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2373:u=1:x=1:i=1668235271:t=1668321671:v=2:sig=AQFgnU8NIkohZVXrGWxmoB5V2QX6aUBS"; Expires=Sun, 13 Nov 2022 06:41:11 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXtQErCKpEhp5o2pHJsRw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B9C466986609405EA8C4FDB4633AE270 Ref B: OSL30EDGE0212 Ref C: 2022-11-12T06:41:11Z
date: Sat, 12 Nov 2022 06:41:11 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /i?e=pv&page=Refinansiering%20av%20l%C3%A5n%20med%20lav%20rente%20%7C%20Motty&dtm=1668235270405&tid=379204&vp=1280x939&ds=1268x4221&vid=1&duid=c8b81b153e36b1f0&p=web&tv=js-2.0.0&fp=3963981668&aid=2d20583b&lang=en-US&cs=UTF-8&tz=UTC&tna=cf&refr=http%3A%2F%2Fserviceclub.solutions%2F&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Fwww.motty.no%2Frefinansiering-av-lan%3Fadid%3D7655%2F%3Faff-id%3D423268%26ClickID%3D11_127227825_c9675e8c-4fd9-4e79-a329-0a3b0f677a93 HTTP/1.1 
Host: d32hwlnfiv2gyn.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.70
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 37
date: Sat, 12 Nov 2022 06:41:12 GMT
last-modified: Thu, 03 Jul 2014 09:50:57 GMT
etag: "3eacd0132310ea44cad756b378a3bc07"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qwGQnkHcs9GWTR784e9DNHO-oFdaN3D83sDaaZ-GK-nrBl1CD8CUEg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   37
Md5:    3eacd0132310ea44cad756b378a3bc07
Sha1:   e2216a7e9b73f5cb0279351c78ce61c33475cea7
Sha256: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119892
Date: Sat, 12 Nov 2022 06:41:11 GMT
Etag: "636e6961-1d7"
Expires: Sun, 13 Nov 2022 15:59:23 GMT
Last-Modified: Fri, 11 Nov 2022 15:25:21 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8SJORuZKVg-ZV0cKfSk9WYujm0YJMPYckfh9HRNeBwXW58ZxIf0iOg==
Age: 2042

                                        
                                            GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4393257%26time%3D1668235270397%26url%3Dhttps%253A%252F%252Fwww.motty.no%252Frefinansiering-av-lan%253Fadid%253D7655%252F%253Faff-id%253D423268%2526ClickID%253D11_127227825_c9675e8c-4fd9-4e79-a329-0a3b0f677a93%26liSync%3Dtrue HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.motty.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         13.107.42.14
HTTP/2 302 Found
                                        
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4393257&time=1668235270397&url=https%3A%2F%2Fwww.motty.no%2Frefinansiering-av-lan%3Fadid%3D7655%2F%3Faff-id%3D423268%26ClickID%3D11_127227825_c9675e8c-4fd9-4e79-a329-0a3b0f677a93&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None bcookie="v=2&16ec5152-0131-4428-832b-356abc71825e"; Domain=.linkedin.com; Expires=Sun, 12-Nov-2023 06:41:11 GMT; Path=/; Secure; SameSite=None bscookie="v=1&20221112064111e848c16c-bcbb-4b79-81a7-a6b29b3ec050AQGHlGzWR8RSZ8Lx3SPi7x1wVkGB0sDa"; Domain=.www.linkedin.com; Expires=Sun, 12-Nov-2023 06:41:11 GMT; Path=/; HttpOnly; Secure; SameSite=None li_gc=MTswOzE2NjgyMzUyNzE7MjswMjHt1JuYdtYiIX5Vncv2uKZCXxzmcwFBUtjdkHjaRmENVw==; Domain=.linkedin.com; Expires=Thu, 11 May 2023 06:41:11 GMT; Path=/; Secure; SameSite=None lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2416:u=1:x=1:i=1668235271:t=1668321671:v=2:sig=AQFmM-K28cnN7neI8BBBIKcyKdckelxM"; Expires=Sun, 13 Nov 2022 06:41:11 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXtQErFGTNfhGvbFqsIrQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 7E8D09C59A8C4E44ADD0F6CA6A017216 Ref B: OSL30EDGE0212 Ref C: 2022-11-12T06:41:11Z
