galin.eu/
64.190.63.111302 Found 0 B IP 64.190.63.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: galin.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_UggTX7KNbZRToaO19vrfhTf1f7dieIoE3Z2PCjAEMWqo0sl0Qt+H+jTek3aIKmGtif6YolMGop3tNCr7pEACag==
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Tue, 04 Oct 2022 09:24:40 GMT
location: https://sedo.com/search/details/?partnerid=324561&language=no&domain=galin.eu&origin=sales_lander_1&utm_medium=Parking&utm_campaign=offerpage
x-cache-miss-from: parking-69b897b95b-jm4r7
server: NginX
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3324
Expires: Tue, 04 Oct 2022 10:20:04 GMT
Date: Tue, 04 Oct 2022 09:24:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 08:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fkqEFO7zpR70dgbTyP_INBWlxk-6q_bPfQgXjXoUPsn6vZ-InMU8Bg==
Age: 2256
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aCgnQaI6qcAobUAq7i5x3_FyCqzBUV3iBOM0qsuZWz1iaQr1FzieMg==
age: 14173
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.78200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.78:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sedo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 04 Oct 2022 05:35:19 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2WFvyWR4hTfGQGnWPHTrNv6NSTjCu-CTaRg07HS_fqHMj3zGv0-Byw==
age: 13762
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 08:29:33 GMT
Expires: Tue, 04 Oct 2022 09:26:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5zRsmXHNDemb8REvG69mWCc7l0zxMBCNXFvR-L12P7tXYJyEXEtH4g==
Age: 3307
cdn.sedo.com/c7r/assets/static/dist/files/sourcesanspro-regular-webfont.woff2
104.16.4.91200 OK 27 kB URL HTTP/2 cdn.sedo.com/c7r/assets/static/dist/files/sourcesanspro-regular-webfont.woff2
IP 104.16.4.91:0
File type Web Open Font Format (Version 2), TrueType, length 27332, version 2.1310\012- data
Hash 8bb4ba711047411893d35612bc631ab9
fddc00eca2e66e4431c9615df508a1a377adce42
4bce5252202292e4d9d6de37a5bd004cb52d8c44e9f940bbcdd030ea569f29dc
GET /c7r/assets/static/dist/files/sourcesanspro-regular-webfont.woff2 HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sedo.com
Connection: keep-alive
Referer: https://cdn.sedo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: application/octet-stream
content-length: 27332
last-modified: Thu, 01 Sep 2022 11:50:34 GMT
etag: "63109c8a-6ac4"
x-sedo-request-id: ID-6c8ff87b4c-rgp5g-fb6b86c50181d00b9a83850a5e8e0d36
x-frame-options: sameorigin
access-control-allow-origin: https://sedo.com
access-control-allow-max-age: 86400
access-control-allow-max-methods: GET
vary: Origin, Accept-Encoding
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 754cddac182ab51e-OSL
X-Firefox-Spdy: h2
cdn.sedo.com/c7r/assets/static/libs/external/jquery.min.js?v=2.3.1-c3004b76dbb5e63136f96859720bad11
104.16.4.91200 OK 43 kB URL HTTP/2 cdn.sedo.com/c7r/assets/static/libs/external/jquery.min.js?v=2.3.1-c3004b76dbb5e63136f96859720bad11
IP 104.16.4.91:0
File type ASCII text, with very long lines (32029)
Hash 2aefaa1bdd88b76898f764d02808aa9a
e62790c8cb585728785129457cdafc7c124f0869
b5d21a35ab180985ebbb1e3d105d562a40a0113f234d837fac285a1dba5e2310
GET /c7r/assets/static/libs/external/jquery.min.js?v=2.3.1-c3004b76dbb5e63136f96859720bad11 HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sedo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Sep 2022 11:46:03 GMT
etag: W/"63109b7b-149a8"
x-sedo-request-id: ID-6c8ff87b4c-g4r46-6dc4c37b0824f256a1ebb1dfc712be7a
x-frame-options: sameorigin
cf-cache-status: HIT
age: 6650
server: cloudflare
cf-ray: 754cddaaae3ab51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sedo.com/c7r/assets/static/images/logos/logo-ALIPAY.svg
104.16.4.91200 OK 13 kB URL HTTP/2 cdn.sedo.com/c7r/assets/static/images/logos/logo-ALIPAY.svg
IP 104.16.4.91:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d22bb3c68a05bda692a61168cdaf3f47
258053d0f31ec656ce3c37b789659eddb264e152
