ocsp.starfieldtech.com/
192.124.249.41 2.1 kB IP 192.124.249.41:0
Hash 9978ce210ab1c14e7e18d302c9e5639d
6bad461f09182c0a25030cb3208e7c0d2335e841
5db0997b38f28007011d75ccbbede963b6b5dc9b875f6e4a49b001d0900ec57e
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 08 May 2024 17:43:17 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 07 May 2024 21:52:59 GMT
Expires: Wed, 08 May 2024 21:52:59 GMT
ETag: "6bad461f09182c0a25030cb3208e7c0d2335e841"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
the-official-website.net/immediate-flow/
192.124.249.106302 Found 0 B URL User Request GET HTTP/2 the-official-website.net/immediate-flow/
IP 192.124.249.106:443
Certificate IssuerStarfield Technologies, Inc.
Subjectthe-official-website.net
Fingerprint1C:0D:1A:EA:82:17:63:CF:DE:A3:FD:F3:04:4C:B3:6A:93:D8:A4:16
ValidityMon, 06 May 2024 21:48:28 GMT - Tue, 06 May 2025 21:48:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /immediate-flow/ HTTP/1.1
Host: the-official-website.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:43:17 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: https://best-money-deal-daily.com
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type, Api-Key
cache-control: private, proxy-revalidate, s-maxage=0
cf-edge-cache: no-cache
x-redirect-by: WordPress
location: /no/immediate-flow/
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
the-official-website.net/no/immediate-flow/
192.124.249.106302 Found 0 B URL User Request GET HTTP/2 the-official-website.net/no/immediate-flow/
IP 192.124.249.106:443
Certificate IssuerStarfield Technologies, Inc.
Subjectthe-official-website.net
Fingerprint1C:0D:1A:EA:82:17:63:CF:DE:A3:FD:F3:04:4C:B3:6A:93:D8:A4:16
ValidityMon, 06 May 2024 21:48:28 GMT - Tue, 06 May 2025 21:48:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /no/immediate-flow/ HTTP/1.1
Host: the-official-website.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:43:18 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://official-site-offer.com/no/immediate-flow/
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: https://best-money-deal-daily.com
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type, Api-Key
cache-control: private, proxy-revalidate, s-maxage=0
cf-edge-cache: no-cache
x-redirect-by: WordPress
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.41 2.1 kB IP 192.124.249.41:0
Hash 36b9d3bc536793d5361382058c8a60cb
60032667b70e1397f9a09cbc57b78005bb6cdcfb
17d908e7288021cdbe7e4992f1ddecc3b0ae5ef608000c65674de298ffb055f4
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 08 May 2024 17:43:18 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 08 May 2024 01:46:50 GMT
Expires: Thu, 09 May 2024 01:46:50 GMT
ETag: "60032667b70e1397f9a09cbc57b78005bb6cdcfb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
the-official-website.net/
192.124.249.106 0 B URL the-official-website.net/
IP 192.124.249.106:0
Certificate IssuerStarfield Technologies, Inc.
Subjectthe-official-website.net
Fingerprint1C:0D:1A:EA:82:17:63:CF:DE:A3:FD:F3:04:4C:B3:6A:93:D8:A4:16
ValidityMon, 06 May 2024 21:48:28 GMT - Tue, 06 May 2025 21:48:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: the-official-website.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: Sucuri/Cloudproxy
Date: Wed, 08 May 2024 17:43:20 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Sucuri-ID: 19006
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://best-money-deal-daily.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Headers: Content-Type, Api-Key
Cache-Control: private, proxy-revalidate, s-maxage=0
cf-edge-cache: no-cache
X-Redirect-By: WordPress
Location: /no/
X-Sucuri-Cache: MISS
the-official-website.net/no/
192.124.249.106 0 B URL the-official-website.net/no/
IP 192.124.249.106:0
Certificate IssuerStarfield Technologies, Inc.
Subjectthe-official-website.net
Fingerprint1C:0D:1A:EA:82:17:63:CF:DE:A3:FD:F3:04:4C:B3:6A:93:D8:A4:16
ValidityMon, 06 May 2024 21:48:28 GMT - Tue, 06 May 2025 21:48:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /no/ HTTP/1.1
Host: the-official-website.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: Sucuri/Cloudproxy
Date: Wed, 08 May 2024 17:43:20 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Sucuri-ID: 19006
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://best-money-deal-daily.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Headers: Content-Type, Api-Key
Cache-Control: private, proxy-revalidate, s-maxage=0
cf-edge-cache: no-cache
X-Redirect-By: WordPress
Location: https://the-official-website.net/no/
X-Sucuri-Cache: MISS
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css?ver=1.0.0
104.17.24.14200 OK 1.5 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css?ver=1.0.0
IP 104.17.24.14:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (33960)
Hash 1c7783936db99706c52edb52174b0d86
f9dfb9d7cf68cb78a5e1619cfa3e3ef361879db0
d27e980d821ec562661f24cab514474d7be86a742b5e915fa6c7efd21e77aaf9
GET /ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css?ver=1.0.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css; charset=utf-8
content-length: 1482
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ee0cbd8-84a9"
last-modified: Wed, 10 Jun 2020 12:02:32 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 687891
expires: Mon, 28 Apr 2025 17:43:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8hIzlpRbiv%2BQA9LzIKHaoUl2d0l%2FhN15E0kHNrdMsJg%2F6i1J9s0Y008pkTuJr4N9Sum8fPcL5Nbfm2rzzTE0omKHsyAY3KmQ3zQTKN7Kqz5Y1KwhmLvCop5rQQ%2B2aXEuD1vl9Jh6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880b4064fbea0afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
official-site-offer.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3
192.124.249.107200 OK 113 kB URL GET HTTP/2 official-site-offer.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type ASCII text, with very long lines (59701)
Size 113 kB (113381 bytes)
Hash 51a8390b47aa0582cf2d9c96c5addee2
b16a640874025d085c38119a1a02a3460f83f2de
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.3 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 113381
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 03 Apr 2024 01:33:07 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/themes/xtra//assets/css/blocks.css?ver=6.5.3
192.124.249.107200 OK 3.1 kB URL GET HTTP/2 official-site-offer.com/wp-content/themes/xtra//assets/css/blocks.css?ver=6.5.3
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
Hash 7beca815e833695e994e9c1185cb1b35
fe4e560e5e070c47f6ed4983113aabed3c14daa5
c7fe470942bbf136a8e449f7ac17604ae118db79880cdcf1b491d496c9426e16
GET /wp-content/themes/xtra//assets/css/blocks.css?ver=6.5.3 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 3083
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/codevz-plus/admin/assets/css/font-awesome/css/v4-shims.min.css?ver=6.4.2
192.124.249.107200 OK 28 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/codevz-plus/admin/assets/css/font-awesome/css/v4-shims.min.css?ver=6.4.2
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type ASCII text, with very long lines (27374)
Hash 665de85010641f678f0178a9d330a7af
bf1ec2791cd06922f4a1b67480f75209d85e6deb
0e0a27c105caf20bd4cc76fe58f222d856ab8f626447846842dddca8ce7509ef
GET /wp-content/plugins/codevz-plus/admin/assets/css/font-awesome/css/v4-shims.min.css?ver=6.4.2 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 27593
