Report - ww1.brainblog.to/out/42/phun.org

Report Overview

Submitted URL
ww1.brainblog.to/out/42/phun.org
IP
64.190.63.136
ASN
#47846 SEDO GmbH
Submitted
2023-03-30 05:55:09
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	2.4 kB	6.2 kB	23.33.119.27
xml.sedodna.com	278378	2020-10-22T10:18:03Z	2023-03-31T05:47:19Z	403 B	278 B	173.239.53.32
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.2 kB	54 kB	34.120.237.76
inspxtrc.com	371542	2013-10-11T17:25:46Z	2023-03-31T11:15:22Z	566 B	1.2 kB	52.209.162.59
www.be2.no	unknown	2015-11-03T17:48:49Z	2023-03-30T07:55:00Z	29 kB	974 kB	104.17.167.216
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-31T21:56:16Z	682 B	1.6 kB	192.229.221.95
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	127 B	44.238.132.194
cartining-specute.com	unknown	2021-02-01T00:37:43Z	2023-03-31T10:52:08Z	757 B	675 B	18.197.36.77
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-31T18:29:50Z	357 B	1.9 kB	104.18.21.226
ww1.brainblog.to	unknown	2021-07-21T09:39:32Z	2023-03-30T05:52:20Z	2.6 kB	3.9 kB	64.190.63.136
ishku-wbq.com	unknown	2023-03-24T13:11:22Z	2023-04-01T05:14:55Z	1.6 kB	4.4 kB	3.231.116.86
app2.be2.com	unknown	2017-01-30T09:18:49Z	2023-03-30T07:55:01Z	1.4 kB	2.3 kB	62.245.131.116

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-30 05:55:22	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-03-30 05:55:22	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-03-30 05:55:31	high	35.205.61.67	Client IP	ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/099fb995346f31c749f6e40db0f395e3.js	23 kB	2023-03-29	2023-04-01
Pretty URL www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/099fb995346f31c749f6e40db0f395e3.js IP 104.17.167.216 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:53:17 Last Seen2023-04-01 10:59:03 Times Seen3 Hash 17a051218f87a2525f91db9ba7f5e377 c8a8b28c8be1db2f41970a9dcbdf9e348ba000ec f2e772b53ffd00b9ae472166be1e266a64935a4ddf28d82e571642b2a2474735 Loading...

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.js	186 kB	2023-03-29	2023-04-11
Pretty URL www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.js IP 104.17.167.216 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:53:17 Last Seen2023-04-11 10:30:59 Times Seen13 Hash d51458fc72d84084dd71f7a623087b36 448a2d2d83c866965729d63c6900207a991111aa ee028a9788aae7427f983ddbda145cd7580447ef798e8cc8fc564d724f5d7590 Loading...

	http:blank	728 B	2023-04-01	2023-04-01
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:37:34 Last Seen2023-04-01 10:37:34 Times Seen1 Hash ac0f2b362a59e1f179d926f7e1cedbf5 9256e94534d93ccb2add8df06412837a67cd1612 3863c396c6fd01a459f92ad2a5654f8fc0a1931293291df7e3e7f6444da8960a Loading...

	www.be2.no/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680148800	30 kB	2023-04-01	2023-04-01
Pretty URL www.be2.no/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680148800 IP 104.17.167.216 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:37:34 Last Seen2023-04-01 10:37:34 Times Seen1 Hash 8d03fa25844e1b78707f3ad74d566db0 d9761fbfbf16af21ffce80f79cfd09e927b305e8 ab43df050eddcb1753ce9d3487494218c48069673c46f20690409a3681d3c381 Loading...

	ww1.brainblog.to/out/42/phun.org	1.1 kB	2023-04-01	2023-04-01
Pretty URL ww1.brainblog.to/out/42/phun.org IP 64.190.63.136 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:37:34 Last Seen2023-04-01 10:37:34 Times Seen1 Hash e99f483a534264a276fbbcf8ffaea6dd 5b0308290bcc2b0153bfc5a0d626068a5b215794 8d567b1f654291c4026934b8c0cbc9101a385d39556d5844efa044c4414565c5 Loading...

	ishku-wbq.com/zcvisitor/66e962c8-cebf-11ed-9c4a-0afd598532ff/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=8288c760-3012-11ed-8859-0a918cbcbb97	849 B	2023-04-01	2023-04-01
Pretty URL ishku-wbq.com/zcvisitor/66e962c8-cebf-11ed-9c4a-0afd598532ff/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=8288c760-3012-11ed-8859-0a918cbcbb97 IP 3.231.116.86 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:37:34 Last Seen2023-04-01 10:37:34 Times Seen1 Hash 84fce0737ce21a768c818c1c74823cba 542eed62def5ae757d8e6dee5a246dd0e3e98a78 16d327d4c9de7495649f8cb205e1770de052e26fc2b67d28d9287e84cfe50327 Loading...

	ishku-wbq.com/zcredirect?visitid=66e962c8-cebf-11ed-9c4a-0afd598532ff&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	344 B	2023-04-01	2023-04-01
Pretty URL ishku-wbq.com/zcredirect?visitid=66e962c8-cebf-11ed-9c4a-0afd598532ff&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false IP 3.231.116.86 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:37:34 Last Seen2023-04-01 10:37:34 Times Seen1 Hash 7317de8e7bf46975c586713ea80df1a2 016d25d0520023d42ddbbcfe2ba52b432ef9ad8e 8b5c7d30cd2d2789493d1149f911629f08b9c89f0ce019ac9664860dc2305943 Loading...

	www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713	1.6 kB	2023-04-01	2023-04-01
Pretty URL www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:37:34 Last Seen2023-04-01 10:37:34 Times Seen1 Hash 18b04730a7db8392845779c43214d861 88356ffbc0f917271f039e78e41deccb84844508 77429c72b01f897a91551595bf43d344f3b2d1e7cca80303417f553c391ed77f Loading...

HTTP Transactions (71)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash cca063332ba9a89eadd62a8dd7f81a9b d473b2a7a32c964599ff3bac8f98fa578f03d1d1 02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC" Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7121 Expires: Thu, 30 Mar 2023 07:53:38 GMT Date: Thu, 30 Mar 2023 05:54:57 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7af19a5145a4ee99bdf18831bad04bfd 7bdd2a4785b999ef54a2644211d2b2b7190fb8e1 3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0" Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7819 Expires: Thu, 30 Mar 2023 08:05:16 GMT Date: Thu, 30 Mar 2023 05:54:57 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash ed282214b024a7895d90e229e92bb1cc 1f447aa59287ce2b45860a1a909d005a41305f77 a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Backoff, Content-Type, Alert, Retry-After, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 30 Mar 2023 05:28:15 GMT content-type: application/json age: 1602 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c0d9353dc46e88bf564ed464b0b073c7 0b5ce170e7db24267a3ba5b79a48548b1acd2e5b 7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B" Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5800 Expires: Thu, 30 Mar 2023 07:31:37 GMT Date: Thu, 30 Mar 2023 05:54:57 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: 41MLIfofoqLh4IEDV4nOAkb2dCqbQr0LBU5z6ijzU5u+uusYsBUVUwaKmcDdwVYRXYXuCyrzX9M= x-amz-request-id: 7FSVQ9CSRKGACFA4 x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 30 Mar 2023 05:02:48 GMT age: 3129 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Thu, 30 Mar 2023 05:54:58 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: ETag, Pragma, Backoff, Expires, Last-Modified, Content-Type, Alert, Retry-After, Cache-Control, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 30 Mar 2023 05:17:26 GMT age: 2252 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 782ca4845ea5e0ec981e33231b1e61cb 032116b75e124c57877524e9e4f523b6d7c65820 94d007862fc7a4cd67f582ff22f2339619177435559c1dd5075a08c7240f3520 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "94D007862FC7A4CD67F582FF22F2339619177435559C1DD5075A08C7240F3520" Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5384 Expires: Thu, 30 Mar 2023 07:24:42 GMT Date: Thu, 30 Mar 2023 05:54:58 GMT Connection: keep-alive`