becbb20f3b22332a621f7cb6300292db61210bc30ffc7a6f81c2ae1f1aa52155
GET /c7r/assets/static/images/logos/logo-ALIPAY.svg HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.sedo.com/c7r/assets/static/dist/css/offer-details-page/main.css?v=2.3.1-c3004b76dbb5e63136f96859720bad11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Sep 2022 11:46:03 GMT
etag: W/"63109b7b-9d6"
x-sedo-request-id: ID-6c8ff87b4c-g4r46-9d927e22934181803b564ca64be6cdf2
x-frame-options: sameorigin
cf-cache-status: HIT
age: 4365
server: cloudflare
cf-ray: 754cddac0819b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=46a9280800006400050091ee
143.204.55.78200 OK 1.8 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=46a9280800006400050091ee
IP 143.204.55.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5658)
Hash 8e4207bd9e7d6f6d376f7ea95a0db7a5
5fa0b8f6feba523b8b2faf776e0428ebb9393b4d
fbe39b5c56c437ebe286e6d24eafa6e640afd035b00b2b01059d5ac7a70349db
GET /trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=46a9280800006400050091ee HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sedo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1843
last-modified: Tue, 14 Jun 2022 14:06:38 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 04 Oct 2022 04:58:04 GMT
cache-control: max-age=86400
etag: "8e4207bd9e7d6f6d376f7ea95a0db7a5"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VazKJVh72-RDtfFitb2ncIT-jKXfvDdFBpDvnpCyHQ_AawEd-2kFFQ==
age: 20289
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 329
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:24:41 GMT
Last-Modified: Tue, 04 Oct 2022 09:19:12 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
cdn.sedo.com/c7r/assets/static/images/icons/apple-touch-icon.png
104.16.4.91200 OK 2.2 kB URL HTTP/2 cdn.sedo.com/c7r/assets/static/images/icons/apple-touch-icon.png
IP 104.16.4.91:0
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash 9a643d009c1898634e51157c475a2a07
f9118b43c13f4f92420ad9b92fa6e495909eec24
f5229548bd26ae891d60346255e15dafd6f4adf0200657c20eb8ba989db4aa6c
GET /c7r/assets/static/images/icons/apple-touch-icon.png HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sedo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:41 GMT
content-type: image/png
content-length: 2176
last-modified: Thu, 01 Sep 2022 11:46:03 GMT
etag: "63109b7b-880"
x-sedo-request-id: ID-6c8ff87b4c-rgp5g-7bd37612f0ed77360c2a5f741c2093fe
x-frame-options: sameorigin
cf-cache-status: HIT
age: 4795
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 754cddad99fbb51e-OSL
X-Firefox-Spdy: h2
cdn.sedo.com/c7r/assets/static/images/icons/favicon-16x16.png
104.16.4.91200 OK 510 B URL HTTP/2 cdn.sedo.com/c7r/assets/static/images/icons/favicon-16x16.png
IP 104.16.4.91:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 5a3a52fd6b511325f14b77826ac7add4
6073ae4a09e0c553408778502359aebb53520885
31a3d0e86221bfdd0b13271cd85ad67da5df602e5c32b593290a4ab01e76d45e
GET /c7r/assets/static/images/icons/favicon-16x16.png HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sedo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:41 GMT
content-type: image/png
content-length: 510
last-modified: Thu, 01 Sep 2022 11:46:03 GMT
etag: "63109b7b-1fe"
x-sedo-request-id: ID-6c8ff87b4c-rgp5g-34cff7d4a697e02f86307f981b8ef883
x-frame-options: sameorigin
cf-cache-status: HIT
age: 679
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 754cddad99fcb51e-OSL
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/main.js
143.204.55.78200 OK 17 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/main.js
IP 143.204.55.78:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (54648)
Hash 3bb49e864b66714a17c75c9b22c8c10a
c00eac20172565d8b1538731ac2962f7deebc80a
d26970ab13740b89d3bbd39e1aee089da4e59040431750c1a256974bb60095fb
GET /trustboxes/5419b732fbfb950b10de65e5/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=46a9280800006400050091ee
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 16669