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/codevz-plus/admin/fields/codevz_fields/icons/czicons.css?ver=4.5.5
192.124.249.107200 OK 25 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/codevz-plus/admin/fields/codevz_fields/icons/czicons.css?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
Hash 5969e9a53d7a55227bbd9aee063d6342
30aeb07bf6fbaa9038918a9a2688e5fdb6089ec5
e2a92b1a5d8250727ba0a823c5a0e9271316ce4ead967215be5c7acd87ff2fd8
GET /wp-content/plugins/codevz-plus/admin/fields/codevz_fields/icons/czicons.css?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 25090
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/suprememedia-api/css/test.css?ver=2.9.8
192.124.249.107200 OK 3.1 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/suprememedia-api/css/test.css?ver=2.9.8
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
Hash 7ceef15d3f15274d5a412aa64bc1a535
a1d88bdbae6ba289f276d2fb2e85bd0e75be26cf
2c04b505746384f24916989da5e97487f5ae8dccac596f52f28e2a3dabb1bc13
GET /wp-content/plugins/suprememedia-api/css/test.css?ver=2.9.8 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 3056
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 01 Mar 2024 01:15:47 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/themes/xtra/assets/css/loading.css?ver=4.5.5
192.124.249.107200 OK 8.8 kB URL GET HTTP/2 official-site-offer.com/wp-content/themes/xtra/assets/css/loading.css?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
Hash 0631307eb615aa3911f3445b95ed8b74
98471f42f6e97816d868cf69dbc4d3772cb4e567
4b1fbc01d8fc258ab85e68c3ee86443abd25baefae6ea983b63659a6673db893
GET /wp-content/themes/xtra/assets/css/loading.css?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 8798
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/codevz-plus/assets/css/codevzplus.css?ver=4.5.5
192.124.249.107200 OK 39 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/codevz-plus/assets/css/codevzplus.css?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type ASCII text, with very long lines (901), with CRLF line terminators
Hash 573bba8490190c10758cc7a6a999287c
9e599930386f2ca2e27934d82895f8922361cc0d
58babd05379424a92af6852e636c0d3bbf373121a83450d5b453bb826e4660d1
GET /wp-content/plugins/codevz-plus/assets/css/codevzplus.css?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 38896
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/codevz-plus/assets/css/elementor.css?ver=4.5.5
192.124.249.107200 OK 2.8 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/codevz-plus/assets/css/elementor.css?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type ASCII text, with CRLF line terminators
Hash 522eda620d1711cd58472c32ef801dab
83775451ce12d5c101434c3fa459c28b9e624cfe
c8c2cdeb3456fe5a2c38de4019cba11694af0503700f5d3d6b30b5338e902613
GET /wp-content/plugins/codevz-plus/assets/css/elementor.css?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 2803
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/transposh-translation-filter-for-wordpress/widgets/flags/tpw_flags_css.css?ver=1.0.9.3
192.124.249.107200 OK 4.6 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/transposh-translation-filter-for-wordpress/widgets/flags/tpw_flags_css.css?ver=1.0.9.3
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
Hash 9f5f357167a64adc50e6a036d0befd88
adbf14dce19eb2f3a46c838ac3cc633e86548b7f
ec78c5ae3be17cbc9fa7a87bbc7f6a732de02003fbe3ef5faf5eb3dc24513f21
GET /wp-content/plugins/transposh-translation-filter-for-wordpress/widgets/flags/tpw_flags_css.css?ver=1.0.9.3 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 4609
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:47 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
192.124.249.107200 OK 14 kB URL GET HTTP/2 official-site-offer.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type JavaScript source, ASCII text, with very long lines (13479)
Hash 9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/javascript
content-length: 13577
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:47 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.41 2.1 kB IP 192.124.249.41:0
Hash 9978ce210ab1c14e7e18d302c9e5639d
6bad461f09182c0a25030cb3208e7c0d2335e841
5db0997b38f28007011d75ccbbede963b6b5dc9b875f6e4a49b001d0900ec57e
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 08 May 2024 17:43:20 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 07 May 2024 21:52:59 GMT
Expires: Wed, 08 May 2024 21:52:59 GMT
ETag: "6bad461f09182c0a25030cb3208e7c0d2335e841"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
official-site-offer.com/wp-content/plugins/codevz-plus/admin/assets/css/font-awesome/css/all.min.css?ver=6.4.2
192.124.249.107200 OK 102 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/codevz-plus/admin/assets/css/font-awesome/css/all.min.css?ver=6.4.2
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type ASCII text, with very long lines (52276)
Size 102 kB (102217 bytes)
Hash 750cd196ec482b60a011d1591003a3b0
c3c1acacaefd7354ca74e99e856955e5b015535c
07251d3f38c2b81cad77bce91926fb18ac4fdea706ee1c0f4b72bcafe416ee3b
GET /wp-content/plugins/codevz-plus/admin/assets/css/font-awesome/css/all.min.css?ver=6.4.2 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 102217
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/themes/xtra/assets/css/core.css?ver=4.5.5
192.124.249.107200 OK 95 kB URL GET HTTP/2 official-site-offer.com/wp-content/themes/xtra/assets/css/core.css?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type ASCII text, with very long lines (1975)
Hash 55ba90a27a9454c619e09dabe86d211e
8e6a0f4af3f66f62f5e8a31775799043fc380f51
4cd3d11ab3b43e0389e3d7f212b8c57bcc6f670b23c794deab82c61d165005b5
GET /wp-content/themes/xtra/assets/css/core.css?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 94961
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
192.124.249.107200 OK 88 kB URL GET HTTP/2 official-site-offer.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type JavaScript source, ASCII text, with very long lines (65447)
Hash 826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/javascript
content-length: 87553
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:47 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/codevz-plus/wpbakery/assets/css/title.css?ver=4.5.5
192.124.249.107200 OK 5.0 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/codevz-plus/wpbakery/assets/css/title.css?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type ASCII text, with CRLF line terminators
Hash e52b266e19f4c113b1bcd856a1aaba1a
db65efea050d7545fcd1811f56dc900670ee48b3
543bc70a239eb373f83dedfcc83a473bf3a8df247391318857f4b54c5426dd7a
GET /wp-content/plugins/codevz-plus/wpbakery/assets/css/title.css?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 4986
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/codevz-plus/wpbakery/assets/css/content_box.css?ver=4.5.5
192.124.249.107200 OK 9.9 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/codevz-plus/wpbakery/assets/css/content_box.css?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type ASCII text, with CRLF line terminators
Hash cd0a2a32f70868eb865204e224c6d273
da6ef12735ea2eecdc437025bb2b270a7ae68071
4ab6839087b226b684a13bde68b00b00010cceff8154cd72f1276f0df709285a
GET /wp-content/plugins/codevz-plus/wpbakery/assets/css/content_box.css?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 9917