	ww1.brainblog.to/out/42/phun.org	64.190.63.136	200 OK	1.4 kB
URL HTTP/1.1 ww1.brainblog.to/out/42/phun.org IP 64.190.63.136:0 ASN #47846 SEDO GmbH File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (690) Size 1.4 kB (1351 bytes) Hash b29eb2b2e88e3410a537c50cb64bbfec 65497f151a5fb0123b86eb6bc41fd699aec5ece0 7455f21f052c566d0a771c80155cbe2cbea9dcd4abb879e4bec01c8f44e87182 HTTP Headers `GET /out/42/phun.org HTTP/1.1 Host: ww1.brainblog.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 200 OK date: Thu, 30 Mar 2023 05:54:58 GMT content-type: text/html; charset=UTF-8 transfer-encoding: chunked vary: Accept-Encoding x-powered-by: PHP/8.1.9 expires: Mon, 26 Jul 1997 05:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_E8iUielYZdrR4V2OAke9ms8HBm4jkzJNkJYsOns9GLpLH1M3/HIEfVrkZCOyQfziWJ3gTxoYp9bPDVXoi7m7ww== last-modified: Thu, 30 Mar 2023 05:54:57 GMT x-cache-miss-from: parking-5c9f5b7fbd-2whw4 server: NginX content-encoding: gzip

	ww1.brainblog.to/search/tsc.php?200=Mzg1ODM3NDE5&21=OTEuOTAuNDIuMTU0&681=MTY4MDE1NTY5ODgwMTk2NGM5MzU4N2FiYjUwMmMwMDgyMzBmM2E3NTU4&crc=1a1d360e1159713c326790b818358851567d0d73&cv=1	64.190.63.136	200 OK	0 B
URL HTTP/1.1 ww1.brainblog.to/search/tsc.php?200=Mzg1ODM3NDE5&21=OTEuOTAuNDIuMTU0&681=MTY4MDE1NTY5ODgwMTk2NGM5MzU4N2FiYjUwMmMwMDgyMzBmM2E3NTU4&crc=1a1d360e1159713c326790b818358851567d0d73&cv=1 IP 64.190.63.136:0 ASN #47846 SEDO GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /search/tsc.php?200=Mzg1ODM3NDE5&21=OTEuOTAuNDIuMTU0&681=MTY4MDE1NTY5ODgwMTk2NGM5MzU4N2FiYjUwMmMwMDgyMzBmM2E3NTU4&crc=1a1d360e1159713c326790b818358851567d0d73&cv=1 HTTP/1.1 Host: ww1.brainblog.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww1.brainblog.to/out/42/phun.org` `HTTP/1.1 200 OK date: Thu, 30 Mar 2023 05:54:58 GMT content-type: text/html; charset=UTF-8 content-length: 0 x-powered-by: PHP/8.1.9 x-cache-miss-from: parking-5c9f5b7fbd-rpqq5 server: NginX`

	push.services.mozilla.com/	44.238.132.194	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 44.238.132.194:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: DHWXfD5zIbFFb1cIEHOXrw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: P5SIttA3EmSWnH5uqrjR3kIsP3g=`

	ww1.brainblog.to/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D88n5iQj9EZI_0&v=MzUyMjUxNTBhMTJmMWNiZTY3YjA1YmRhODQ3MDhjNWUJMQl3dzEuYnJhaW5ibG9nLnRvNjQyNTI0MzFiMTkxYjQuNjE0MDkyMjgJd3cxLmJyYWluYmxvZy50bzY0MjUyNDMxYjE5NDQwLjE2Nzc1MDQ1CTE2ODAxNTU2OTgJYWRfNjNfMA==&l=OAk0YmE5ZDk2YTliYjc2YzcyYTEwZDBkNmMxZTk5MTg3NAkwCTM1CTAJZDE1ODQxZDQyM2I5MDY4MDhlZjhjZGQxOGI5OGQzMWQJMzg1ODM3NDE5CWJyYWluYmxvZwkwCTYzCTYJMgkxNjgwMTU1Njk4CTAuMDAwNTYzCU4JMAkwCTAJMTIwNQk5MzY0OTM3Ngk5MS45MC40Mi4xNTQJMA%3D%3D	64.190.63.136	302 Found	0 B
URL HTTP/1.1 ww1.brainblog.to/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D88n5iQj9EZI_0&v=MzUyMjUxNTBhMTJmMWNiZTY3YjA1YmRhODQ3MDhjNWUJMQl3dzEuYnJhaW5ibG9nLnRvNjQyNTI0MzFiMTkxYjQuNjE0MDkyMjgJd3cxLmJyYWluYmxvZy50bzY0MjUyNDMxYjE5NDQwLjE2Nzc1MDQ1CTE2ODAxNTU2OTgJYWRfNjNfMA==&l=OAk0YmE5ZDk2YTliYjc2YzcyYTEwZDBkNmMxZTk5MTg3NAkwCTM1CTAJZDE1ODQxZDQyM2I5MDY4MDhlZjhjZGQxOGI5OGQzMWQJMzg1ODM3NDE5CWJyYWluYmxvZwkwCTYzCTYJMgkxNjgwMTU1Njk4CTAuMDAwNTYzCU4JMAkwCTAJMTIwNQk5MzY0OTM3Ngk5MS45MC40Mi4xNTQJMA%3D%3D IP 64.190.63.136:0 ASN #47846 SEDO GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D88n5iQj9EZI_0&v=MzUyMjUxNTBhMTJmMWNiZTY3YjA1YmRhODQ3MDhjNWUJMQl3dzEuYnJhaW5ibG9nLnRvNjQyNTI0MzFiMTkxYjQuNjE0MDkyMjgJd3cxLmJyYWluYmxvZy50bzY0MjUyNDMxYjE5NDQwLjE2Nzc1MDQ1CTE2ODAxNTU2OTgJYWRfNjNfMA==&l=OAk0YmE5ZDk2YTliYjc2YzcyYTEwZDBkNmMxZTk5MTg3NAkwCTM1CTAJZDE1ODQxZDQyM2I5MDY4MDhlZjhjZGQxOGI5OGQzMWQJMzg1ODM3NDE5CWJyYWluYmxvZwkwCTYzCTYJMgkxNjgwMTU1Njk4CTAuMDAwNTYzCU4JMAkwCTAJMTIwNQk5MzY0OTM3Ngk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1 Host: ww1.brainblog.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww1.brainblog.to/out/42/phun.org Upgrade-Insecure-Requests: 1 HTTP/1.1 302 Found date: Thu, 30 Mar 2023 05:54:58 GMT content-type: text/html; charset=UTF-8 content-length: 0 x-powered-by: PHP/8.1.9 expires: Mon, 26 Jul 1997 05:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache last-modified: Thu, 30 Mar 2023 05:54:58 GMT location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D88n5iQj9EZI_0&v=MzUyMjUxNTBhMTJmMWNiZTY3YjA1YmRhODQ3MDhjNWUJMQl3dzEuYnJhaW5ibG9nLnRvNjQyNTI0MzFiMTkxYjQuNjE0MDkyMjgJd3cxLmJyYWluYmxvZy50bzY0MjUyNDMxYjE5NDQwLjE2Nzc1MDQ1CTE2ODAxNTU2OTgJYWRfNjNfMA==&l=OAk0YmE5ZDk2YTliYjc2YzcyYTEwZDBkNmMxZTk5MTg3NAkwCTM1CTAJZDE1ODQxZDQyM2I5MDY4MDhlZjhjZGQxOGI5OGQzMWQJMzg1ODM3NDE5CWJyYWluYmxvZwkwCTYzCTYJMgkxNjgwMTU1Njk4CTAuMDAwNTYzCU4JMAkwCTAJMTIwNQk5MzY0OTM3Ngk5MS45MC40Mi4xNTQJMA%3D%3D x-cache-miss-from: parking-5c9f5b7fbd-pf257 server: NginX