last-modified: Tue, 14 Jun 2022 14:06:40 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Mon, 03 Oct 2022 18:32:55 GMT
cache-control: max-age=86400
etag: "3bb49e864b66714a17c75c9b22c8c10a"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2aaZ-et_0IFNXbwyXoJccmpx2GiOKumVR9BGyr6DU1yNAMLuEJai-w==
age: 53507
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/5419b732fbfb950b10de65e5?businessUnitId=46a9280800006400050091ee&locale=en-EN
143.204.55.78200 OK 366 B URL HTTP/2 widget.trustpilot.com/trustbox-data/5419b732fbfb950b10de65e5?businessUnitId=46a9280800006400050091ee&locale=en-EN
IP 143.204.55.78:0
File type JSON data\012- , ASCII text, with very long lines (834), with no line terminators
Hash a54b964148b41bf86acacc669c203b11
df6c45d2bf77d0b47d13c584781870c8627dc432
9eb0cd573988bd8c8e3b43e786c1f7c5cc8c8b8fade045cdc264b9ca26209426
GET /trustbox-data/5419b732fbfb950b10de65e5?businessUnitId=46a9280800006400050091ee&locale=en-EN HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=46a9280800006400050091ee
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 366
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fallback-status: BYPASS
x-skip-cache-cookie: 0
x-xss-protection: 1; mode=block
date: Tue, 04 Oct 2022 09:24:41 GMT
cache-control: public,max-age=1800
etag: "5334cb4014908d828a38486ed0551098"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7socafIr1rz_Jby-LL93JiE8ahg9gdaXMvnPmHa9PqOlRPlNS7A1YA==
age: 271
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxView?locale=en-EN&styleHeight=24px&styleWidth=300px&theme=light&url=https%3A%2F%2Fsedo.com%2Fsearch%2Fdetails%2F%3Fpartnerid%3D324561%26language%3Dno%26domain%3Dgalin.eu%26origin%3Dsales_lander_1%26utm_medium%3DParking%26utm_campaign%3Dofferpage&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=46a9280800006400050091ee&widgetId=5419b732fbfb950b10de65e5
143.204.55.78204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxView?locale=en-EN&styleHeight=24px&styleWidth=300px&theme=light&url=https%3A%2F%2Fsedo.com%2Fsearch%2Fdetails%2F%3Fpartnerid%3D324561%26language%3Dno%26domain%3Dgalin.eu%26origin%3Dsales_lander_1%26utm_medium%3DParking%26utm_campaign%3Dofferpage&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=46a9280800006400050091ee&widgetId=5419b732fbfb950b10de65e5
IP 143.204.55.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxView?locale=en-EN&styleHeight=24px&styleWidth=300px&theme=light&url=https%3A%2F%2Fsedo.com%2Fsearch%2Fdetails%2F%3Fpartnerid%3D324561%26language%3Dno%26domain%3Dgalin.eu%26origin%3Dsales_lander_1%26utm_medium%3DParking%26utm_campaign%3Dofferpage&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=46a9280800006400050091ee&widgetId=5419b732fbfb950b10de65e5 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=46a9280800006400050091ee
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Tue, 04 Oct 2022 09:24:41 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Wewh3W2idSLTkEYfQBeUJe1ATZNNkZAjXKcd7r8NXTDrlPY2gx96Lw==
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.228.200101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.228.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Mi1qthI43WptySHdX6MyQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nnvDS11F8EqrGMxG0ZxaPpT8NXI=
widget.trustpilot.com/stats/TrustboxImpression?locale=en-EN&styleHeight=24px&styleWidth=300px&theme=light&url=https%3A%2F%2Fsedo.com%2Fsearch%2Fdetails%2F%3Fpartnerid%3D324561%26language%3Dno%26domain%3Dgalin.eu%26origin%3Dsales_lander_1%26utm_medium%3DParking%26utm_campaign%3Dofferpage&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=46a9280800006400050091ee&widgetId=5419b732fbfb950b10de65e5
143.204.55.78204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-EN&styleHeight=24px&styleWidth=300px&theme=light&url=https%3A%2F%2Fsedo.com%2Fsearch%2Fdetails%2F%3Fpartnerid%3D324561%26language%3Dno%26domain%3Dgalin.eu%26origin%3Dsales_lander_1%26utm_medium%3DParking%26utm_campaign%3Dofferpage&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=46a9280800006400050091ee&widgetId=5419b732fbfb950b10de65e5