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/codevz-plus/wpbakery/assets/css/service_box.css?ver=4.5.5
192.124.249.107200 OK 7.8 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/codevz-plus/wpbakery/assets/css/service_box.css?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type ASCII text, with CRLF line terminators
Hash 1627dace5a1f9d43d90b50eebddffb52
52e5c6745b2c0413679bef2fd023d9c950e1cc38
637eecddf5598ae584253feb687e1209057809c0a37ec4bce0676aaf8fe4a59d
GET /wp-content/plugins/codevz-plus/wpbakery/assets/css/service_box.css?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 7761
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/codevz-plus/wpbakery/assets/css/button.css?ver=4.5.5
192.124.249.107200 OK 13 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/codevz-plus/wpbakery/assets/css/button.css?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type ASCII text, with CRLF line terminators
Hash 3b5eb357a7e927f175a2626a6bdda3ba
9e1535c4c7e85279ac087122e0cdc2ab9cb55a84
3be6674e231bba6dc194770dbe6f8095ec005d5baace9d7eef8f00730adb4e3a
GET /wp-content/plugins/codevz-plus/wpbakery/assets/css/button.css?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 13444
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/geoip-detect/js/dist/frontend_full.js?ver=5.3.1
192.124.249.107200 OK 15 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/geoip-detect/js/dist/frontend_full.js?ver=5.3.1
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type JavaScript source, ASCII text, with very long lines (14916)
Hash 5e7f7ff3266816dcc5f6788fa83937cf
8db62c96b2f6b45549e7aadf0fac75252a5b2949
f45cd9b233359f93287b58c02c16915e1af7c540f778a85752997c75b825505b
GET /wp-content/plugins/geoip-detect/js/dist/frontend_full.js?ver=5.3.1 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/javascript
content-length: 14959
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/suprememedia-api/js/ip.js?ver=1.0.3
192.124.249.107200 OK 13 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/suprememedia-api/js/ip.js?ver=1.0.3
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type ASCII text, with CRLF line terminators
Hash f5e8abd22a7e05f397efdbf23b22971e
252faddf19a9c8588f58f26952d784e434eb0fc6
df7e7ccbd80f20c284eb62917ab3ecc052fecb5ae2e65f112dab1eb1b37cc392
GET /wp-content/plugins/suprememedia-api/js/ip.js?ver=1.0.3 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/javascript
content-length: 13248
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 01 Mar 2024 01:15:47 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/themes/xtra/assets/js/codevz-menu.min.js?ver=4.5.5
192.124.249.107200 OK 3.9 kB URL GET HTTP/2 official-site-offer.com/wp-content/themes/xtra/assets/js/codevz-menu.min.js?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type JavaScript source, ASCII text, with very long lines (3833)
Hash 0eb3dac7535b602cc5d2659a1c95e2b8
3a8b45a4992c3ae06fc3ec343235e470cbf94e6b
2ba11c3b234c64786353775595d28f75a5ce348df1685843985cdce133375ccd
GET /wp-content/themes/xtra/assets/js/codevz-menu.min.js?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/javascript
content-length: 3866
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/themes/xtra/assets/js/custom.js?ver=4.5.5
192.124.249.107200 OK 28 kB URL GET HTTP/2 official-site-offer.com/wp-content/themes/xtra/assets/js/custom.js?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type JavaScript source, ASCII text, with very long lines (322)
Hash a69fe1dc93cc1ebcb74e3e5f588d2ad0
4751461c1e86f979b7054d65d65285f853c73afa
1e9ea9e761a9f35e09a59d8d38fc35ad3f8aadfe809a6776fbc69d5c46dfbe2b
GET /wp-content/themes/xtra/assets/js/custom.js?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/javascript
content-length: 28524
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/themes/xtra/assets/js/loading.js?ver=4.5.5
192.124.249.107200 OK 1.7 kB URL GET HTTP/2 official-site-offer.com/wp-content/themes/xtra/assets/js/loading.js?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type JavaScript source, ASCII text, with very long lines (723)
Hash efb5a04481df8a80bb77986a2c98f01c
5d43b813b49d5cae164fc21080bb4d4c0c5c3960
622f05313dbfe308a61adcab900c2366a51cef29eed653bb78c9e941069a8bfb
GET /wp-content/themes/xtra/assets/js/loading.js?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/javascript
content-length: 1735
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/codevz-plus/assets/js/codevzplus.js?ver=4.5.5
192.124.249.107200 OK 53 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/codevz-plus/assets/js/codevzplus.js?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (18822), with CRLF line terminators
Hash c565f5f407283f575d53a01e581b9b23
eaba1ebfca6fffcc7f3b471fa21e1a34cb07a63a
c7eb65874ccdfc6a1630edecdd42ed9d003807bdc613a2a6cb476b094d474f6f
GET /wp-content/plugins/codevz-plus/assets/js/codevzplus.js?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/javascript
content-length: 53048
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/transposh-translation-filter-for-wordpress/js/transposh.js?ver=1.0.9.3
192.124.249.107200 OK 4.1 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/transposh-translation-filter-for-wordpress/js/transposh.js?ver=1.0.9.3
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type JavaScript source, ASCII text, with very long lines (4025)
Hash c9ad2e6103f4798831f4cdbfbb75eeca
8fe354e51c7a78f24562550a2be9c3bf2b20cb70
59886a377c0bc907a00511d016b3663e0ea552c6f9bdd0c2312f03c69a72cf47
GET /wp-content/plugins/transposh-translation-filter-for-wordpress/js/transposh.js?ver=1.0.9.3 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/javascript
content-length: 4063
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:47 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.1
192.124.249.107200 OK 21 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.1
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type JavaScript source, ASCII text, with very long lines (20538)
Hash 772af17d4ecb3e755192414a27196a7d
c284ee43dee986383e7fb178ec469fa4dc0f352e
86835a4ef093c7fc3c6d6f1433b669b286b4fb3074f2f15c2a95825269308323
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.1 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/javascript
content-length: 20757
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/codevz-plus/wpbakery/assets/js/title.js?ver=4.5.5
192.124.249.107200 OK 1.2 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/codevz-plus/wpbakery/assets/js/title.js?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 4ea2256a97f2591ad1483ff4c844d781
cc59201b6722f02dba32a9b9dd4b9cdb4a5b4e0f
7ccd3ac2b3e9256ef32e91ad965fcb391e7442af6a6815381656e5ecf058a49c
GET /wp-content/plugins/codevz-plus/wpbakery/assets/js/title.js?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/javascript
content-length: 1228
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/codevz-plus/wpbakery/assets/js/image.js?ver=4.5.5
192.124.249.107200 OK 579 B URL GET HTTP/2 official-site-offer.com/wp-content/plugins/codevz-plus/wpbakery/assets/js/image.js?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 6621eb7fa9d6bbc5c05c8c5c694150a2
07f2cceba2ea200bb1f35bf9ffc1dd4b2da3e8aa
490205bd0e29007df27f327f3c888514d90b0b87f77d54f6a51f3329f0c8ed04
GET /wp-content/plugins/codevz-plus/wpbakery/assets/js/image.js?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/javascript