date: Sat, 12 Nov 2022 06:41:11 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /collect?v=2&fmt=js&pid=4393257&time=1668235270397&url=https%3A%2F%2Fwww.motty.no%2Frefinansiering-av-lan%3Fadid%3D7655%2F%3Faff-id%3D423268%26ClickID%3D11_127227825_c9675e8c-4fd9-4e79-a329-0a3b0f677a93&liSync=true HTTP/1.1 
Host: px.ads.linkedin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.motty.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         13.107.42.14
HTTP/2 200 OK
content-type: application/javascript
                                        
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure bcookie="v=2&89aba510-3d40-4d16-8a41-1bdee5f91049"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 12-Nov-2023 06:41:11 GMT; SameSite=None lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2373:u=1:x=1:i=1668235271:t=1668321671:v=2:sig=AQFgnU8NIkohZVXrGWxmoB5V2QX6aUBS"; Expires=Sun, 13 Nov 2022 06:41:11 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXtQErH9UQ+jd+8iwaT9Q==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 0DEA0A3F471F4C4B95651E023C7D542C Ref B: OSL30EDGE0212 Ref C: 2022-11-12T06:41:11Z
date: Sat, 12 Nov 2022 06:41:11 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /runtime-service-worker.js?v=3 HTTP/1.1 
Host: www.motty.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: dm_timezone_offset=0; dm_last_page_view=1668235269606; dm_this_page_view=1668235269606; dm_last_visit=1668235269606; dm_total_visits=1; _gcl_au=1.1.2098401638.1668235270; _ga_D9XCSC6T3J=GS1.1.1668235269.1.0.1668235269.0.0.0; _ga=GA1.2.2103762840.1668235270; _sp_id.c542=c8b81b153e36b1f0.1668235270.1.1668235270.1668235270; _sp_ses.c542=1668237070404; _gid=GA1.2.1079412930.1668235270; _gat_UA-133846958-1=1; _gat_gtag_UA_108377723_24=1; _fbp=fb.1.1668235270876.2140663269; _hjSessionUser_2893907=eyJpZCI6IjZmMTgzYjk3LTU2YjctNWJiZC1hYWFmLWNhNDZhMDUzY2M4MCIsImNyZWF0ZWQiOjE2NjgyMzUyNzA4NTQsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2893907=eyJpZCI6ImQ5MWZiOGNmLTUyODQtNGRiMy05ZWY3LTNhNDA1NzY1ZDBlNiIsImNyZWF0ZWQiOjE2NjgyMzUyNzA4ODYsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; ln_or=d
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         3.67.141.185
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Sat, 12 Nov 2022 06:41:11 GMT
content-length: 4569
d-cache: from-cache
content-encoding: gzip
content-disposition: inline;filename=f.txt
d-geo: EU
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4569
Md5:    fe3a85f61159e656872daee4feba2d1e
Sha1:   ff2994868fcffa52f13b87da731d00715ed25b34
Sha256: 1db0d5857241242d1993e09ace10a71232fbd5422d052d6c4ac73d9001924d03
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /workbox-cdn/releases/3.0.0-beta.0/workbox-sw.js HTTP/1.1 
Host: storage.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.16
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
x-guploader-uploadid: ADPycdumETP2UZzcZqybvS8y-8uhWxurmjMPZQB_XlodUBgppWJIsPlFST7p6E5dmiozicLNVr9RFRKwYDZYcL2KP0YUmQ
x-goog-generation: 1517526342705547
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1461
x-goog-hash: crc32c=77cSoA==, md5=XAYdj3/aWbWhoTy62GTlhQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1461
access-control-allow-origin: *
server: UploadServer
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
date: Sat, 12 Nov 2022 05:51:51 GMT
expires: Sat, 12 Nov 2022 06:51:51 GMT
cache-control: public, max-age=3600
age: 2961
last-modified: Thu, 01 Feb 2018 23:05:42 GMT
etag: "5c061d8f7fda59b5a1a13cbad864e585"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1420)
Size:   1461
Md5:    5c061d8f7fda59b5a1a13cbad864e585
Sha1:   c4e9eb6328ca26c84392a658f5a2f1c8acace865