IP 143.204.55.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-EN&styleHeight=24px&styleWidth=300px&theme=light&url=https%3A%2F%2Fsedo.com%2Fsearch%2Fdetails%2F%3Fpartnerid%3D324561%26language%3Dno%26domain%3Dgalin.eu%26origin%3Dsales_lander_1%26utm_medium%3DParking%26utm_campaign%3Dofferpage&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=46a9280800006400050091ee&widgetId=5419b732fbfb950b10de65e5 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=46a9280800006400050091ee
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Tue, 04 Oct 2022 09:24:40 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NkhCMEU8wmjrfMV75XCmnTgIDEnJlPV3K9sfVWRIIsJCP4URAL1fcA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15884
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:24:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15884
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:24:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15884
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:24:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15884
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:24:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15884
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:24:42 GMT
Connection: keep-alive
cdn.sedo.com/c7r/assets/static/dist/js/deprecated/typescript/offer-details-page/app.min.js?v=2.3.1-5366ceb7107e32b66b9dcf8f1b099fc8
104.16.4.91200 OK 268 kB URL HTTP/2 cdn.sedo.com/c7r/assets/static/dist/js/deprecated/typescript/offer-details-page/app.min.js?v=2.3.1-5366ceb7107e32b66b9dcf8f1b099fc8
IP 104.16.4.91:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size 268 kB (268364 bytes)
Hash 246d8d23b1cf9a491188bffa1fffb0f8
2711e147f2afbc05784d1ed9e4043ceaecee1925
e5b6180e418b61e91a35a810e687b5b6371b456c1a8afab334d0226304e22792
GET /c7r/assets/static/dist/js/deprecated/typescript/offer-details-page/app.min.js?v=2.3.1-5366ceb7107e32b66b9dcf8f1b099fc8 HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sedo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Sep 2022 11:50:35 GMT
etag: W/"63109c8b-10f9df"
x-sedo-request-id: ID-6c8ff87b4c-llrqm-e8e0aac6fb8ec2a9aed6d6de9ec77d43
x-frame-options: sameorigin
cf-cache-status: HIT
age: 6650
server: cloudflare
cf-ray: 754cddaaae3eb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 16909
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 41276
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34f2dfb2faff276db1d4a57739db2450
f5ce815082043a4efce28fc790ae7d8b3a8531f8
e02ea92f0be524ccfe26eee61a77e39a13d852d1ba3696f729e0f61812028667
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5083
x-amzn-requestid: ed99df03-5d15-4e09-9aea-bbf77a705323
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpI0HT0IAMFxvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556b-422197147d76caac6e910664;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:35 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pddStyEpwVdYKSAUVcpupnWVPw6ALoYCouHQzixF_vTgXdpVF60ElA==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
age: 40423
etag: "f5ce815082043a4efce28fc790ae7d8b3a8531f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 41328
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bec66cf-b911-4eb8-95d6-27e5f2afb6c7.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bec66cf-b911-4eb8-95d6-27e5f2afb6c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash de29d0d95d22e4e246a90feed644baf0
4ac6c5691df804078d5da54233cf4d8e7012f9ca
8e34ad07e098df14f7001d1ee538479de11afa4c255006cb6e8e2207c0e50a47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bec66cf-b911-4eb8-95d6-27e5f2afb6c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 3348b2e8-915a-492b-8241-89c13a21232c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqFlFyyoAMFz_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b56f0-2baf7ac2213c31fc384e8317;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Y1H21zphqs9mIGVYHojfc-nvW35BS3nq4hunM_JmyT9mC100bXlgWw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:46 GMT