content-length: 579
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/codevz-plus/wpbakery/assets/js/content_box.js?ver=4.5.5
192.124.249.107200 OK 750 B URL GET HTTP/2 official-site-offer.com/wp-content/plugins/codevz-plus/wpbakery/assets/js/content_box.js?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type JavaScript source, ASCII text, with CRLF line terminators
Hash f315ce36414ad71ece6ec7028ed893ec
33c585eb117b7a12374643fb11f6d32414a77104
fbcaaced0a28c8278fc41f9f4e7861a323bb0f66ac203dfa5e3d7f6e99a917aa
GET /wp-content/plugins/codevz-plus/wpbakery/assets/js/content_box.js?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/javascript
content-length: 750
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/uploads/2023/10/Skateboarding.gif
192.124.249.107200 OK 45 kB URL GET HTTP/2 official-site-offer.com/wp-content/uploads/2023/10/Skateboarding.gif
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type GIF image data, version 89a, 64 x 64
Hash 5d1e7863ffbca8375d2a3fa707d27e1d
f6bebb10790ded6ff67a88e280215f83a946b0ad
e4c07b0a77a79507c603c7c9d326991e0eedab6bcd002e5f9ada4c3333574aef
GET /wp-content/uploads/2023/10/Skateboarding.gif HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: image/gif
content-length: 44627
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.1
192.124.249.107200 OK 465 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.1
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type ASCII text, with very long lines (65358)
Size 465 kB (464817 bytes)
Hash ed36d7bf7f1c01a280b62f9f70a5ad91
372f771848703d6b6a39b762c740879b216d0f9f
9caf317a3fad7fec391eda2d238ebeb2bf8d1127766a84f41b5464aabd76b79a
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.1 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 464817
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-JKNQJZB64H
142.250.74.168200 OK 102 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-JKNQJZB64H
IP 142.250.74.168:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File type JavaScript source, ASCII text, with very long lines (5955)
Size 102 kB (101622 bytes)
Hash 59d43f656c0792513f8b91ae47a5d4a1
8da25dd8877b0446eb44ae26d55b89471973f645
299a767eb2adb86317186bb07a1c868969d53d2bc31167dab2df2976057f4b09
GET /gtag/js?id=G-JKNQJZB64H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 17:43:21 GMT
expires: Wed, 08 May 2024 17:43:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101622
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/codevz-plus/assets/css/codevzplus-tablet.css?ver=4.5.5
192.124.249.107200 OK 2.8 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/codevz-plus/assets/css/codevzplus-tablet.css?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type ASCII text, with CRLF line terminators
Hash a2650add508a8dddbefbef8c33ee97c4
29761afa42d36021ea9ec4dbbc1056a7e49b3fbc
7ce3db72b648ff55092f28a7904b67017f5e944daef9555fc7e645b151e7e1e2
GET /wp-content/plugins/codevz-plus/assets/css/codevzplus-tablet.css?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 2773
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/codevz-plus/assets/css/codevzplus-mobile.css?ver=4.5.5
192.124.249.107200 OK 206 B URL GET HTTP/2 official-site-offer.com/wp-content/plugins/codevz-plus/assets/css/codevzplus-mobile.css?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type ASCII text, with CRLF line terminators
Hash 5c771be5c6b4ebff8bfd35c17b312095
4c340b1d5a0389348e86c759e2aa74f4fcc700cc
aa913cfd019dd7b793ba38b7cc39f69edd4abc6cbbef2a3c9a3d36d8dce70c93
GET /wp-content/plugins/codevz-plus/assets/css/codevzplus-mobile.css?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 206
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700&ver=6.5.3
142.250.74.106200 OK 2.4 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700&ver=6.5.3
IP 142.250.74.106:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File type gzip compressed data, max compression
Hash a0e02820c7a4d713eef0f5c38f8ad072
c8c550695e8322763be0e543392e433c0f4cef1e
d98105924b2e56640998eba0cdc75aa45e3f2d8129501ab01a3ad0b61c61dac2
GET /css?family=Lato%3A300%2C400%2C700&ver=6.5.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 17:43:21 GMT
date: Wed, 08 May 2024 17:43:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/themes/xtra/assets/css/core-laptop.css?ver=4.5.5
192.124.249.107200 OK 194 B URL GET HTTP/2 official-site-offer.com/wp-content/themes/xtra/assets/css/core-laptop.css?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
Hash 499b15f96a0dc6a0bbe4bfade044c2a6
8b6c3e0065d2d71aeb48a627eb9bf706772e59eb
7c6f68032efbec4f888cbd79d9440faa520b549cf9181d3a5eb9ea21d7f96c6a
GET /wp-content/themes/xtra/assets/css/core-laptop.css?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 194
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/themes/xtra/assets/css/core-mobile.css?ver=4.5.5
192.124.249.107200 OK 2.8 kB URL GET HTTP/2 official-site-offer.com/wp-content/themes/xtra/assets/css/core-mobile.css?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
Hash 413d20f4cbe248dcfcca06e8dab9941a
b98e3eb7f7b6f6cd03f8f4d5fc9f2322b1c27208
f32856c7aa146a6fa206ae0976106b538b89a39a3357e100d0dbe78c54a6ed66
GET /wp-content/themes/xtra/assets/css/core-mobile.css?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 2763
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/uploads/2023/10/Main-Picture-2a.jpg?id=13
192.124.249.107200 OK 202 kB URL GET HTTP/2 official-site-offer.com/wp-content/uploads/2023/10/Main-Picture-2a.jpg?id=13
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1586x813, components 3
Size 202 kB (201912 bytes)
Hash 9c3e2edfee1eaf958d18d64fbcf34a17
c66104bc674a690750a48a2867c0a53267571866
45891ae8c6fa63df53eec51718294a19341db7ca6a0cb9b0ebccd0dd69ab99c2
GET /wp-content/uploads/2023/10/Main-Picture-2a.jpg?id=13 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: image/jpeg
content-length: 201912
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://official-site-offer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 01:55:21 GMT
expires: Sat, 03 May 2025 01:55:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 488880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://official-site-offer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 13:49:40 GMT
expires: Fri, 02 May 2025 13:49:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 532421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ipinfo.io/json
34.117.186.192200 OK 280 B IP 34.117.186.192:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerLet's Encrypt
Subjectipinfo.io
FingerprintC3:D1:C0:FE:0C:C8:E1:18:4F:C8:22:D0:9C:FF:D9:F4:EF:72:CD:6B
ValidityFri, 19 Apr 2024 20:17:23 GMT - Thu, 18 Jul 2024 20:17:22 GMT
Hash adf22d9a8ca3a97a9ff78909b8702358
f5046826566a7e98d6b5e5c7b0a65677c3bde708
756edd1454b049c1370e83c864bc93dfdd82f44d8f9752b3068e5a11867a5de3
GET /json HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://official-site-offer.com/
Origin: https://official-site-offer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Wed, 08 May 2024 17:43:21 GMT
content-type: application/json; charset=utf-8
content-length: 280
access-control-allow-origin: *
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
the-official-website.net/no/
192.124.249.106 0 B URL the-official-website.net/no/
IP 192.124.249.106:0
Certificate IssuerStarfield Technologies, Inc.