	ww1.brainblog.to/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D88n5iQj9EZI_0&v=MzUyMjUxNTBhMTJmMWNiZTY3YjA1YmRhODQ3MDhjNWUJMQl3dzEuYnJhaW5ibG9nLnRvNjQyNTI0MzFiMTkxYjQuNjE0MDkyMjgJd3cxLmJyYWluYmxvZy50bzY0MjUyNDMxYjE5NDQwLjE2Nzc1MDQ1CTE2ODAxNTU2OTgJYWRfNjNfMA==&l=OAk0YmE5ZDk2YTliYjc2YzcyYTEwZDBkNmMxZTk5MTg3NAkwCTM1CTAJZDE1ODQxZDQyM2I5MDY4MDhlZjhjZGQxOGI5OGQzMWQJMzg1ODM3NDE5CWJyYWluYmxvZwkwCTYzCTYJMgkxNjgwMTU1Njk4CTAuMDAwNTYzCU4JMAkwCTAJMTIwNQk5MzY0OTM3Ngk5MS45MC40Mi4xNTQJMA%3D%3D	64.190.63.136	302 Found	311 B
URL HTTP/1.1 ww1.brainblog.to/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D88n5iQj9EZI_0&v=MzUyMjUxNTBhMTJmMWNiZTY3YjA1YmRhODQ3MDhjNWUJMQl3dzEuYnJhaW5ibG9nLnRvNjQyNTI0MzFiMTkxYjQuNjE0MDkyMjgJd3cxLmJyYWluYmxvZy50bzY0MjUyNDMxYjE5NDQwLjE2Nzc1MDQ1CTE2ODAxNTU2OTgJYWRfNjNfMA==&l=OAk0YmE5ZDk2YTliYjc2YzcyYTEwZDBkNmMxZTk5MTg3NAkwCTM1CTAJZDE1ODQxZDQyM2I5MDY4MDhlZjhjZGQxOGI5OGQzMWQJMzg1ODM3NDE5CWJyYWluYmxvZwkwCTYzCTYJMgkxNjgwMTU1Njk4CTAuMDAwNTYzCU4JMAkwCTAJMTIwNQk5MzY0OTM3Ngk5MS45MC40Mi4xNTQJMA%3D%3D IP 64.190.63.136:0 ASN #47846 SEDO GmbH File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 311 B (311 bytes) Hash 9be8b056408879ad27fc753d1d187d30 fe35727b3f5bc7957adcbc92cde8c2d484e0613c 106b8e3ad9f3d8c147c30a2208b43924f9ee9d5a536478470c5cbc0e26daa47b HTTP Headers GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D88n5iQj9EZI_0&v=MzUyMjUxNTBhMTJmMWNiZTY3YjA1YmRhODQ3MDhjNWUJMQl3dzEuYnJhaW5ibG9nLnRvNjQyNTI0MzFiMTkxYjQuNjE0MDkyMjgJd3cxLmJyYWluYmxvZy50bzY0MjUyNDMxYjE5NDQwLjE2Nzc1MDQ1CTE2ODAxNTU2OTgJYWRfNjNfMA==&l=OAk0YmE5ZDk2YTliYjc2YzcyYTEwZDBkNmMxZTk5MTg3NAkwCTM1CTAJZDE1ODQxZDQyM2I5MDY4MDhlZjhjZGQxOGI5OGQzMWQJMzg1ODM3NDE5CWJyYWluYmxvZwkwCTYzCTYJMgkxNjgwMTU1Njk4CTAuMDAwNTYzCU4JMAkwCTAJMTIwNQk5MzY0OTM3Ngk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1 Host: ww1.brainblog.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ww1.brainblog.to/out/42/phun.org Connection: keep-alive Upgrade-Insecure-Requests: 1 `HTTP/1.1 302 Found date: Thu, 30 Mar 2023 05:54:59 GMT content-type: text/html; charset=UTF-8 transfer-encoding: chunked x-powered-by: PHP/8.1.9 expires: Mon, 26 Jul 1997 05:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache last-modified: Thu, 30 Mar 2023 05:54:59 GMT location: http://xml.sedodna.com/click?i=88n5iQj9EZI_0 x-cache-miss-from: parking-5c9f5b7fbd-2whw4 server: NginX`

	xml.sedodna.com/click?i=88n5iQj9EZI_0	173.239.53.32	302 Found	0 B
URL HTTP/1.1 xml.sedodna.com/click?i=88n5iQj9EZI_0 IP 173.239.53.32:0 ASN #27257 WEBAIR-INTERNET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /click?i=88n5iQj9EZI_0 HTTP/1.1 Host: xml.sedodna.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ww1.brainblog.to/ Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 302 Found Cache-Control: no-store Content-Length: 0 Age: 0 Connection: keep-alive Location: http://ishku-wbq.com/zcvisitor/66e962c8-cebf-11ed-9c4a-0afd598532ff/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=8288c760-3012-11ed-8859-0a918cbcbb97 Pragma: no-cache`

	ishku-wbq.com/zcvisitor/66e962c8-cebf-11ed-9c4a-0afd598532ff/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=8288c760-3012-11ed-8859-0a918cbcbb97	3.231.116.86	200	1.1 kB
URL HTTP/1.1 ishku-wbq.com/zcvisitor/66e962c8-cebf-11ed-9c4a-0afd598532ff/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=8288c760-3012-11ed-8859-0a918cbcbb97 IP 3.231.116.86:0 ASN #14618 AMAZON-AES File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 1.1 kB (1098 bytes) Hash 6d861643160f7391b6b1367923b4be3a 66d6015e0070f806c6931ee0c552893764d450dd fa3312e686b8dd042abdc1037d8c3f36a591bbb1dc57e520469ad57feb592ec3 HTTP Headers GET /zcvisitor/66e962c8-cebf-11ed-9c4a-0afd598532ff/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=8288c760-3012-11ed-8859-0a918cbcbb97 HTTP/1.1 Host: ishku-wbq.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ww1.brainblog.to/ Connection: keep-alive Upgrade-Insecure-Requests: 1 HTTP/1.1 200 Date: Thu, 30 Mar 2023 05:54:59 GMT Content-Type: text/html;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag Server: OdzWGBtB

	ishku-wbq.com/zcredirect?visitid=66e962c8-cebf-11ed-9c4a-0afd598532ff&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	3.231.116.86	200	818 B
URL HTTP/1.1 ishku-wbq.com/zcredirect?visitid=66e962c8-cebf-11ed-9c4a-0afd598532ff&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false IP 3.231.116.86:0 ASN #14618 AMAZON-AES File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (366) Size 818 B (818 bytes) Hash f2bf1a4d5d36aea9f9f3ec8652dad147 b40a4cfb7c035a259e32fb7bd83dcb43eb6eb705 5e9711601dc61dc48041deae8c198d16ff77fecd49a2085a9ce9a2e45a1eb71e HTTP Headers GET /zcredirect?visitid=66e962c8-cebf-11ed-9c4a-0afd598532ff&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 Host: ishku-wbq.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ishku-wbq.com/zcvisitor/66e962c8-cebf-11ed-9c4a-0afd598532ff/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=8288c760-3012-11ed-8859-0a918cbcbb97 Upgrade-Insecure-Requests: 1 HTTP/1.1 200 Date: Thu, 30 Mar 2023 05:54:59 GMT Content-Type: text/html;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag redirected: JS Server: HVDPggUN

	ishku-wbq.com/favicon.ico	3.231.116.86	404	653 B
URL HTTP/1.1 ishku-wbq.com/favicon.ico IP 3.231.116.86:0 ASN #14618 AMAZON-AES File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators Size 653 B (653 bytes) Hash ba2732b1b2fa2626ffaa15f62f9e7d66 203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: ishku-wbq.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ishku-wbq.com/zcredirect?visitid=66e962c8-cebf-11ed-9c4a-0afd598532ff&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false` `HTTP/1.1 404 Date: Thu, 30 Mar 2023 05:55:00 GMT Content-Type: text/html;charset=utf-8 Content-Length: 653 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Content-Language: en Server: HicyXcel`