age: 41336
etag: "4ac6c5691df804078d5da54233cf4d8e7012f9ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sedo.com/cdn-cgi/challenge-platform/h/b/cv/result/754cdda86b93b51e
104.16.4.91200 OK 0 B URL HTTP/2 sedo.com/cdn-cgi/challenge-platform/h/b/cv/result/754cdda86b93b51e
IP 104.16.4.91:0
POST /cdn-cgi/challenge-platform/h/b/cv/result/754cdda86b93b51e HTTP/1.1
Host: sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 559
Origin: https://sedo.com
Connection: keep-alive
Referer: https://sedo.com/search/details/?partnerid=324561&language=no&domain=galin.eu&origin=sales_lander_1&utm_medium=Parking&utm_campaign=offerpage
Cookie: campaignId=324561; session=c5d36452abb872ce63bca1ebc68e87f5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:41 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=0SexBev8l8EeyQctdr5dB9JOxzZ8rUcBQCwQb575aXo-1664875481-0-AQIpoaFnHoFE6V7NBN/AccGqY9nJ/6oi5MrkEm7ufxG5Pgv2vOkcVX2Q7G+uAByAg0shNyzI+qDUrva+Nc6rRclg0GRU2/pBdhGij4rqfCt3FdrRBRqjjQsL21+B8tXhoMYa6yfFNcCP9IOZFOo1HbL+6dFDS6X0xEXMc2JWXDISioRHE5DG/qAAuhmrq0Ua+j1h26YxiS8YbzonDyx9F8zPBuFy234Gj7PdbL/jBC5D; path=/; expires=Tue, 04-Oct-22 09:54:41 GMT; domain=.sedo.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 754cddae1a9fb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sedo.com/c7r/assets/static/dist/css/offer-details-page/main.css?v=2.3.1-c3004b76dbb5e63136f96859720bad11
104.16.4.91200 OK 0 B URL HTTP/2 cdn.sedo.com/c7r/assets/static/dist/css/offer-details-page/main.css?v=2.3.1-c3004b76dbb5e63136f96859720bad11
IP 104.16.4.91:0
GET /c7r/assets/static/dist/css/offer-details-page/main.css?v=2.3.1-c3004b76dbb5e63136f96859720bad11 HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sedo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Sep 2022 11:50:34 GMT
etag: W/"63109c8a-1a37a"
x-sedo-request-id: ID-6c8ff87b4c-rgp5g-038248b61b5fe1b8e64e24b46df74a28
x-frame-options: sameorigin
cf-cache-status: HIT
age: 6650
server: cloudflare
cf-ray: 754cddaaae38b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
sedo.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664870400
104.16.4.91200 OK 0 B URL HTTP/2 sedo.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664870400
IP 104.16.4.91:0
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664870400 HTTP/1.1
Host: sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: campaignId=324561; session=c5d36452abb872ce63bca1ebc68e87f5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:41 GMT
content-type: application/javascript; charset=UTF-8
x-control-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
server: cloudflare
cf-ray: 754cddaca930b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sedo.com/components/zkLxDsbw1hz2/reduced.footer.min.js?v=2.3.1-5366ceb7107e32b66b9dcf8f1b099fc8
104.16.4.91200 OK 0 B URL HTTP/2 cdn.sedo.com/components/zkLxDsbw1hz2/reduced.footer.min.js?v=2.3.1-5366ceb7107e32b66b9dcf8f1b099fc8
IP 104.16.4.91:0
GET /components/zkLxDsbw1hz2/reduced.footer.min.js?v=2.3.1-5366ceb7107e32b66b9dcf8f1b099fc8 HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sedo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 12 May 2022 08:00:50 GMT
etag: W/"627cbeb2-43372"
x-sedo-request-id: ID-6c8ff87b4c-g4r46-2be72fd7f63d51f1cf93e6daeec27be8
x-frame-options: sameorigin
cf-cache-status: HIT
age: 6650
server: cloudflare
cf-ray: 754cddaaae42b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
sedo.com/service/common.php?v=0.1&m=translate&f=getTexts&language=no&app=com.sedo.translation.global
104.16.4.91200 OK 0 B URL HTTP/2 sedo.com/service/common.php?v=0.1&m=translate&f=getTexts&language=no&app=com.sedo.translation.global
IP 104.16.4.91:0