Sha256: 4cad7b04adc7c399e5c5afe20bde431706729aadefbd80bb78f5046d3181e73e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 12 Nov 2022 06:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /?utm_source=homescreen&TIMESTAMP=1668235273423 HTTP/1.1 
Host: www.motty.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.motty.no/runtime-service-worker.js?v=3
Connection: keep-alive
Cookie: dm_timezone_offset=0; dm_last_page_view=1668235269606; dm_this_page_view=1668235269606; dm_last_visit=1668235269606; dm_total_visits=1; _gcl_au=1.1.2098401638.1668235270; _ga_D9XCSC6T3J=GS1.1.1668235269.1.0.1668235269.0.0.0; _ga=GA1.2.2103762840.1668235270; _sp_id.c542=c8b81b153e36b1f0.1668235270.1.1668235270.1668235270; _sp_ses.c542=1668237070404; _gid=GA1.2.1079412930.1668235270; _gat_UA-133846958-1=1; _gat_gtag_UA_108377723_24=1; _fbp=fb.1.1668235270876.2140663269; _hjSessionUser_2893907=eyJpZCI6IjZmMTgzYjk3LTU2YjctNWJiZC1hYWFmLWNhNDZhMDUzY2M4MCIsImNyZWF0ZWQiOjE2NjgyMzUyNzA4NTQsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2893907=eyJpZCI6ImQ5MWZiOGNmLTUyODQtNGRiMy05ZWY3LTNhNDA1NzY1ZDBlNiIsImNyZWF0ZWQiOjE2NjgyMzUyNzA4ODYsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; ln_or=d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         3.67.141.185
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
server: nginx
date: Sat, 12 Nov 2022 06:41:14 GMT
content-length: 29169
d-cache: from-cache
content-encoding: gzip
strict-transport-security: max-age=31536000; preload
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
vary: user-agent,accept-encoding
d-geo: EU
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41314), with CRLF, LF line terminators
Size:   29169
Md5:    8d38e51273d98632115358c231cba3f7
Sha1:   f041fa28a4f8c6cf2a8f10dc395a0a568364010d
Sha256: c71954616ae5c70040f35f6a7a43a399e16c638a82b091cccb9ef9d230b2d329
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6940de73-c8af-4f08-84f9-033133b198d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4250
x-amzn-requestid: 3f643146-4c17-4525-8bc8-aa53300e2266
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMi9GzaIAMFVVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec145-5c138ab16b352bd5420f26a0;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:21 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: awVvzPv9MffgExwbK0t8p9CjWAjZSM9EP50xsROieOwKNW5PZjnpRw==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:54 GMT
age: 31222
etag: "8cb7131508030c23611ceccf9821b13a41fc8517"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4250
Md5:    d5e82891325c1b680b0e4e1fc1125d52
Sha1:   8cb7131508030c23611ceccf9821b13a41fc8517
Sha256: 0166009c7ffe0ef81c0259e98b8a94cc1a270eb09dc52fe19ad4783585e848f3
                                        
                                            GET /icons/new-loan.svg HTTP/1.1 
Host: cdn.motty.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://irp.cdn-website.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         194.242.11.186
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 12 Nov 2022 06:41:10 GMT
vary: Accept-Encoding
server: BunnyCDN-NO-830
cdn-pullzone: 46157
cdn-uid: 395a56fd-014e-4f58-9b1f-340626af5f6d
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
content-md5: Nwnuokb0jFePEOOCFp9YDg==
last-modified: Fri, 18 Jun 2021 13:09:13 GMT
x-ms-request-id: 3edd049e-f01e-0021-804e-f3b9a1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/08/2022 08:45:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bc6fcd9e4bf2f31fda231fe711a54673
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /api/v2/client/sites/2893907/visit-data?sv=6 HTTP/1.1 
Host: in.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 131
Origin: https://www.motty.no