	cartining-specute.com/zp-redirect?target=https%3A%2F%2Finspxtrc.com%2F%3Fa%3D12209%26c%3D329%26s2%3Dwgcrddqrddqbp5ln2eoata2q%26s3%3D719fbd40-273d-47b8-882f-683d1074b172wgcrddqrddqbp5ln2eoata2q&caid=cc752409-3c73-4f31-b53a-7e7924313d49&zpid=66e962c8-cebf-11ed-9c4a-0afd598532ff&cid=wgcrddqrddqbp5ln2eoata2q&rt=R	18.197.36.77	302 Found	0 B
URL HTTP/2 cartining-specute.com/zp-redirect?target=https%3A%2F%2Finspxtrc.com%2F%3Fa%3D12209%26c%3D329%26s2%3Dwgcrddqrddqbp5ln2eoata2q%26s3%3D719fbd40-273d-47b8-882f-683d1074b172wgcrddqrddqbp5ln2eoata2q&caid=cc752409-3c73-4f31-b53a-7e7924313d49&zpid=66e962c8-cebf-11ed-9c4a-0afd598532ff&cid=wgcrddqrddqbp5ln2eoata2q&rt=R IP 18.197.36.77:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /zp-redirect?target=https%3A%2F%2Finspxtrc.com%2F%3Fa%3D12209%26c%3D329%26s2%3Dwgcrddqrddqbp5ln2eoata2q%26s3%3D719fbd40-273d-47b8-882f-683d1074b172wgcrddqrddqbp5ln2eoata2q&caid=cc752409-3c73-4f31-b53a-7e7924313d49&zpid=66e962c8-cebf-11ed-9c4a-0afd598532ff&cid=wgcrddqrddqbp5ln2eoata2q&rt=R HTTP/1.1 Host: cartining-specute.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ishku-wbq.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 302 Found server: nginx date: Thu, 30 Mar 2023 05:55:00 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://inspxtrc.com/?a=12209&c=329&s2=wgcrddqrddqbp5ln2eoata2q&s3=719fbd40-273d-47b8-882f-683d1074b172wgcrddqrddqbp5ln2eoata2q pragma: no-cache set-cookie: cc-v4=NO0XJdWy%2BW41iwovATgEcoXOX4AbkQpwHWqeIZbg8lswoaJDQ1KlZNujZUnCjGX8nvyLCrCwpDdlGQOjo59%2BrTqdq8Z1Z8qYt6AkPnPPky0HdzPJ56Gtbmt1FDs5fZXNgkJU7Kp80ftsJo5eHbSKow%3D%3D; Max-Age=31536000; Expires=Fri, 29-Mar-2024 05:54:59 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15074 Expires: Thu, 30 Mar 2023 10:06:14 GMT Date: Thu, 30 Mar 2023 05:55:00 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15074 Expires: Thu, 30 Mar 2023 10:06:14 GMT Date: Thu, 30 Mar 2023 05:55:00 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15074 Expires: Thu, 30 Mar 2023 10:06:14 GMT Date: Thu, 30 Mar 2023 05:55:00 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4239dcf-d6d6-4801-9d16-74b0d7e5d075.jpeg	34.120.237.76	200 OK	9.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4239dcf-d6d6-4801-9d16-74b0d7e5d075.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.1 kB (9083 bytes) Hash be355ca6d4b70b5457e2fc2317981a07 4d01d9eb4d5723683e0828ce06c6e99a9bf1423b b961abfcead09f78f25117acb48464829e45c5bafa0f0e6244e2520ffbdb62cb HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4239dcf-d6d6-4801-9d16-74b0d7e5d075.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9083 x-amzn-requestid: 0c03f8b3-4d84-439f-8ce6-3560337d0d6a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CewbkHQdIAMF0Qw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64229449-14cb7d6e0ddf3f144c976adb;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 07:16:25 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: hFcWuixAD9dwELiBEDc7NKXedp58QRMww79YZ5leAze53_Q2R355mA== via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 07:24:09 GMT age: 81051 etag: "4d01d9eb4d5723683e0828ce06c6e99a9bf1423b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3697d60-af19-4bfb-9d00-0a88b42c7092.jpeg	34.120.237.76	200 OK	9.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3697d60-af19-4bfb-9d00-0a88b42c7092.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.0 kB (9030 bytes) Hash 6119f1997cb5d1f4e61ddeeedae7a35f 13e9881bc79a5c361211430b0ba20eab32b3dbef f38d53a870575f53855e00b6cb5422ffbf7a2210ccff25fc837c6a71b0d528b9 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3697d60-af19-4bfb-9d00-0a88b42c7092.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9030 x-amzn-requestid: 5e98c214-3229-484f-911f-ca61e9a6ada3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Cew9OHDgoAMFqxg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64229521-0014bec92bd97c080a5015fd;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 07:20:01 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: KyDtHPauSXMWZnN828RBBrS4ZhxpaZbeFxKoRsVJW0ellUKscPCh3A== via: 1.1 5502255f9557c1e2c098b94110b6151c.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 07:27:06 GMT age: 80874 etag: "13e9881bc79a5c361211430b0ba20eab32b3dbef" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F880692f5-03f5-4540-ad20-5c8bd8336833.jpeg	34.120.237.76	200 OK	8.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F880692f5-03f5-4540-ad20-5c8bd8336833.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.6 kB (8560 bytes) Hash c3261e7e3ac917fa959fcf8648c3ab98 bb4ef5a29187d75c97ef3f7a5672ccb009791561 4070b831a379ae1ed187a03b479460842cb2ece90d77c30fc6fc4517bc76f3b5 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F880692f5-03f5-4540-ad20-5c8bd8336833.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8560 x-amzn-requestid: 5f1fbb58-48aa-430f-a132-0e7057e159c1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CewdRFeIoAMF-uQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64229454-40f85a155c9e623374d21bb8;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 07:16:36 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: nyhw0gOUkvg7zzOBejYRXvDhs-rf8IRF9xFxeMWZYCX_iNq_JA8d4A== via: 1.1 f3802d173009698413044360f84de06c.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 08:04:24 GMT age: 78636 etag: "bb4ef5a29187d75c97ef3f7a5672ccb009791561" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e895093-f168-421f-8ab3-fd696a67308d.jpeg	34.120.237.76	200 OK	9.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e895093-f168-421f-8ab3-fd696a67308d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.0 kB (8974 bytes) Hash 5c4c01f0ebb94ca05a68ff8a807d5fd1 e494830fd0e66b40a61ff466135b65435daf45a0 06ca371b189d542a428a701e5bab7a777744b72d2f7d679b8a6629c8316e117a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e895093-f168-421f-8ab3-fd696a67308d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8974 x-amzn-requestid: f035a7c6-0b2b-4079-aacc-05438c608b03 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkAynH1roAMFQcw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424ae76-47ed2f4526d1533675503a46;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:38 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: oLd9HX8QvvqjK1DZFKRbFZ03JThmG2aI13QJ4VQBENWBOFLNUog7xw== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 21:54:54 GMT age: 28806 etag: "e494830fd0e66b40a61ff466135b65435daf45a0" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg	34.120.237.76	200 OK	4.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.5 kB (4549 bytes) Hash 2021c271f9290204bd14cd2a3a1680fc 39b68cbcaba381d63dc67bc289fb67c849adb9ff a84c5dd1e52d7cd535e04cb455891a1442000eb0e4381031c976b4cf3be96f2f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4549 x-amzn-requestid: 70e07309-5fc5-4307-b455-29a187eae0d6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkBoBHFFoAMFx5Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424afcc-298f18fd0cf0b37465a74c13;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:20 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: 0bqn9l0Lqaavg48Uv9xRI7-zbdu1OfBuxITVjbhnIhmT79W_dzC72g== via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 21:41:40 GMT age: 29600 etag: "39b68cbcaba381d63dc67bc289fb67c849adb9ff" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758b58b-ff2a-473e-8cfd-34364d9c0309.webp	34.120.237.76	200 OK	7.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758b58b-ff2a-473e-8cfd-34364d9c0309.webp IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.4 kB (7377 bytes) Hash 25d5cc0ad63b812b700df54509f24838 580d2b5972de021332b7b3aeb66f0422b65cf3a3 6f75fdbc2b3885c313e6155dfc78479a12989341b71b8be9315755567b6b57ed HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758b58b-ff2a-473e-8cfd-34364d9c0309.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7377 x-amzn-requestid: 4473029d-2422-4a34-b459-4827015c363d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkA6JHnjIAMF-5A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424aea7-4ca5ea2b6548696d68058f8f;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:27 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: V16ZHSpY94H2wmuk5f30YZGRADyen0RgntlHvmFpXwqTWWosCka6WA== via: 1.1 5502255f9557c1e2c098b94110b6151c.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 21:52:13 GMT age: 28967 etag: "580d2b5972de021332b7b3aeb66f0422b65cf3a3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp2.globalsign.com/gsalphasha2g2	104.18.21.226	200 OK	1.4 kB
URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.4 kB (1423 bytes) Hash 9ea0f24acc2dec257d34492e6f78e546 6030fddf7209bd1405a62af0108a4da93bf94e6f 581390e84b13e12f9f3942dac99e4b78b09a0ebe202ae7a4900578e6128d95f9 HTTP Headers `POST /gsalphasha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Thu, 30 Mar 2023 05:55:00 GMT Content-Type: application/ocsp-response Content-Length: 1423 Connection: keep-alive Expires: Mon, 03 Apr 2023 04:06:50 GMT ETag: "6030fddf7209bd1405a62af0108a4da93bf94e6f" Last-Modified: Thu, 30 Mar 2023 04:06:51 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7afe19e6cc1c1c12-OSL`