GET /service/common.php?v=0.1&m=translate&f=getTexts&language=no&app=com.sedo.translation.global HTTP/1.1
Host: sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://sedo.com/search/details/?partnerid=324561&language=no&domain=galin.eu&origin=sales_lander_1&utm_medium=Parking&utm_campaign=offerpage
Cookie: campaignId=324561; session=c5d36452abb872ce63bca1ebc68e87f5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:41 GMT
content-type: application/json
vary: Accept-Encoding, Origin
access-control-allow-origin: *
x-sedo-campaign-id: 324561
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
x-sedo-request-id: ID-788b76f9dd-7tsh5-cbfbc37200bff2e5759fec9213893b95
pragma: no-cache
x-ua-compatible: IE=edge
x-frame-options: sameorigin
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754cddaca92ab51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sedo.com/c7r/assets/static/images/logos/logo-UNIONPAY.svg
104.16.4.91200 OK 0 B URL HTTP/2 cdn.sedo.com/c7r/assets/static/images/logos/logo-UNIONPAY.svg
IP 104.16.4.91:0
GET /c7r/assets/static/images/logos/logo-UNIONPAY.svg HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.sedo.com/c7r/assets/static/dist/css/offer-details-page/main.css?v=2.3.1-c3004b76dbb5e63136f96859720bad11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Sep 2022 11:46:03 GMT
etag: W/"63109b7b-dee"
x-sedo-request-id: ID-6c8ff87b4c-g4r46-fb7c217df571d7ac70047bab7339c3c8
x-frame-options: sameorigin
cf-cache-status: HIT
age: 4365
server: cloudflare
cf-ray: 754cddac0810b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sedo.com/c7r/assets/static/images/logos/logo-AMERICAN_EXPRESS.svg
104.16.4.91200 OK 0 B URL HTTP/2 cdn.sedo.com/c7r/assets/static/images/logos/logo-AMERICAN_EXPRESS.svg
IP 104.16.4.91:0
GET /c7r/assets/static/images/logos/logo-AMERICAN_EXPRESS.svg HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.sedo.com/c7r/assets/static/dist/css/offer-details-page/main.css?v=2.3.1-c3004b76dbb5e63136f96859720bad11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Sep 2022 11:46:03 GMT
etag: W/"63109b7b-d5a"
x-sedo-request-id: ID-6c8ff87b4c-g4r46-ab5aa2551d9f42e63ec94b98c6dfbca6
x-frame-options: sameorigin
cf-cache-status: HIT
age: 4365
server: cloudflare
cf-ray: 754cddac0814b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
sedo.com/search/details/?partnerid=324561&language=no&domain=galin.eu&origin=sales_lander_1&utm_medium=Parking&utm_campaign=offerpage
104.16.4.91200 OK 0 B URL HTTP/2 sedo.com/search/details/?partnerid=324561&language=no&domain=galin.eu&origin=sales_lander_1&utm_medium=Parking&utm_campaign=offerpage
IP 104.16.4.91:0
GET /search/details/?partnerid=324561&language=no&domain=galin.eu&origin=sales_lander_1&utm_medium=Parking&utm_campaign=offerpage HTTP/1.1
Host: sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: text/html; charset="utf-8"
vary: Accept-Encoding, Origin
set-cookie: campaignId=324561; Max-Age=86400; Path=/; Secure; HttpOnly
session=c5d36452abb872ce63bca1ebc68e87f5; expires=Fri, 07-Oct-2022 09:24:40 GMT; Max-Age=259200; path=/; secure; HttpOnly
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: sameorigin
x-ua-compatible: IE=edge
x-content-type-options: nosniff
x-sedo-request-id: ID-788b76f9dd-f4224-7f607191bba426a814e263710a473c86
x-sedo-campaign-id: 324561
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754cdda86b93b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sedo.com/c7r/assets/static/images/logos/logo-PAYPAL.svg
104.16.4.91200 OK 0 B URL HTTP/2 cdn.sedo.com/c7r/assets/static/images/logos/logo-PAYPAL.svg
IP 104.16.4.91:0
GET /c7r/assets/static/images/logos/logo-PAYPAL.svg HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.sedo.com/c7r/assets/static/dist/css/offer-details-page/main.css?v=2.3.1-c3004b76dbb5e63136f96859720bad11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Sep 2022 11:46:03 GMT
etag: W/"63109b7b-14b4"
x-sedo-request-id: ID-6c8ff87b4c-llrqm-e968c9965a5b6e45fe2d8d35d0785c6e
x-frame-options: sameorigin