Subjectthe-official-website.net
Fingerprint1C:0D:1A:EA:82:17:63:CF:DE:A3:FD:F3:04:4C:B3:6A:93:D8:A4:16
ValidityMon, 06 May 2024 21:48:28 GMT - Tue, 06 May 2025 21:48:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /no/ HTTP/1.1
Host: the-official-website.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://official-site-offer.com/no/
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: https://best-money-deal-daily.com
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type, Api-Key
cache-control: private, proxy-revalidate, s-maxage=0
cf-edge-cache: no-cache
x-redirect-by: WordPress
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.41 2.1 kB IP 192.124.249.41:0
Hash 36b9d3bc536793d5361382058c8a60cb
60032667b70e1397f9a09cbc57b78005bb6cdcfb
17d908e7288021cdbe7e4992f1ddecc3b0ae5ef608000c65674de298ffb055f4
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 08 May 2024 17:43:21 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 08 May 2024 01:46:50 GMT
Expires: Thu, 09 May 2024 01:46:50 GMT
ETag: "60032667b70e1397f9a09cbc57b78005bb6cdcfb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/flags/4x3/no.svg
104.17.24.14200 OK 179 B URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/flags/4x3/no.svg
IP 104.17.24.14:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 0b41df77e951a30bbfccfd0a3714a1a3
8c71f507dc4e81a37418fa4c5173181ffcace814
c59f156ddd70507f05267dc35e2e4f3e44467b9ef414995abb91589dc486dd6a
GET /ajax/libs/flag-icon-css/3.5.0/flags/4x3/no.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css?ver=1.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:43:22 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 179
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ee0cbd8-141"
last-modified: Wed, 10 Jun 2020 12:02:32 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 692080
expires: Mon, 28 Apr 2025 17:43:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IAopFXnmKG8B0p9UqsBY4oeT08ZehrGRO4xDu8Jqe3375dd85jSKqycPmRz%2BVeGjpv0Kf1t7W9C7HVU061vJHbqGNq6g1DLNTM%2F8zJaUeEacnJZIkZe7RlCaO%2F0xFv8bQZ%2B8fbYw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880b406b8a86569a-OSL
alt-svc: h3=":443"; ma=86400
official-site-offer.com/wp-content/uploads/2023/10/00000.png
192.124.249.107200 OK 7.0 kB URL GET HTTP/2 official-site-offer.com/wp-content/uploads/2023/10/00000.png
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced
Hash 261f54e72d150090d88429a24207135b
9770be7531e06a87c36fd58ede5d0838789083ec
bc722babc107351d0f4d6f7f0cee5ed130be1e3c2325d5480b03a1ec334c52d1
GET /wp-content/uploads/2023/10/00000.png HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Cookie: sticky_lb_sess_id=juzp6fmamu; _ga_JKNQJZB64H=GS1.1.1715190201.1.0.1715190201.0.0.0; _ga=GA1.1.1426535336.1715190202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:22 GMT
content-type: image/png
content-length: 6984
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/uploads/2023/10/Main-Picture-2b.jpg
192.124.249.107200 OK 127 kB URL GET HTTP/2 official-site-offer.com/wp-content/uploads/2023/10/Main-Picture-2b.jpg
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 682x501, components 3
Size 127 kB (126956 bytes)
Hash 3d3124dbaa81dc332839b1a1db974108
dbea782597fc002d660f04fec0d63b6764f12431
2763de4b12b2ea6847cf3f70e7125184816cfe5fafee5c31477ffd9c7bf07bb8
GET /wp-content/uploads/2023/10/Main-Picture-2b.jpg HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Cookie: sticky_lb_sess_id=juzp6fmamu; _ga_JKNQJZB64H=GS1.1.1715190201.1.0.1715190201.0.0.0; _ga=GA1.1.1426535336.1715190202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:22 GMT
content-type: image/jpeg
content-length: 126956
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/suprememedia-api/img/fa-eye.png
192.124.249.107200 OK 17 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/suprememedia-api/img/fa-eye.png
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type PNG image data, 768 x 683, 8-bit gray+alpha, non-interlaced
Hash ba0f30fe460f22a410086bae9059fde7
95752fd3515a54c6508b92ed2e45cb98f93f0d97
1e3bbf9fd349638e92fd39a57700fd1b82e3d37910cbcf426eff62398d70fb8f
GET /wp-content/plugins/suprememedia-api/img/fa-eye.png HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Cookie: sticky_lb_sess_id=juzp6fmamu; _ga_JKNQJZB64H=GS1.1.1715190201.1.0.1715190201.0.0.0; _ga=GA1.1.1426535336.1715190202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:22 GMT
content-type: image/png
content-length: 16839
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 01 Mar 2024 01:15:47 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/plugins/suprememedia-api/img/fa-eye-slash.png
192.124.249.107200 OK 20 kB URL GET HTTP/2 official-site-offer.com/wp-content/plugins/suprememedia-api/img/fa-eye-slash.png
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type PNG image data, 768 x 683, 8-bit gray+alpha, non-interlaced
Hash 0dbecf2615221b75b2fdf259c7068985
36e23efdb514f4c0bb7eb260a8a47b4ed3042ddf
1861e9cab60a95813dff8c816adb3ac6151c422378da448e3967929e82eeaeeb
GET /wp-content/plugins/suprememedia-api/img/fa-eye-slash.png HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Cookie: sticky_lb_sess_id=juzp6fmamu; _ga_JKNQJZB64H=GS1.1.1715190201.1.0.1715190201.0.0.0; _ga=GA1.1.1426535336.1715190202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:22 GMT
content-type: image/png
content-length: 19904