	inspxtrc.com/?a=12209&c=329&s2=wgcrddqrddqbp5ln2eoata2q&s3=719fbd40-273d-47b8-882f-683d1074b172wgcrddqrddqbp5ln2eoata2q	52.209.162.59	302 Found	312 B
URL HTTP/1.1 inspxtrc.com/?a=12209&c=329&s2=wgcrddqrddqbp5ln2eoata2q&s3=719fbd40-273d-47b8-882f-683d1074b172wgcrddqrddqbp5ln2eoata2q IP 52.209.162.59:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 312 B (312 bytes) Hash 4b359bdf0d4e73e22956218b0d1c009d 460932604e0b761c2d2b314bcb92ee033db680f3 5665eda1ff32d0ef0cd421b99fe540d8721dfe4b3294604aaa4e9d26e6d7b8af HTTP Headers GET /?a=12209&c=329&s2=wgcrddqrddqbp5ln2eoata2q&s3=719fbd40-273d-47b8-882f-683d1074b172wgcrddqrddqbp5ln2eoata2q HTTP/1.1 Host: inspxtrc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://ishku-wbq.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/1.1 302 Found Cache-Control: private Content-Length: 312 Content-Type: text/html; charset=utf-8 Date: Thu, 30 Mar 2023 05:55:00 GMT Location: https://www.be2.no/dlpm/pinboard-couples-aff.html?partnerid=NO12iCL&linkid=12209__wgcrddqrddqbp5ln2eoata2q&accid=12209&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie: sid=JOPEa7OcQiqrIK2hJh9ty0OVrcCJnVsrfUKeQ1Py0vzRexfjUghJ3Q==; domain=.inspxtrc.com; path=/; SameSite=None; secure; HttpOnly trk=QRIg8wy/I6VIlTSegGi1z0OVrcCJnVsrfUKeQ1Py0vzRexfjUghJ3Q==; domain=.inspxtrc.com; expires=Sun, 30-Mar-2025 05:55:00 GMT; path=/; SameSite=None; secure; HttpOnly c1261=JOPEa7OcQir0TmzDwj8zflTD3N2MgtwuBGtUFAqyPTsju18+aFrywQ==; domain=.inspxtrc.com; expires=Sat, 29-Apr-2023 05:55:00 GMT; path=/; SameSite=None; secure; HttpOnly Connection: close