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.171.136.239
HTTP/2 200 OK
content-type: application/json
                                        
date: Sat, 12 Nov 2022 06:41:11 GMT
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sp-2.0.0-dm-0.1.min.js HTTP/1.1 
Host: d32hwlnfiv2gyn.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.245.70
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 09 Nov 2022 01:34:32 GMT
x-amz-replication-status: FAILED
last-modified: Sun, 20 Mar 2022 08:45:42 GMT
etag: W/"81ff203c31c9a3e5c15c5a790eebb460"
cache-control: max-age=6048000
x-amz-version-id: IZwYrapPL5STtMyaSYUvOnEvHgmJogqU
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r2Vj_Of-smXIAwLvymgn5bKiRuMpW0u1JgDeSzZ1C1XK3AGTaC828Q==
age: 277598
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /WIDGET_CSS/production_2981/4124ff7778e87985af54eb7dc3e9b0f9.css HTTP/1.1 
Host: irp.cdn-website.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.25
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 10 Nov 2022 14:09:58 GMT
last-modified: Thu, 10 Nov 2022 14:02:40 GMT
etag: W/"8e172e4270b0f359719ac45996f779f7"
cache-control: max-age=31536000
x-amz-version-id: i_6KrzIh_AFArywlwD8XOqfS_RHAjnVV
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xqlE9VLYryBD50U4jshemrnJfcNsIH7tsWZPEeH5JwMeQsurQgwsow==
age: 145872
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /2d20583b/dms3rep/multi/motty.svg HTTP/1.1 
Host: irp.cdn-website.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.25
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 07 Nov 2022 15:49:55 GMT
last-modified: Tue, 08 Jun 2021 12:35:12 GMT
etag: W/"a488895fc681c13f6e704d4e7890bf77"
cache-control: max-age=31536000
x-amz-version-id: .bHK_l77X4SOLeE0Grm0Fo.vAqO8tdoV
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: dIDX9UkRtUhDsXt3Hwjf6657L1NPO_p6vSsQw7EAFuYsn-Zl554OBg==
age: 399075
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /2d20583b/files/2d20583b_1.min.css?v=879 HTTP/1.1 
Host: irp.cdn-website.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.25
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 09 Nov 2022 03:37:50 GMT
last-modified: Tue, 01 Nov 2022 09:24:04 GMT
etag: W/"3fc7bdb1abe268025b7c80d159406111"
cache-control: max-age=31536000
x-amz-version-id: 4i.Ok5iClJcBNYA28GG9Hzb0C9DnQy55
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5yZ2UoZLcrqYQvdLzZPnFj6YqWUIIfByH8pyHqZGRzP8nYPP4Yfm-w==
age: 270200
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/hotjar-2893907.js?sv=6 HTTP/1.1 
Host: static.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.113
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Sat, 12 Nov 2022 06:41:10 GMT
cache-control: max-age=60
etag: W/a9bc2e75a5763d70dddaaed607489bcd
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DFVlGaP-xNPOgC2DaIrM05EmXUVZl1F-wQuQaiel2QJ-RNoMa8ckww==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /application-sliders-widget.css HTTP/1.1 
Host: cdn.motty.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motty.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         194.242.11.186
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 12 Nov 2022 06:41:10 GMT
server: BunnyCDN-NO-830
cdn-pullzone: 46157
cdn-uid: 395a56fd-014e-4f58-9b1f-340626af5f6d
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
content-md5: eJWEAIAeHXzMp7LdfMRRDQ==
last-modified: Mon, 12 Sep 2022 09:03:20 GMT
x-ms-request-id: 6cd07810-301e-004c-384e-f30dea000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/08/2022 08:45:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 68d9d48a00ce22901914d15fad0344ff
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---