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 01 Mar 2024 01:15:47 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/uploads/2023/10/trade1.png
192.124.249.107200 OK 5.2 kB URL GET HTTP/2 official-site-offer.com/wp-content/uploads/2023/10/trade1.png
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type PNG image data, 171 x 157, 8-bit colormap, non-interlaced
Hash 3d1d577b91d87f5b4306a4ef279f2a5f
4856e059d1dddb4f9391924287336f898fecb43a
e7afdb56ddfd118653b1796778e34f844a3a5339c5a2f7c8f43b42968b8696f2
GET /wp-content/uploads/2023/10/trade1.png HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Cookie: sticky_lb_sess_id=juzp6fmamu; _ga_JKNQJZB64H=GS1.1.1715190201.1.0.1715190201.0.0.0; _ga=GA1.1.1426535336.1715190202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:22 GMT
content-type: image/png
content-length: 5176
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/uploads/2023/10/trade2.png
192.124.249.107200 OK 7.9 kB URL GET HTTP/2 official-site-offer.com/wp-content/uploads/2023/10/trade2.png
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type PNG image data, 203 x 159, 8-bit colormap, non-interlaced
Hash aeee4f3968f1dbc01f5315e34d474543
634ca02f05f71c27d71dbb0aa7c6b07fb881fc7f
10e34fd3c631e8746b049b6faa8d0861ded7348d2926886e826a5f85cd4bffdf
GET /wp-content/uploads/2023/10/trade2.png HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Cookie: sticky_lb_sess_id=juzp6fmamu; _ga_JKNQJZB64H=GS1.1.1715190201.1.0.1715190201.0.0.0; _ga=GA1.1.1426535336.1715190202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:22 GMT
content-type: image/png
content-length: 7876
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/uploads/2023/10/trade3.png
192.124.249.107200 OK 5.2 kB URL GET HTTP/2 official-site-offer.com/wp-content/uploads/2023/10/trade3.png
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type PNG image data, 148 x 159, 8-bit colormap, non-interlaced
Hash 478aeb5ac97b118e0c80d2ae57a38bff
fa314ff7b539a0d0bad2df4da4d28e4891ffb46b
60e653b60cd8dbc329e5a7f08b3d11aa035e4a354c3e06465712be14b9214be5
GET /wp-content/uploads/2023/10/trade3.png HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Cookie: sticky_lb_sess_id=juzp6fmamu; _ga_JKNQJZB64H=GS1.1.1715190201.1.0.1715190201.0.0.0; _ga=GA1.1.1426535336.1715190202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:22 GMT
content-type: image/png
content-length: 5178
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-js.xyz/code?code=1d9fe6c3629acd260c8fac2552119639
172.67.147.57200 OK 138 kB URL GET HTTP/2 cdn-js.xyz/code?code=1d9fe6c3629acd260c8fac2552119639
IP 172.67.147.57:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-js.xyz
FingerprintEB:A8:E8:AC:07:AC:77:DC:16:0E:26:64:2B:CA:75:3C:C5:C9:C8:8F
ValidityThu, 25 Apr 2024 22:48:52 GMT - Wed, 24 Jul 2024 22:48:51 GMT
File type ASCII text, with very long lines (44352), with CRLF line terminators
Size 138 kB (137977 bytes)
Hash 5d3bbed58e9b0749ead6f26b19bc9c27
43c5f0632609db5a4d08175f3f6d7c959bed70e4
7532570a36c47e415928c6c9add08f57a6667370b6610f83279d165594a103de
GET /code?code=1d9fe6c3629acd260c8fac2552119639 HTTP/1.1
Host: cdn-js.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/javascript;charset=UTF-8
p3p: CP="CAO PSA OUR"
expires: Tue, 03 Jul 2001 06:00:00 GMT
pragma: no-cache
cache-control: max-age=3600, s-max-age=84600
set-cookie: PHPSESSID=7a83l3923sd9ojv1mbhh0oahp1; path=/; secure; SameSite=None
last-modified: Wed, 08 May 2024 17:43:21 GMT
vary: Accept-Encoding,User-Agent
access-control-allow-origin: *
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dA31sSUz%2Bvmohza4dF2hJM8Gm1jdyGVKzuSECI0cIXkhGdBynNfh2Wv2k3DBWEyqYiM1zSmuLJhm4j7kc4bOd02fvxWXH64LCTcdaubSouG3u16cGJy0tbSx34TX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880b40682bbd569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
official-site-offer.com/wp-admin/admin-ajax.php?action=geoip_detect2_get_info_from_current_ip
192.124.249.107200 OK 22 kB URL GET HTTP/2 official-site-offer.com/wp-admin/admin-ajax.php?action=geoip_detect2_get_info_from_current_ip
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
Hash f81990f05024f385565df3a000c5fa23
6b617db43d1246d09b856203d4eb99c9eaedba9f
8482d8430fbd3e929c0e6de48b787d0187e85eca27f669f7ded132b41581f7ee
GET /wp-admin/admin-ajax.php?action=geoip_detect2_get_info_from_current_ip HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Cookie: sticky_lb_sess_id=juzp6fmamu
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:22 GMT
content-type: application/json; charset=UTF-8
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests;
x-robots-tag: noindex
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN, SAMEORIGIN
pragma: no-cache
cf-edge-cache: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2
edgecdn.dev/gtr?sid=124846&ui=juzp6fmamu&aid=100770&u=https%3A//official-site-offer.com/no/immediate-flow/&et=1&ti=Official%20Site%20%C2%BB%20Immediate%20Flow&touchpoints=0&sh=1024&sw=1280&sc=24&wsh=1024&wsw=1280&p=&l=en-US&c=Linux%20x86_64&w3=0ðe=0&cbas=0&phan=0&klay=0&glow=0&sola=0&bina=0&eqlw=0&tonp=0&mbox=0&trus=0&toke=0&meta=0&oper=0&coin=0&terr=0&xdef=0&math=0&tron=0&co98=0&clov=0&t=0&ja=1&fv=&MySearch=&uniqueid=&integrity=&ipname=&gdpr=2&Tag=&label=&iTag=&iPage=&utm_source=&src=&jv=0&ca=1&uidn=&hitc=&rev=&goal=&timing=0&dm=official-site-offer.com&v=0.15064226565452743