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_default.png	104.17.167.216	200 OK	70 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_default.png IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type PNG image data, 306 x 525, 8-bit colormap, non-interlaced\012- data Size 70 kB (69643 bytes) Hash 788c80d9dc43eed9685368130a645b29 588fcf6a967505f3b08fdebb3966a597fd6f8221 bf603c5d6a572b594b0d6a57c02c57276337f929954e16286ecd3b571e169ac2 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_default.png HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/png content-length: 69643 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ec9afd0b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/warning-symbol.png	104.17.167.216	200 OK	673 B
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/warning-symbol.png IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type PNG image data, 60 x 48, 8-bit/color RGBA, non-interlaced\012- data Size 673 B (673 bytes) Hash 9c2d8dc29bae57291c29c45f411930cc 73ff70bc79cff2e4a1d19cc52124632ed20ca948 ec1c5ab997ef021ea898e6dae7a23b33910de2d0d61daa884087972a2761926e HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/warning-symbol.png HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/png content-length: 673 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ec9afc0b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_asia.png	104.17.167.216	200 OK	60 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_asia.png IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type PNG image data, 306 x 526, 8-bit colormap, non-interlaced\012- data Size 60 kB (60396 bytes) Hash 1b46b1313b062d322124707477263b7a ae4983426823b0a7815a20014283cef592266485 002158c904e5c7820dbdf793164f411b00259615707b5bef0738163974639bd4 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_asia.png HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/png content-length: 60396 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ec9afe0b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_in.png	104.17.167.216	200 OK	64 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_in.png IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type PNG image data, 306 x 526, 8-bit colormap, non-interlaced\012- data Size 64 kB (64204 bytes) Hash b59443159aa3d4033224b40f934951e1 cdf33a3d214c8b38c808019cfe04e4a3e5e92113 92b7016bda1b9b769002c19ac58f1f065ebe7cfeab51b0f23fad59097cbf643b HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_in.png HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/png content-length: 64204 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ec9b070b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_es.png	104.17.167.216	200 OK	66 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_es.png IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type PNG image data, 306 x 526, 8-bit colormap, non-interlaced\012- data Size 66 kB (65606 bytes) Hash 84fa0a29c73c219d5229774094eeb26e b796cf69fa32d68d22d3f157531e6dd578cf4e20 a8a619ec7ae29af548f0b65c8acb37b0bbb2653b8dac368e19e3b19e3a2c3720 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_es.png HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/png content-length: 65606 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ec9aff0b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_latam.png	104.17.167.216	200 OK	65 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_latam.png IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type PNG image data, 306 x 526, 8-bit colormap, non-interlaced\012- data Size 65 kB (64649 bytes) Hash b5d5eebbf3f2f15e4803afad77a268dc f852834f2968ec7656ab6cc05e78d36838e46a97 1f2590ad91541f7b87be7f3cdc96b94aaecde6f31a8edbeaafaebf4751d67399 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_latam.png HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/png content-length: 64649 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ec9b090b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_hu.png	104.17.167.216	200 OK	65 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_hu.png IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type PNG image data, 306 x 526, 8-bit colormap, non-interlaced\012- data Size 65 kB (65121 bytes) Hash afab7b99e1e9f36ba6cf8d05c3849ff8 125aca2c84d4ac298d4b58834db43983b957160a 88593bcb32f0b53b0c273bc9ff1e13b98b9e16747f2dcd19f562d3a6f6aa887f HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/video-chat-preview_hu.png HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/png content-length: 65121 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ec9b000b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/bg-image-dsktp.jpg	104.17.167.216	200 OK	140 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/bg-image-dsktp.jpg IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1107, components 3\012- data Size 140 kB (140052 bytes) Hash 00ab3f5273c4a7d58505f6f951592702 996d1b312ff29f375fd8a3a3923c8d8d76ddb09d bad9d0886ee4a4e704dadc9b11c3542d6bde36dd5f320c5f3379ad8a1950ba71 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/bg-image-dsktp.jpg HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/jpeg content-length: 140052 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 1089 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ecbb200b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/badgesecure_83x73_no_2x.png	104.17.167.216	200 OK	5.6 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/badgesecure_83x73_no_2x.png IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type PNG image data, 166 x 146, 8-bit colormap, non-interlaced\012- data Size 5.6 kB (5553 bytes) Hash 82297bd45be168a906260ae8c9509865 9ba906cfd8cf030458bdf34d4df1e9178795e0aa db9ce319f068351035aeb0f253e3c035f07e8c3c3b618a53a5d0f7712830f5a1 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/badgesecure_83x73_no_2x.png HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/png content-length: 5553 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ecbb270b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/advantages-tick.png	104.17.167.216	200 OK	860 B
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/advantages-tick.png IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type PNG image data, 75 x 66, 8-bit/color RGBA, non-interlaced\012- data Size 860 B (860 bytes) Hash 7683b5d2ef1e93d65a1d07eccbeef326 7341aadcf627f0c4e52436802f9e6d6b46e08824 4c14dfde23d9aaa5b5fae2d06f93eb72ec43006329bd6fa1a85b7bbd25d05b12 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/advantages-tick.png HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/png content-length: 860 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19eccb2a0b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/google_play_badge_no.png	104.17.167.216	200 OK	6.2 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/google_play_badge_no.png IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type PNG image data, 564 x 168, 8-bit colormap, non-interlaced\012- data Size 6.2 kB (6178 bytes) Hash 79c0f1dfc78a431e6e21f3b1aac244eb 12ac4bcd788dfdc15e843215fe1c38309a6c7e77 298d1dea51fa5c3466089b1273d197c2c98ebffc0940fb6982c7f08a9d3ba2b8 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/google_play_badge_no.png HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/png content-length: 6178 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19eccb2c0b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/background.png	104.17.167.216	200 OK	34 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/background.png IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type PNG image data, 580 x 100, 8-bit gray+alpha, non-interlaced\012- data Size 34 kB (34375 bytes) Hash 908d3735254cf9981af6076358241e01 471ccdf7892052f91c6c0884c216abe20091e685 b7bd850eeb029f3fe34c9b5d9730f76cf63a828ee28b7f004dca8f4dc79a36cd HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/background.png HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/png content-length: 34375 cf-bgj: imgq:100,h2pri cf-polished: origSize=47620 last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19eccb330b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/099fb995346f31c749f6e40db0f395e3.js	104.17.167.216	200 OK	9.8 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/099fb995346f31c749f6e40db0f395e3.js IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type Unicode text, UTF-8 text, with very long lines (23266), with no line terminators Size 9.8 kB (9846 bytes) Hash eda5a80cd0d58ac40ca105e5d1d86ca2 14d47993ab9ca297e16ae9c73b7e58b3445d0dd0 5878c6e8b42d9aeb75789f18a4d684ebe5f7861afb180b219daff8337fac0c47 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/099fb995346f31c749f6e40db0f395e3.js HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: application/javascript cf-bgj: minify last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains vary: Accept-Encoding x-content-type-options: nosniff cf-cache-status: HIT age: 537 server: cloudflare cf-ray: 7afe19ec8af70b61-OSL content-encoding: br X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/appstore_badge_no_135x40.svg	104.17.167.216	200 OK	44 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/appstore_badge_no_135x40.svg IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7919), with no line terminators Size 44 kB (43701 bytes) Hash 85d3c528c1ed5049f79b6f58a8069d9d eed02177aad3ec1f9715a7a15af6e9e93b056d4c 0b2536f437f7d82b49fb242d5aa9d66068f573b4f2a4d9e4cc352d0712d194bf HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/appstore_badge_no_135x40.svg HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/svg+xml last-modified: Tue, 28 Mar 2023 07:36:59 GMT x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains referrer-policy: strict-origin-when-cross-origin cf-cache-status: HIT age: 537 vary: Accept-Encoding server: cloudflare cf-ray: 7afe19eccb310b61-OSL content-encoding: br X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/bg-waves-mirrored.png	104.17.167.216	200 OK	38 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/bg-waves-mirrored.png IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type PNG image data, 2354 x 518, 8-bit colormap, non-interlaced\012- data Size 38 kB (38452 bytes) Hash 1434c3bae818878c34ca4c24f0638f78 956cb151771bc763d96b503ba8a0348744458561 92f1b6feb0e083db0f79d86cbf5db37fee7f8a0ad6c998c16b76fbd7e2284326 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/bg-waves-mirrored.png HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.css Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/png content-length: 38452 cf-bgj: imgq:100,h2pri cf-polished: origSize=91244 last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ed7bee0b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/set_1_user_1-default.jpg	104.17.167.216	200 OK	5.4 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/set_1_user_1-default.jpg IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 140x140, components 3\012- data Size 5.4 kB (5398 bytes) Hash a51ad6ddcef65adf89f1fffb57dd29cd b969ac5b01763f3d9051790ae42a30827e3b4680 84b0129b2340d5d0c78267dbdec4e1d6ab7e753fa1f268b9b0e3916897f987de HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/set_1_user_1-default.jpg HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.css Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/jpeg content-length: 5398 cf-bgj: imgq:100,h2pri cf-polished: origSize=5443 last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ed7bf60b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/top-stories-img.jpg	104.17.167.216	200 OK	31 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/top-stories-img.jpg IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 580x280, components 3\012- data Size 31 kB (30824 bytes) Hash 7df6b12cdaf9490fbf51e90a766a32ba b18d5e1aeacd8c0b95d64a2e5e55a7a1cb9039d1 fe84c00c5b9185c74a4da1b526239fb95dbb3b85f9ddc873b5a74299b379bff5 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/top-stories-img.jpg HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.css Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/jpeg content-length: 30824 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ed7bf50b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/set_1_user_2-default.jpg	104.17.167.216	200 OK	5.7 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/set_1_user_2-default.jpg IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 140x140, components 3\012- data Size 5.7 kB (5660 bytes) Hash 6b593a018c0a243fc2505bdf9c17508e 7123f2e540cc2d9dd351689251bbe923505f0550 37e6fe06d44a2c68d5970339e85c1b4712db5125ce7fd73a5a858d3454d5c8eb HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/set_1_user_2-default.jpg HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.css Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/jpeg content-length: 5660 cf-bgj: imgq:100,h2pri cf-polished: origSize=5696 last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ed8bfe0b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/set_1_user_5-default.jpg	104.17.167.216	200 OK	6.7 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/set_1_user_5-default.jpg IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 140x140, components 3\012- data Size 6.7 kB (6652 bytes) Hash 52b316f6413225859c4aaf813d5fd18a 19b87836f17a6611db60ba8f767de5f3330897ba 4d92f265aa0e6b29a7181ac1b304f0cc89e375883f6d23f780d46efd2dd1e481 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/set_1_user_5-default.jpg HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.css Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/jpeg content-length: 6652 cf-bgj: imgq:100,h2pri cf-polished: origSize=6693 last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ed8c070b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/set_1_user_3-default.jpg	104.17.167.216	200 OK	7.3 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/set_1_user_3-default.jpg IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 140x140, components 3\012- data Size 7.3 kB (7280 bytes) Hash 287d393452df4d068762d85914b16ce2 338ae051a0a617ce794d72764b8d46cbdcca5206 8001b877811e11bb324d2d11bfcb8bb1e523369cfb2f8533d6d3eb33ad241124 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/set_1_user_3-default.jpg HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.css Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/jpeg content-length: 7280 cf-bgj: imgq:100,h2pri cf-polished: origSize=7320 last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ed8c000b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2	104.17.167.216	200 OK	56 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2 IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type Web Open Font Format (Version 2), TrueType, length 56348, version 1.0\012- data Size 56 kB (56348 bytes) Hash 441a81103fda7f9c3b41cffd77d8c65c 3a2d883b3fc09a347376088e206f5e0fd17aab72 52a27a6a1c1821efdf20d91ece59d5f29ba3ba28cc8480e2f73f3007216e7729 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2 HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Referer: https://www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.css Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: font/woff2 content-length: 56348 last-modified: Tue, 28 Mar 2023 07:36:59 GMT x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains referrer-policy: strict-origin-when-cross-origin cf-cache-status: HIT age: 2162 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ed8c0b0b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-600.woff2	104.17.167.216	200 OK	56 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-600.woff2 IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type Web Open Font Format (Version 2), TrueType, length 56336, version 1.0\012- data Size 56 kB (56336 bytes) Hash ef3ace47eb239b775be05de1de1af268 988135ecaacc456e803d9609b28e5e68c4d694d9 0240d31750dece0d5a709e6eb5cbfded2f15b37b5a4d752c3c636cdd03bd12f8 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-600.woff2 HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Referer: https://www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.css Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: font/woff2 content-length: 56336 last-modified: Wed, 29 Mar 2023 22:41:23 GMT x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains referrer-policy: strict-origin-when-cross-origin cf-cache-status: HIT age: 2457 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ed8c100b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/set_1_user_4-default.jpg	104.17.167.216	200 OK	4.6 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/set_1_user_4-default.jpg IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 140x140, components 3\012- data Size 4.6 kB (4616 bytes) Hash c4e3194414bc91235384c45954228335 154fc2c2260f29d153d2c65ddc3c698fda27550a 62fa4d6c39b26897562284f5a606cac5aee3f45bac3fffce595fc6a298719cd7 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/set_1_user_4-default.jpg HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.css Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/jpeg content-length: 4616 cf-bgj: imgq:100,h2pri cf-polished: origSize=4655 last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 537 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ed8c010b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2	104.17.167.216	200 OK	56 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2 IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type Web Open Font Format (Version 2), TrueType, length 56136, version 1.0\012- data Size 56 kB (56136 bytes) Hash 3dd7582d76945c56b4c7b4543d41ce33 8def1a4702f51dce5c8f9e07944475f7e3d7e5c1 c11cfbd87aed976e8b636a1b3474310343b83bc9ded516c26fb51cb97eecad96 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2 HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Referer: https://www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.css Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: font/woff2 content-length: 56136 last-modified: Wed, 29 Mar 2023 22:41:20 GMT x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains referrer-policy: strict-origin-when-cross-origin cf-cache-status: HIT age: 2457 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ed9c180b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2	104.17.167.216	200 OK	55 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2 IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type Web Open Font Format (Version 2), TrueType, length 54576, version 1.0\012- data Size 55 kB (54576 bytes) Hash 85cb2c73cbeffb7cb359827c68b20e91 a89fb47d4a581c6e2e3cc622f3410d0d9fe9d6a4 bba8d203d019c6f11367d6279cdeb0efbc5895b75dfa68a008686d22194e8d67 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2 HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Referer: https://www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.css Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: font/woff2 content-length: 54576 last-modified: Tue, 28 Mar 2023 07:36:59 GMT x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains referrer-policy: strict-origin-when-cross-origin cf-cache-status: HIT age: 2162 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ed8c130b61-OSL X-Firefox-Spdy: h2`