cf-cache-status: HIT
age: 4365
server: cloudflare
cf-ray: 754cddac080cb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sedo.com/c7r/assets/static/images/logos/logo-KLARNA.svg
104.16.4.91200 OK 0 B URL HTTP/2 cdn.sedo.com/c7r/assets/static/images/logos/logo-KLARNA.svg
IP 104.16.4.91:0
GET /c7r/assets/static/images/logos/logo-KLARNA.svg HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.sedo.com/c7r/assets/static/dist/css/offer-details-page/main.css?v=2.3.1-c3004b76dbb5e63136f96859720bad11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Sep 2022 11:46:03 GMT
etag: W/"63109b7b-531"
x-sedo-request-id: ID-6c8ff87b4c-llrqm-da617d614f23a1bb14a2a4e53c73ecab
x-frame-options: sameorigin
cf-cache-status: HIT
age: 4365
server: cloudflare
cf-ray: 754cddac1825b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
sedo.com/service/common.php?v=0.1&m=domaindetails&f=getStatistics&language=no&domainId=365448110&auctionId=NaN
104.16.4.91200 OK 0 B URL HTTP/2 sedo.com/service/common.php?v=0.1&m=domaindetails&f=getStatistics&language=no&domainId=365448110&auctionId=NaN
IP 104.16.4.91:0
GET /service/common.php?v=0.1&m=domaindetails&f=getStatistics&language=no&domainId=365448110&auctionId=NaN HTTP/1.1
Host: sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://sedo.com/search/details/?partnerid=324561&language=no&domain=galin.eu&origin=sales_lander_1&utm_medium=Parking&utm_campaign=offerpage
Cookie: campaignId=324561; session=c5d36452abb872ce63bca1ebc68e87f5; __cf_bm=0SexBev8l8EeyQctdr5dB9JOxzZ8rUcBQCwQb575aXo-1664875481-0-AQIpoaFnHoFE6V7NBN/AccGqY9nJ/6oi5MrkEm7ufxG5Pgv2vOkcVX2Q7G+uAByAg0shNyzI+qDUrva+Nc6rRclg0GRU2/pBdhGij4rqfCt3FdrRBRqjjQsL21+B8tXhoMYa6yfFNcCP9IOZFOo1HbL+6dFDS6X0xEXMc2JWXDISioRHE5DG/qAAuhmrq0Ua+j1h26YxiS8YbzonDyx9F8zPBuFy234Gj7PdbL/jBC5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:41 GMT
content-type: application/json
vary: Accept-Encoding, Origin
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-ua-compatible: IE=edge
x-content-type-options: nosniff
x-sedo-campaign-id: 324561
x-sedo-request-id: ID-788b76f9dd-f4224-18e516f3e87cfe1676128703a02d7ac0
cache-control: no-store, no-cache, must-revalidate
x-frame-options: sameorigin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754cddaecb75b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sedo.com/c7r/assets/static/images/logos/logo-CREDIT_CARD.svg
104.16.4.91200 OK 0 B URL HTTP/2 cdn.sedo.com/c7r/assets/static/images/logos/logo-CREDIT_CARD.svg
IP 104.16.4.91:0
GET /c7r/assets/static/images/logos/logo-CREDIT_CARD.svg HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.sedo.com/c7r/assets/static/dist/css/offer-details-page/main.css?v=2.3.1-c3004b76dbb5e63136f96859720bad11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Sep 2022 11:46:03 GMT
etag: W/"63109b7b-20c0"
x-sedo-request-id: ID-6c8ff87b4c-g4r46-8ea14face4bba92952c77d1fab185a3a
x-frame-options: sameorigin
cf-cache-status: HIT
age: 4365
server: cloudflare
cf-ray: 754cddac080eb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sedo.com/c7r/assets/static/images/logos/logo-IDEAL.svg
104.16.4.91200 OK 0 B URL HTTP/2 cdn.sedo.com/c7r/assets/static/images/logos/logo-IDEAL.svg
IP 104.16.4.91:0
GET /c7r/assets/static/images/logos/logo-IDEAL.svg HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.sedo.com/c7r/assets/static/dist/css/offer-details-page/main.css?v=2.3.1-c3004b76dbb5e63136f96859720bad11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Sep 2022 11:46:03 GMT
etag: W/"63109b7b-1402"
x-sedo-request-id: ID-6c8ff87b4c-llrqm-b09d36ba39ccc26f46236bff075694d2
x-frame-options: sameorigin
cf-cache-status: HIT
server: cloudflare
cf-ray: 754cddac0821b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sedo.com/components/TfcP3WYRyZ9A/cookie-banner.min.js?v=2.3.1-5366ceb7107e32b66b9dcf8f1b099fc8
104.16.4.91200 OK 0 B URL HTTP/2 cdn.sedo.com/components/TfcP3WYRyZ9A/cookie-banner.min.js?v=2.3.1-5366ceb7107e32b66b9dcf8f1b099fc8
IP 104.16.4.91:0