104.21.36.120200 OK 1.7 kB URL GET HTTP/3 edgecdn.dev/gtr?sid=124846&ui=juzp6fmamu&aid=100770&u=https%3A//official-site-offer.com/no/immediate-flow/&et=1&ti=Official%20Site%20%C2%BB%20Immediate%20Flow&touchpoints=0&sh=1024&sw=1280&sc=24&wsh=1024&wsw=1280&p=&l=en-US&c=Linux%20x86_64&w3=0ðe=0&cbas=0&phan=0&klay=0&glow=0&sola=0&bina=0&eqlw=0&tonp=0&mbox=0&trus=0&toke=0&meta=0&oper=0&coin=0&terr=0&xdef=0&math=0&tron=0&co98=0&clov=0&t=0&ja=1&fv=&MySearch=&uniqueid=&integrity=&ipname=&gdpr=2&Tag=&label=&iTag=&iPage=&utm_source=&src=&jv=0&ca=1&uidn=&hitc=&rev=&goal=&timing=0&dm=official-site-offer.com&v=0.15064226565452743
IP 104.21.36.120:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerGoogle Trust Services LLC
Subjectedgecdn.dev
FingerprintBF:34:D4:80:03:82:DE:EA:39:26:20:62:51:DB:8E:8D:83:2F:96:0D
ValidityWed, 01 May 2024 20:20:20 GMT - Tue, 30 Jul 2024 20:20:19 GMT
File type GIF image data, version 89a, 1 x 1
Hash 020acc5f8f61e0ef7cf9e6c34a8b8699
6d2c9d78dc1e3999fd53b561db9c0e58169ffa5a
4ab8d5d865b44f6ff48adb6a1e0224e4b5c65226788bceadaaa94232d6a46f64
GET /gtr?sid=124846&ui=juzp6fmamu&aid=100770&u=https%3A//official-site-offer.com/no/immediate-flow/&et=1&ti=Official%20Site%20%C2%BB%20Immediate%20Flow&touchpoints=0&sh=1024&sw=1280&sc=24&wsh=1024&wsw=1280&p=&l=en-US&c=Linux%20x86_64&w3=0ðe=0&cbas=0&phan=0&klay=0&glow=0&sola=0&bina=0&eqlw=0&tonp=0&mbox=0&trus=0&toke=0&meta=0&oper=0&coin=0&terr=0&xdef=0&math=0&tron=0&co98=0&clov=0&t=0&ja=1&fv=&MySearch=&uniqueid=&integrity=&ipname=&gdpr=2&Tag=&label=&iTag=&iPage=&utm_source=&src=&jv=0&ca=1&uidn=&hitc=&rev=&goal=&timing=0&dm=official-site-offer.com&v=0.15064226565452743 HTTP/1.1
Host: edgecdn.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/
Cookie: PHPSESSID=omu1ba5ksurv24sb9cmsqmf90o
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:43:22 GMT
content-type: image/gif
expires: Tue, 03 Jul 2001 06:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="CAO PSA OUR"
last-modified: Wed, 08 May 2024 17:43:21 GMT
access-control-allow-origin: *
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oqkee7k%2F91%2FFhM4lyzwOowNl93uaMx%2BC9irANl8iqpSCCshoXIXhcW7Oqr%2FjYUb8klqGrgGa5Uxo2SPParBe8V8lz%2B%2BRavfndvLgPIpJRqqTxXDSN0Du5n5NA5Fv6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880b40692bdd56c0-OSL
alt-svc: h3=":443"; ma=86400
official-site-offer.com/wp-admin/admin-ajax.php
192.124.249.107200 OK 0 B URL POST HTTP/2 official-site-offer.com/wp-admin/admin-ajax.php
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 154
Origin: https://official-site-offer.com
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Cookie: sticky_lb_sess_id=juzp6fmamu; _ga_JKNQJZB64H=GS1.1.1715190201.1.0.1715190201.0.0.0; _ga=GA1.1.1426535336.1715190202
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:23 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests;
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff, nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN, SAMEORIGIN
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With
access-control-max-age: 86400
transposh: v-1.0.9.3 db_version-1.06
X-Firefox-Spdy: h2
official-site-offer.com/no/immediate-flow/
192.124.249.107200 OK 106 kB URL User Request GET HTTP/2 official-site-offer.com/no/immediate-flow/
IP 192.124.249.107:443
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
Size 106 kB (105725 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /no/immediate-flow/ HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:20 GMT
content-type: text/html; charset=UTF-8
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,Cookie
cache-control: private, proxy-revalidate, s-maxage=0
cf-edge-cache: no-cache
link: <https://official-site-offer.com/wp-json/>; rel="https://api.w.org/", <https://official-site-offer.com/wp-json/wp/v2/pages/1730>; rel="alternate"; type="application/json", <https://official-site-offer.com/?p=1730>; rel=shortlink
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/themes/xtra/assets/css/core-tablet.css?ver=4.5.5
192.124.249.107200 OK 2.0 kB URL GET HTTP/2 official-site-offer.com/wp-content/themes/xtra/assets/css/core-tablet.css?ver=4.5.5
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type ASCII text, with very long lines (2101), with no line terminators
Hash 80e8d18641dfaf7a83f2840ff23ea0d0
5bd5b3165309de8ed4983320587fe0fed88ef2d9
c325a35778711271990abdd1506a824296c842386c77941a80fb24fbf0017f71
GET /wp-content/themes/xtra/assets/css/core-tablet.css?ver=4.5.5 HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/css
content-length: 1966
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-admin/admin-ajax.php?action=tp_tp&e=g&tl=no&q%5B%5D=ASSISTANCE%20%26%20AUTONOMY&q%5B%5D=SAFETY%20%26%20SECURITY
192.124.249.107200 OK 69 B URL GET HTTP/2 official-site-offer.com/wp-admin/admin-ajax.php?action=tp_tp&e=g&tl=no&q%5B%5D=ASSISTANCE%20%26%20AUTONOMY&q%5B%5D=SAFETY%20%26%20SECURITY
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 754194dbe53569a596c61e0ad004c5cd
55cb427fd70c2a6e2d033cff3975fc0369501acb
8b072249bf6271a834906db36550eb01975477e5527e63ffaa758741ae691743
GET /wp-admin/admin-ajax.php?action=tp_tp&e=g&tl=no&q%5B%5D=ASSISTANCE%20%26%20AUTONOMY&q%5B%5D=SAFETY%20%26%20SECURITY HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Cookie: sticky_lb_sess_id=juzp6fmamu; _ga_JKNQJZB64H=GS1.1.1715190201.1.0.1715190201.0.0.0; _ga=GA1.1.1426535336.1715190202
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:22 GMT
content-type: text/html; charset=UTF-8
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests;
x-robots-tag: noindex
x-content-type-options: nosniff, nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN, SAMEORIGIN
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With
access-control-max-age: 86400
transposh: v-1.0.9.3 db_version-1.06
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2
edgecdn.dev/code?code=ee23dbd7bc0bb95c09b794d211e43e95
104.21.36.120200 OK 45 kB URL GET HTTP/2 edgecdn.dev/code?code=ee23dbd7bc0bb95c09b794d211e43e95
IP 104.21.36.120:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerGoogle Trust Services LLC
Subjectedgecdn.dev
FingerprintBF:34:D4:80:03:82:DE:EA:39:26:20:62:51:DB:8E:8D:83:2F:96:0D
ValidityWed, 01 May 2024 20:20:20 GMT - Tue, 30 Jul 2024 20:20:19 GMT
File type ASCII text, with very long lines (44352), with CRLF line terminators
Hash 15c7eaf2833e769ec2f1265fd1df9683
d650c02941872760c13251a0a104cf98a2d041be
4f81713dcbb6c37c3e059acd4e351cd0881538c0e50b8aa17085c90e0e490067
GET /code?code=ee23dbd7bc0bb95c09b794d211e43e95 HTTP/1.1
Host: edgecdn.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 17:43:21 GMT
content-type: text/javascript;charset=UTF-8
p3p: CP="CAO PSA OUR"
expires: Tue, 03 Jul 2001 06:00:00 GMT
pragma: no-cache
cache-control: max-age=3600, s-max-age=84600
set-cookie: PHPSESSID=omu1ba5ksurv24sb9cmsqmf90o; path=/; secure; SameSite=None
last-modified: Wed, 08 May 2024 17:43:21 GMT
vary: Accept-Encoding,User-Agent
access-control-allow-origin: *
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rd5ZIK%2FDeW9OZThM8xHNF5KlrpJTpvB1rAAa3r3Zoxb8F%2BtPLGr9wIhgUhDJ3RciRbdD%2Fcgdy4VqyCEmEMmEdW%2FmeK97kvZZTqUtbVqoKu5qfFfj0iOHCbL21yoREw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880b4067fcffb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/uploads/2023/10/cropped-00000-192x192.png
192.124.249.107200 OK 20 kB URL GET HTTP/2 official-site-offer.com/wp-content/uploads/2023/10/cropped-00000-192x192.png
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Hash 752bb9277a8419647b58181310069811
b0a4dba2e84f78506f444612bcea88b33ef66f17
fe9c4941820b1ecb83d167efea49ee7ce9484d20cac1a09867685cfea458b051
GET /wp-content/uploads/2023/10/cropped-00000-192x192.png HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Cookie: sticky_lb_sess_id=juzp6fmamu; _ga_JKNQJZB64H=GS1.1.1715190201.1.0.1715190201.0.0.0; _ga=GA1.1.1426535336.1715190202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:22 GMT
content-type: image/png
content-length: 20428
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
official-site-offer.com/wp-content/uploads/2023/10/cropped-00000-32x32.png
192.124.249.107200 OK 1.7 kB URL GET HTTP/2 official-site-offer.com/wp-content/uploads/2023/10/cropped-00000-32x32.png
IP 192.124.249.107:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerStarfield Technologies, Inc.
Subjectofficial-site-offer.com
Fingerprint36:72:51:35:0C:0E:92:89:5F:D2:50:A6:7D:CE:CB:F4:B0:87:6E:54
ValidityTue, 07 May 2024 01:44:31 GMT - Wed, 07 May 2025 01:44:31 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Hash 38bd0e3213e06e7e33d6008f864e4f84
cfe2c26a5510b6bf489dc4da26c355c2ad30cc7a
793fed556d59fdc13dc794f6346b7884c2dc2a2f77eaecd1b8002d0617ff6d99
GET /wp-content/uploads/2023/10/cropped-00000-32x32.png HTTP/1.1
Host: official-site-offer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/no/immediate-flow/
Cookie: sticky_lb_sess_id=juzp6fmamu; _ga_JKNQJZB64H=GS1.1.1715190201.1.0.1715190201.0.0.0; _ga=GA1.1.1426535336.1715190202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:43:22 GMT
content-type: image/png
content-length: 1695
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 28 Feb 2024 21:02:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
edgecdn.dev/png?idle=0&aid=100770&sid=124071&temp_uid=juzp6fmamu&lang=auto&bat=&aplg=not%20found
104.21.36.120200 OK 19 B URL GET HTTP/3 edgecdn.dev/png?idle=0&aid=100770&sid=124071&temp_uid=juzp6fmamu&lang=auto&bat=&aplg=not%20found
IP 104.21.36.120:443
Requested by https://official-site-offer.com/no/immediate-flow/
Certificate IssuerGoogle Trust Services LLC
Subjectedgecdn.dev
FingerprintBF:34:D4:80:03:82:DE:EA:39:26:20:62:51:DB:8E:8D:83:2F:96:0D
ValidityWed, 01 May 2024 20:20:20 GMT - Tue, 30 Jul 2024 20:20:19 GMT
File type ASCII text, with no line terminators
Hash 8d504e3e423d79c23ee3a614206f47ea
d672cfe3145ce69b15c1df5393605ab80215af7b
35bf1f63fb0039a6f6b3e6890ded2bf9df49f8088d91bc986018f7bbc9728619
GET /png?idle=0&aid=100770&sid=124071&temp_uid=juzp6fmamu&lang=auto&bat=&aplg=not%20found HTTP/1.1
Host: edgecdn.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://official-site-offer.com/
Cookie: PHPSESSID=omu1ba5ksurv24sb9cmsqmf90o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 17:43:22 GMT
content-type: text/javascript;charset=UTF-8
expires: Tue, 03 Jul 2001 06:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="CAO PSA OUR"
last-modified: Wed, 08 May 2024 17:43:22 GMT
vary: Accept-Encoding,User-Agent
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGN9cVTaHC42N7XAorHKrWM4KMrxopX1U%2BxtKJvvKw8W0F3uJ82r3LN20vhYcvIdWm%2Fht4sbu1wwkMhuiagVS48gVGg0Rwxd4Lvkcmnn5st4JnRTLI4aJXqNEUkCjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880b406f5fb256c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400