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 3e119840b6dfd09d067e2535bf4ce44d 5398914d5954264b72b36b7e38051ad88bfe9744 a852366363fd9ce2c681506be31babfb9081a4e9c23c523fe5694a9b62766def HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4143 Cache-Control: max-age=124722 Content-Type: application/ocsp-response Date: Thu, 30 Mar 2023 05:55:01 GMT Etag: "64245838-1d7" Expires: Fri, 31 Mar 2023 16:33:43 GMT Last-Modified: Wed, 29 Mar 2023 15:24:40 GMT Server: ECAcc (amb/6B04) X-Cache: HIT Content-Length: 471`

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 3e119840b6dfd09d067e2535bf4ce44d 5398914d5954264b72b36b7e38051ad88bfe9744 a852366363fd9ce2c681506be31babfb9081a4e9c23c523fe5694a9b62766def HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4169 Cache-Control: max-age=124748 Content-Type: application/ocsp-response Date: Thu, 30 Mar 2023 05:55:01 GMT Etag: "64245838-1d7" Expires: Fri, 31 Mar 2023 16:34:09 GMT Last-Modified: Wed, 29 Mar 2023 15:24:40 GMT Server: ECAcc (amb/6AC3) X-Cache: HIT Content-Length: 471`

	app2.be2.com/api/v1/events/pre-registration	62.245.131.116	200 OK	0 B
URL HTTP/2 app2.be2.com/api/v1/events/pre-registration IP 62.245.131.116:0 ASN #8767 M-net Telekommunikations GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `OPTIONS /api/v1/events/pre-registration HTTP/1.1 Host: app2.be2.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://www.be2.no/ Origin: https://www.be2.no Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT server: Apache x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform, max-age=0, private pragma: no-cache expires: 0 vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers access-control-allow-origin: https://www.be2.no access-control-allow-methods: POST access-control-allow-headers: content-type access-control-allow-credentials: true content-length: 0 content-security-policy: set-cookie: irouted=.biz28; path=/; Secure; HttpOnly strict-transport-security: max-age=31536000; includeSubDomains referrer-policy: strict-origin-when-cross-origin X-Firefox-Spdy: h2

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/be2_x16.png	104.17.167.216	200 OK	261 B
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/be2_x16.png IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size 261 B (261 bytes) Hash 12fcbc0f496239095c57b39377926617 def58dcc1a8f255d96f79777e7b30b4036bf0c1e 25dc63689ea4f0f3c0cb63685eb8d9b8871d6a7f8de977225dcfa5b05932f6a2 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/be2_x16.png HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE; ipx_cookie_overlay={"created":1680155726256,"clientId":"","displayedOverlay":"v4","acceptedValues":{"show":true,"acceptedURL":""},"googleAnalyticsCategory":2,"trackingCategories":[{"id":1,"enabled":true},{"id":2,"enabled":false},{"id":3,"enabled":false},{"id":4,"enabled":false},{"id":5,"enabled":false}]} Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/png content-length: 261 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed last-modified: Wed, 29 Mar 2023 22:41:09 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 2456 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ef4dde0b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/be2_android_x196.png	104.17.167.216	200 OK	2.8 kB
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/be2_android_x196.png IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data Size 2.8 kB (2820 bytes) Hash 703b5d3b64694f5a79dc80eb9cc8b316 8267072e8a839dd21492f8aaef48b117fa2186a7 b6b4fe4f006a57187e8f79367a97d916b2f240d0fcafc29efdc34f86dc4a2cb2 HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/be2_android_x196.png HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE; ipx_cookie_overlay={"created":1680155726256,"clientId":"","displayedOverlay":"v4","acceptedValues":{"show":true,"acceptedURL":""},"googleAnalyticsCategory":2,"trackingCategories":[{"id":1,"enabled":true},{"id":2,"enabled":false},{"id":3,"enabled":false},{"id":4,"enabled":false},{"id":5,"enabled":false}]} Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/png content-length: 2820 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff cf-cache-status: HIT age: 2162 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ef4ddc0b61-OSL X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/logo_claim-en.svg	104.17.167.216	200 OK	0 B
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/logo_claim-en.svg IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/logo_claim-en.svg HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/svg+xml last-modified: Tue, 28 Mar 2023 07:36:59 GMT x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains referrer-policy: strict-origin-when-cross-origin cf-cache-status: REVALIDATED vary: Accept-Encoding server: cloudflare cf-ray: 7afe19eccb290b61-OSL content-encoding: br X-Firefox-Spdy: h2`

	www.be2.no/cdn-cgi/challenge-platform/h/b/cv/result/7afe19eb8a0f0b61	104.17.167.216	200 OK	0 B
URL HTTP/2 www.be2.no/cdn-cgi/challenge-platform/h/b/cv/result/7afe19eb8a0f0b61 IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers POST /cdn-cgi/challenge-platform/h/b/cv/result/7afe19eb8a0f0b61 HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 12598 Origin: https://www.be2.no Connection: keep-alive Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE; ipx_cookie_overlay={"created":1680155726256,"clientId":"","displayedOverlay":"v4","acceptedValues":{"show":true,"acceptedURL":""},"googleAnalyticsCategory":2,"trackingCategories":[{"id":1,"enabled":true},{"id":2,"enabled":false},{"id":3,"enabled":false},{"id":4,"enabled":false},{"id":5,"enabled":false}]} Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: text/plain; charset=UTF-8 set-cookie: __cf_bm=xpxdP2EjKEOIMeHd8SR_vkbmlqfy2ukMKVCOTkaUFAE-1680155701-0-ATDAoYNm+Q+5W2RGLMzomoz+FGpOJ1Ul7GWr1Dedg6JbQMCWvgGcOTZ/AI8fzSi+7crGqY42aUkoomzfGp0gW8/Sbc0cJBSR3GZCjoTo94f3xi+RiHHHCLpT7iGs2W3084pUH3lfDvKwVCgZoXWeyBtG/Uyn9NPeocwlpFE4f/2YQp+naH82OVC5aCTivDEaeg==; path=/; expires=Thu, 30-Mar-23 06:25:01 GMT; domain=.www.be2.no; HttpOnly; Secure; SameSite=None strict-transport-security: max-age=15552000; includeSubDomains server: cloudflare cf-ray: 7afe19f03ea90b61-OSL content-encoding: br X-Firefox-Spdy: h2