GET /components/TfcP3WYRyZ9A/cookie-banner.min.js?v=2.3.1-5366ceb7107e32b66b9dcf8f1b099fc8 HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sedo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Jul 2022 09:45:57 GMT
etag: W/"62c7fcd5-9016"
x-sedo-request-id: ID-6c8ff87b4c-rgp5g-8e08d7ce6caa480e1b417d05e5a2970b
x-frame-options: sameorigin
cf-cache-status: HIT
age: 6650
server: cloudflare
cf-ray: 754cddaaae40b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sedo.com/components/p9HJ4M2Uz7U4/reduced.header.min.js?v=2.3.1-c3004b76dbb5e63136f96859720bad11
104.16.4.91200 OK 0 B URL HTTP/2 cdn.sedo.com/components/p9HJ4M2Uz7U4/reduced.header.min.js?v=2.3.1-c3004b76dbb5e63136f96859720bad11
IP 104.16.4.91:0
GET /components/p9HJ4M2Uz7U4/reduced.header.min.js?v=2.3.1-c3004b76dbb5e63136f96859720bad11 HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sedo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Tue, 28 Jun 2022 09:57:35 GMT
etag: W/"62bad08f-4d723"
x-sedo-request-id: ID-6c8ff87b4c-llrqm-f630055882e89617e041b4c8459df101
x-frame-options: sameorigin
cf-cache-status: HIT
age: 6650
server: cloudflare
cf-ray: 754cddaaae3cb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sedo.com/components/p9HJ4M2Uz7U4/files/sedo-logo.svg
104.16.4.91200 OK 0 B URL HTTP/2 cdn.sedo.com/components/p9HJ4M2Uz7U4/files/sedo-logo.svg
IP 104.16.4.91:0
GET /components/p9HJ4M2Uz7U4/files/sedo-logo.svg HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sedo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Tue, 28 Jun 2022 09:57:31 GMT
etag: W/"62bad08b-61ea"
x-sedo-request-id: ID-6c8ff87b4c-llrqm-57f765f9661ee79e40e6bbf91b7511d6
x-frame-options: sameorigin
cf-cache-status: HIT
age: 2140
server: cloudflare
cf-ray: 754cddabf808b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sedo.com/c7r/assets/static/images/logos/logo-WIRE_TRANSFER.svg
104.16.4.91200 OK 0 B URL HTTP/2 cdn.sedo.com/c7r/assets/static/images/logos/logo-WIRE_TRANSFER.svg
IP 104.16.4.91:0
GET /c7r/assets/static/images/logos/logo-WIRE_TRANSFER.svg HTTP/1.1
Host: cdn.sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.sedo.com/c7r/assets/static/dist/css/offer-details-page/main.css?v=2.3.1-c3004b76dbb5e63136f96859720bad11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:40 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Sep 2022 11:46:03 GMT
etag: W/"63109b7b-1276"
x-sedo-request-id: ID-6c8ff87b4c-rgp5g-598e3116fd3c0caaf51febf26a945ab9
x-frame-options: sameorigin
cf-cache-status: HIT
age: 4365
server: cloudflare
cf-ray: 754cddac081eb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
sedo.com/service/common.php?v=0.1&m=auction&f=getComments&id=NaN
104.16.4.91200 OK 0 B URL HTTP/2 sedo.com/service/common.php?v=0.1&m=auction&f=getComments&id=NaN
IP 104.16.4.91:0
GET /service/common.php?v=0.1&m=auction&f=getComments&id=NaN HTTP/1.1
Host: sedo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://sedo.com/search/details/?partnerid=324561&language=no&domain=galin.eu&origin=sales_lander_1&utm_medium=Parking&utm_campaign=offerpage
Cookie: campaignId=324561; session=c5d36452abb872ce63bca1ebc68e87f5; __cf_bm=0SexBev8l8EeyQctdr5dB9JOxzZ8rUcBQCwQb575aXo-1664875481-0-AQIpoaFnHoFE6V7NBN/AccGqY9nJ/6oi5MrkEm7ufxG5Pgv2vOkcVX2Q7G+uAByAg0shNyzI+qDUrva+Nc6rRclg0GRU2/pBdhGij4rqfCt3FdrRBRqjjQsL21+B8tXhoMYa6yfFNcCP9IOZFOo1HbL+6dFDS6X0xEXMc2JWXDISioRHE5DG/qAAuhmrq0Ua+j1h26YxiS8YbzonDyx9F8zPBuFy234Gj7PdbL/jBC5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:24:41 GMT
content-type: application/json
vary: Accept-Encoding, Origin
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-ua-compatible: IE=edge
x-content-type-options: nosniff
x-sedo-campaign-id: 324561
x-sedo-request-id: ID-788b76f9dd-f4224-b9a38ed7ad6d22d006e96a388632511a
cache-control: no-store, no-cache, must-revalidate
x-frame-options: sameorigin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754cddaecb7cb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2