	www.be2.no/dlpm/pinboard-couples-aff.html?partnerid=NO12iCL&linkid=12209__wgcrddqrddqbp5ln2eoata2q&accid=12209&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713	104.17.167.216	301 Moved Permanently	0 B
URL HTTP/2 www.be2.no/dlpm/pinboard-couples-aff.html?partnerid=NO12iCL&linkid=12209__wgcrddqrddqbp5ln2eoata2q&accid=12209&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /dlpm/pinboard-couples-aff.html?partnerid=NO12iCL&linkid=12209__wgcrddqrddqbp5ln2eoata2q&accid=12209&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://ishku-wbq.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 301 Moved Permanently date: Thu, 30 Mar 2023 05:55:01 GMT content-type: text/html; charset=UTF-8 location: /?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains referrer-policy: strict-origin-when-cross-origin cf-cache-status: DYNAMIC set-cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE; path=/; expires=Thu, 30-Mar-23 06:25:01 GMT; domain=.www.be2.no; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 7afe19ea48fc0b61-OSL X-Firefox-Spdy: h2

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.js	104.17.167.216	200 OK	0 B
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.js IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.js HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: application/javascript cf-bgj: minify last-modified: Tue, 28 Mar 2023 07:36:59 GMT referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=15552000; includeSubDomains vary: Accept-Encoding x-content-type-options: nosniff cf-cache-status: HIT age: 537 server: cloudflare cf-ray: 7afe19ec9b0b0b61-OSL content-encoding: br X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/claim_single_sticky-en.svg	104.17.167.216	200 OK	0 B
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/claim_single_sticky-en.svg IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/claim_single_sticky-en.svg HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.css Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/svg+xml last-modified: Wed, 29 Mar 2023 22:41:23 GMT x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains referrer-policy: strict-origin-when-cross-origin cf-cache-status: HIT age: 1090 vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ed6be70b61-OSL content-encoding: br X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/social_media_icons.ttf	104.17.167.216	200 OK	0 B
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/social_media_icons.ttf IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/social_media_icons.ttf HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.css Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: font/ttf last-modified: Wed, 29 Mar 2023 22:41:23 GMT x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains referrer-policy: strict-origin-when-cross-origin cf-cache-status: HIT age: 2457 vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ed9c1f0b61-OSL content-encoding: br X-Firefox-Spdy: h2`

	app2.be2.com/api/v1/events/pre-registration	62.245.131.116	200 OK	0 B
URL HTTP/2 app2.be2.com/api/v1/events/pre-registration IP 62.245.131.116:0 ASN #8767 M-net Telekommunikations GmbH File type Size 0 B (0 bytes) Hash HTTP Headers `POST /api/v1/events/pre-registration HTTP/1.1 Host: app2.be2.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/ Content-Type: application/json Origin: https://www.be2.no Content-Length: 273 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT server: Apache x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform, max-age=0, private pragma: no-cache expires: 0 vary: origin,access-control-request-method,access-control-request-headers,accept-encoding access-control-allow-origin: https://www.be2.no access-control-allow-credentials: true content-encoding: gzip content-type: application/json;charset=UTF-8 content-security-policy: set-cookie: irouted=.biz22; path=/; Secure; HttpOnly strict-transport-security: max-age=31536000; includeSubDomains referrer-policy: strict-origin-when-cross-origin X-Firefox-Spdy: h2

	app2.be2.com/api/v1/events/pre-registration	62.245.131.116	200 OK	0 B
URL HTTP/2 app2.be2.com/api/v1/events/pre-registration IP 62.245.131.116:0 ASN #8767 M-net Telekommunikations GmbH File type Size 0 B (0 bytes) Hash HTTP Headers `POST /api/v1/events/pre-registration HTTP/1.1 Host: app2.be2.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/ Content-Type: application/json Origin: https://www.be2.no Content-Length: 327 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT server: Apache x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform, max-age=0, private pragma: no-cache expires: 0 vary: origin,access-control-request-method,access-control-request-headers,accept-encoding access-control-allow-origin: https://www.be2.no access-control-allow-credentials: true content-encoding: gzip content-type: application/json;charset=UTF-8 content-security-policy: set-cookie: irouted=.biz22; path=/; Secure; HttpOnly strict-transport-security: max-age=31536000; includeSubDomains referrer-policy: strict-origin-when-cross-origin X-Firefox-Spdy: h2

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/btn_secure.svg	104.17.167.216	200 OK	0 B
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/btn_secure.svg IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/btn_secure.svg HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/svg+xml last-modified: Tue, 28 Mar 2023 07:36:59 GMT x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains referrer-policy: strict-origin-when-cross-origin cf-cache-status: HIT age: 537 vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ec8af90b61-OSL content-encoding: br X-Firefox-Spdy: h2`

	www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/link-arrow-fuchsia.svg	104.17.167.216	200 OK	0 B
URL HTTP/2 www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/link-arrow-fuchsia.svg IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/link-arrow-fuchsia.svg HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/oms/storage/nodes/djQzNi4wX19iZTJfX25iX18yMTg2ODE=/251d164643533a527361dbe1a7b9235d.css Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: image/svg+xml last-modified: Tue, 28 Mar 2023 07:36:59 GMT x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains referrer-policy: strict-origin-when-cross-origin cf-cache-status: HIT age: 537 vary: Accept-Encoding server: cloudflare cf-ray: 7afe19ed8bfa0b61-OSL content-encoding: br X-Firefox-Spdy: h2`

	www.be2.no/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680148800	104.17.167.216	200 OK	0 B
URL HTTP/2 www.be2.no/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680148800 IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680148800 HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE; ipx_cookie_overlay={"created":1680155726256,"clientId":"","displayedOverlay":"v4","acceptedValues":{"show":true,"acceptedURL":""},"googleAnalyticsCategory":2,"trackingCategories":[{"id":1,"enabled":true},{"id":2,"enabled":false},{"id":3,"enabled":false},{"id":4,"enabled":false},{"id":5,"enabled":false}]} Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: application/javascript; charset=UTF-8 cache-control: max-age=14400, public vary: accept-encoding x-control-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains server: cloudflare cf-ray: 7afe19edcc490b61-OSL content-encoding: br X-Firefox-Spdy: h2`

	www.be2.no/oms/api/v1/lux	104.17.167.216	200 OK	0 B
URL HTTP/2 www.be2.no/oms/api/v1/lux IP 104.17.167.216:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers POST /oms/api/v1/lux HTTP/1.1 Host: www.be2.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.be2.no/?accid=12209&linkid=12209__wgcrddqrddqbp5ln2eoata2q&partnerid=NO12iCL&subid1=&subid2=wgcrddqrddqbp5ln2eoata2q&visid=1771624713 Content-Type: application/json Origin: https://www.be2.no Content-Length: 9 Connection: keep-alive Cookie: __cf_bm=putgvhYmLtj8eQ7vsAi6hWc9Dckd7SUxB0rx9pMPe9Y-1680155701-0-AWXC7PkgLh8ZjpWCoSQ/5pyZVJi+uW2z2W7vIDMjuwoyP4b/DHjSWiVPhr0zkokmWDRDdEy6eAQ67jqQtNP+htKJ45QGU0j8FbnonyMY23aE; ipx_cookie_overlay={"created":1680155726256,"clientId":"","displayedOverlay":"v4","acceptedValues":{"show":true,"acceptedURL":""},"googleAnalyticsCategory":2,"trackingCategories":[{"id":1,"enabled":true},{"id":2,"enabled":false},{"id":3,"enabled":false},{"id":4,"enabled":false},{"id":5,"enabled":false}]} Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Thu, 30 Mar 2023 05:55:01 GMT content-type: application/json access-control-allow-credentials: true access-control-allow-headers: Content-Type access-control-allow-origin: https://www.be2.no access-control-max-age: 1000 cache-control: no-cache, private vary: Origin,Accept-Encoding x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains referrer-policy: strict-origin-when-cross-origin cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7afe19eddc510b61-OSL content-encoding: br X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML