t1.blowingwnd.com/l.php?p=c:wdbc86tklu8_nj_eu&d=6242c1a7778856102e1ae4d4&pid=14543&s=SeGvOqg4VqU9Vq566J8
51.161.115.163302 Found 0 B URL HTTP/1.1 t1.blowingwnd.com/l.php?p=c:wdbc86tklu8_nj_eu&d=6242c1a7778856102e1ae4d4&pid=14543&s=SeGvOqg4VqU9Vq566J8
IP 51.161.115.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l.php?p=c:wdbc86tklu8_nj_eu&d=6242c1a7778856102e1ae4d4&pid=14543&s=SeGvOqg4VqU9Vq566J8 HTTP/1.1
Host: t1.blowingwnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Dec 2022 13:29:13 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 1217p3t0dz
Raund: 17t
Location: https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_SeGvOqg4VqU9Vq566J8
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5334
Expires: Wed, 07 Dec 2022 14:58:08 GMT
Date: Wed, 07 Dec 2022 13:29:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aaee4cb7873d6f1effbadf269482e100
bd55730ac8414fb6861b03c2a97319b4063e2cb9
d724fd9c5704fb8948d575357cad0032e89cf275d57ddb86f013fa97e033487c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4034
Cache-Control: max-age=166155
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:14 GMT
Etag: "63906b73-1d7"
Expires: Fri, 09 Dec 2022 11:38:29 GMT
Last-Modified: Wed, 07 Dec 2022 10:31:15 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16567
Expires: Wed, 07 Dec 2022 18:05:21 GMT
Date: Wed, 07 Dec 2022 13:29:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZAnQP6GlVMV0YxBfd2P6y2+AKsmLe0kMiM6IpZjy2WMrwZwLnApAAzqz4yBL4H939HNMFj0u9Ac=
x-amz-request-id: NN7Z4FR5MPKQJ5H1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 12:49:22 GMT
age: 2392
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 13:29:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c1894d9394008d6af751f37d478c1488
997a45b84a1465c1bd18e1625e3046fce660d12a
61c41b073675bc5e83513c9d6883664703bf54a5113aace1c9d1f14589123316
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61C41B073675BC5E83513C9D6883664703BF54A5113AACE1C9D1F14589123316"
Last-Modified: Wed, 07 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11627
Expires: Wed, 07 Dec 2022 16:43:01 GMT
Date: Wed, 07 Dec 2022 13:29:14 GMT
Connection: keep-alive
ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_SeGvOqg4VqU9Vq566J8
51.83.143.92200 OK 508 B URL HTTP/1.1 ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_SeGvOqg4VqU9Vq566J8
IP 51.83.143.92:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (553)
Hash cbb0b2ace7db2d7bbb36f74dc983ea44
a7e9235cb38f0fa19eda35b96e3df6c517d22144
9044322dea70ee23bbbb1f09c0ad3665b1a46c66de711c0338dd724030a2a8ac
Analyzer Verdict Alert quad9 Sinkholed
GET /f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_SeGvOqg4VqU9Vq566J8 HTTP/1.1
Host: ron.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:29:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=6390952a347ec93ca410f0f2; expires=Sat, 10-Dec-2022 13:29:14 GMT; Max-Age=259200; path=/; domain=ron.trffclb.com; HttpOnly
Content-Encoding: gzip
ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_SeGvOqg4VqU9Vq566J8&bv=1
51.83.143.92302 Found 0 B URL HTTP/1.1 ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_SeGvOqg4VqU9Vq566J8&bv=1
IP 51.83.143.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_SeGvOqg4VqU9Vq566J8&bv=1 HTTP/1.1
Host: ron.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_SeGvOqg4VqU9Vq566J8
Cookie: bt-603611c5b7eaf46891533240=6390952a347ec93ca410f0f2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Dec 2022 13:29:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=ron.trffclb.com; HttpOnly
Round: 119cdtswvl
Raund: 2si
Location: https://popcash.net/world/go/134600/317194
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ced9fb153931da1ba5d169e7d019d48d
13276de781e57f4082b422bbc7edb3cf792fb07b
bfa312f4a04b77e3e3e488c21a800b4175660007c80bb645badf362e422f9ae4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1893
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:14 GMT
Last-Modified: Wed, 07 Dec 2022 12:57:41 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
ron.trffclb.com/favicon.ico
51.83.143.92200 OK 20 B URL HTTP/1.1 ron.trffclb.com/favicon.ico
IP 51.83.143.92:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: ron.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_SeGvOqg4VqU9Vq566J8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:29:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4018
Cache-Control: max-age=161074
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:14 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:13:48 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
popcash.net/world/go/134600/317194
172.67.194.203301 Moved Permanently 162 B URL HTTP/2 popcash.net/world/go/134600/317194
IP 172.67.194.203:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /world/go/134600/317194 HTTP/1.1
Host: popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ron.trffclb.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 07 Dec 2022 13:29:14 GMT
content-type: text/html
content-length: 162
location: http://ps.popcash.net/go/134600/317194
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6bzvRno30DuspNGqXqBzX8LoSz2td%2FcaokBFSACqlBP1KWe%2F2zK0yazu5%2Fj0kqiMKJExJTUmIWA4VtPjT0XqErStp66UMAu97V%2FfASiGtjibeLl5%2BJfzs0qleNL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775d9be9b90d0b59-OSL
X-Firefox-Spdy: h2
ps.popcash.net/go/134600/317194
54.205.43.136200 OK 269 B URL HTTP/1.1 ps.popcash.net/go/134600/317194
IP 54.205.43.136:0
File type HTML document, ASCII text
Hash 5cd8853832ef75f74e4f8e2f15618380
74287b504bb074c32db5581b5fb75eee5f5fe106
48e2d6be929846e5ef54f45c579faa59bfc4b442bf6cadfdca8f72ef87031b81
GET /go/134600/317194 HTTP/1.1
Host: ps.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 07 Dec 2022 13:29:15 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 269
Connection: keep-alive
push.services.mozilla.com/
35.162.50.16101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.50.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xG5k7VekGMNbKI9ASWiC5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TMtgrXGn7gNmtUklsGX99u7DojA=
ps.popcash.net/ad/ad?p=134600&w=317194&t=7d7b0370dfaf30f4&r=&vw=1280&vh=0
54.205.43.136303 See Other 0 B URL HTTP/1.1 ps.popcash.net/ad/ad?p=134600&w=317194&t=7d7b0370dfaf30f4&r=&vw=1280&vh=0
IP 54.205.43.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ad/ad?p=134600&w=317194&t=7d7b0370dfaf30f4&r=&vw=1280&vh=0 HTTP/1.1
Host: ps.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ps.popcash.net/go/134600/317194
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Date: Wed, 07 Dec 2022 13:29:15 GMT
Location: http://clarus-che.com/zcvisitor/24e8a73b-7633-11ed-8cb8-0ab6c8b9c0f5/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51#pc151445
Server: nginx
Content-Length: 0
Connection: keep-alive
clarus-che.com/zcvisitor/24e8a73b-7633-11ed-8cb8-0ab6c8b9c0f5/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
3.208.247.235302 0 B URL HTTP/1.1 clarus-che.com/zcvisitor/24e8a73b-7633-11ed-8cb8-0ab6c8b9c0f5/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
IP 3.208.247.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zcvisitor/24e8a73b-7633-11ed-8cb8-0ab6c8b9c0f5/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51 HTTP/1.1
Host: clarus-che.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ps.popcash.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Wed, 07 Dec 2022 13:29:15 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://shopde.pricedeals.shop/go.php?market=no&zr24e8a73b763311ed8cb80ab6c8b9c0f595e265344f974d62a024caec587360b8069541c7176a28065f
Server: cUdRlfZa
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1616d09175bdb49119cf3978f315f950
fb327e09778d28d03fe1943ff2eeb103490b3108
34267f91602df4959ff5e75f25b8cff2588b0fcba2acad10f30d57bb8925a4c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34267F91602DF4959FF5E75F25B8CFF2588B0FCBA2ACAD10F30D57BB8925A4C7"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3677
Expires: Wed, 07 Dec 2022 14:30:32 GMT
Date: Wed, 07 Dec 2022 13:29:15 GMT
Connection: keep-alive
shopde.pricedeals.shop/go.php?market=no&zr24e8a73b763311ed8cb80ab6c8b9c0f595e265344f974d62a024caec587360b8069541c7176a28065f
135.181.6.240200 OK 569 B URL HTTP/1.1 shopde.pricedeals.shop/go.php?market=no&zr24e8a73b763311ed8cb80ab6c8b9c0f595e265344f974d62a024caec587360b8069541c7176a28065f
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (449)
Hash ea21a58dbf0c5092b664f4eea60bf8bc
64802c62eae42d0b98e8aba0e6361e45913563f5
5c52ef514a04fae59b6ac49646317629d7b4db98a94f5f52231aed0e059ae76c
GET /go.php?market=no&zr24e8a73b763311ed8cb80ab6c8b9c0f595e265344f974d62a024caec587360b8069541c7176a28065f HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ps.popcash.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 13:29:15 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 569
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
shopde.pricedeals.shop/favicon.ico
135.181.6.240404 Not Found 285 B URL HTTP/1.1 shopde.pricedeals.shop/favicon.ico
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cd85cf7b8f9a014ae145681b1f5e73d
a574403ec64b443a802d0980e3bd368bafebe2d9
cb5d0086c43932c164cc6892b9f762fb4128c182d3dbdbf476036a2783f0023b
GET /favicon.ico HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zr24e8a73b763311ed8cb80ab6c8b9c0f595e265344f974d62a024caec587360b8069541c7176a28065f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 07 Dec 2022 13:29:15 GMT
Server: Apache/2.4.54 (Debian)
Content-Length: 285
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9393
Expires: Wed, 07 Dec 2022 16:05:49 GMT
Date: Wed, 07 Dec 2022 13:29:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9393
Expires: Wed, 07 Dec 2022 16:05:49 GMT
Date: Wed, 07 Dec 2022 13:29:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9393
Expires: Wed, 07 Dec 2022 16:05:49 GMT
Date: Wed, 07 Dec 2022 13:29:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2j9gqNvWYRFM-li9Nj4nLAWe_eKWMSwagPgU3eAtk0pjcJUX4Q8XEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:55:40 GMT
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
age: 56016
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:11:41 GMT
age: 26255
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9257f2e3b9bd1b3aa262b0f4bf57968
4bcdd6ecd63834aa1010faf19457a97f37ae99fa
9afd592279c51b533b3bf72a860cf4a8f2bc6cf01b07d1ab6f11f0ff302e0ef6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7392
x-amzn-requestid: f4b6890a-7a8f-48f8-b2af-365cb5f681e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwREFiXoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-009e524f30c72d0629c877bb;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C0-H0LUbxaxMEXoDf6PXEFAvVTj2D9K2M7eshRo39QzAAWSk2ubepA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 03:27:19 GMT
age: 36117
etag: "4bcdd6ecd63834aa1010faf19457a97f37ae99fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ViuPsZBEVJ-aGOcsfrl3nXu244mzMUMQVhpPeNlO7W3sBrrfuUfXpA==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:32:04 GMT
age: 53832
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8055d0db573ab34924db3b60ed788bb2
a4aae05e7a929fc7f652f56748d2a2da9c44ac45
f6a9555f112882d4ac284c6dc26ae0f02f6ccf8ee312615e01ebec8242bade1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 3d4d7dd0-2be0-46c1-a9c0-aa3cce2e8c81
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSvUHhJIAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c8-63a6960043564aa762caaabe;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XuCC11WgzRMNmSeJIacnkPnv1FU_H6_MHMwXYHDoiuXbAWXT7zjDQw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:28:34 GMT
age: 54042
etag: "a4aae05e7a929fc7f652f56748d2a2da9c44ac45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0f0782df385287698881f1c19e79b96
5a25f245b594f6cbf2fdaeed2463ac5fbc08068a
4f795cd2286e194cd96751e6a4e3bd0da09c6db5344182e51986b65149e75cd7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8579
x-amzn-requestid: 0efa303a-364e-488d-beac-24836c7c1e4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlirE2KoAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb610-5564a0c0264ed36f0497e17e;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xpzGji_JAWkUjhXLouXWlin6rV-44shz6Z_STqo7uK7ZUV2PWs7Zpg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:54:15 GMT
age: 56101
etag: "5a25f245b594f6cbf2fdaeed2463ac5fbc08068a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAzODYwNjA5MTkmLnNpZz1OX1ZWYlpCLmk3VmRwRVcuekxFR19Va19NVmMtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTA4NDYzMjMmY291bnRyeT1ubyZvZmZlcklkPTQ3Mzg0MjkzZmFiNmM1ZjA5MzYxMDEwYzcyMzM4NTljJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT0yOCY
135.181.6.240200 OK 469 B URL HTTP/1.1 shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAzODYwNjA5MTkmLnNpZz1OX1ZWYlpCLmk3VmRwRVcuekxFR19Va19NVmMtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTA4NDYzMjMmY291bnRyeT1ubyZvZmZlcklkPTQ3Mzg0MjkzZmFiNmM1ZjA5MzYxMDEwYzcyMzM4NTljJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT0yOCY
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (362)
Hash 517d665b1f0bfa89a7822b674a1148f8
d468371664d5f2f01b0818d7065d672221f43735
83db1fc38cd81a8324c9864b1dd66e45b6709ce79cc0d49298686b5881e298af
GET /redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAzODYwNjA5MTkmLnNpZz1OX1ZWYlpCLmk3VmRwRVcuekxFR19Va19NVmMtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTA4NDYzMjMmY291bnRyeT1ubyZvZmZlcklkPTQ3Mzg0MjkzZmFiNmM1ZjA5MzYxMDEwYzcyMzM4NTljJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT0yOCY HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zr24e8a73b763311ed8cb80ab6c8b9c0f595e265344f974d62a024caec587360b8069541c7176a28065f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 13:29:16 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 469
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 20f6192e4535e9cd0534fde901f8accf
6925717fe60389306d0f6b75465fd915b7df3c16
73b29633a00c3685251d2fb2741fa364e050320867040502f876187c8fe36b39
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6474
Cache-Control: max-age=107360
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:17 GMT
Etag: "638f7c43-1d7"
Expires: Thu, 08 Dec 2022 19:18:37 GMT
Last-Modified: Tue, 06 Dec 2022 17:30:43 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670386060919&.sig=N_VVbZB.i7VdpEW.zLEG_Uk_MVc-&affiliationId=96979714&comId=10846323&country=no&offerId=47384293fab6c5f09361010c7233859c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=28&
95.211.116.27200 OK 27 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670386060919&.sig=N_VVbZB.i7VdpEW.zLEG_Uk_MVc-&affiliationId=96979714&comId=10846323&country=no&offerId=47384293fab6c5f09361010c7233859c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=28&
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash ecd511719d9741006363743bf26913c7
ae4385109e98c6f113590efb00e226edcc559bb7
e4fe354a08d6ac4b5b4ebaf4a6871283c1bcbd2cc072e7316ff6cd72e6675933
GET /ctl/go/offersearchGo?.ts=1670386060919&.sig=N_VVbZB.i7VdpEW.zLEG_Uk_MVc-&affiliationId=96979714&comId=10846323&country=no&offerId=47384293fab6c5f09361010c7233859c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=28& HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 13:29:17 GMT
leadId: dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1670419757861_2345
clickId: 107698148_1670419757838_38127
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.033166S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 27441
Set-Cookie: datadome=60tV_LxDPpUp3W9NrcMz8N1XSQqArhQc-ic5dG-uOiWJHltQY8kkGF6Ak6fduLyiqc7jFpHgLN7_tjp24WIxXTKM4pCjFuB9pwgRxN4GJhwLjiKwD1MoY2Y-U5C~Jo~P; Max-Age=31536000; Expires=Thu, 07 Dec 2023 13:29:17 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c6294-184ecc6bb0e-31bf; Max-Age=31536000; Expires=Thu, 07 Dec 2023 13:29:17 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=97
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae28a6a3eaab2abe497c6826d655858d172a261df879af2316dc4aaf4c47a693499a21d9f4bf15ee1a705bc3d6273d62fd8139c7955002e0d4f80bdfbbdd80172aab299a4af020791582e7ccf9f9c498d78b45de7c3c78ea48545aeff88a57403aeb4c3b60e283faa5fe8ee5d205330e44d0fa0cd179686af9223578327fb27b24b3c5609447296791114670ce8a8e74ffc279804b44ff04d9a0d944796069d2fcd&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1670419757861_2345&clickId=107698148_1670419757838_38127
95.211.116.27200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae28a6a3eaab2abe497c6826d655858d172a261df879af2316dc4aaf4c47a693499a21d9f4bf15ee1a705bc3d6273d62fd8139c7955002e0d4f80bdfbbdd80172aab299a4af020791582e7ccf9f9c498d78b45de7c3c78ea48545aeff88a57403aeb4c3b60e283faa5fe8ee5d205330e44d0fa0cd179686af9223578327fb27b24b3c5609447296791114670ce8a8e74ffc279804b44ff04d9a0d944796069d2fcd&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1670419757861_2345&clickId=107698148_1670419757838_38127
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae28a6a3eaab2abe497c6826d655858d172a261df879af2316dc4aaf4c47a693499a21d9f4bf15ee1a705bc3d6273d62fd8139c7955002e0d4f80bdfbbdd80172aab299a4af020791582e7ccf9f9c498d78b45de7c3c78ea48545aeff88a57403aeb4c3b60e283faa5fe8ee5d205330e44d0fa0cd179686af9223578327fb27b24b3c5609447296791114670ce8a8e74ffc279804b44ff04d9a0d944796069d2fcd&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1670419757861_2345&clickId=107698148_1670419757838_38127 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670386060919&.sig=N_VVbZB.i7VdpEW.zLEG_Uk_MVc-&affiliationId=96979714&comId=10846323&country=no&offerId=47384293fab6c5f09361010c7233859c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=28&
Connection: keep-alive
Cookie: datadome=60tV_LxDPpUp3W9NrcMz8N1XSQqArhQc-ic5dG-uOiWJHltQY8kkGF6Ak6fduLyiqc7jFpHgLN7_tjp24WIxXTKM4pCjFuB9pwgRxN4GJhwLjiKwD1MoY2Y-U5C~Jo~P; kelkooID=a4c6294-184ecc6bb0e-31bf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 13:29:17 GMT
Request-Time: PT0.001508S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=100
Connection: Keep-Alive
dd.kelkoogroup.net/tags.js
54.230.111.104200 OK 43 kB URL HTTP/2 dd.kelkoogroup.net/tags.js
IP 54.230.111.104:0
File type ASCII text, with very long lines (65432)
Hash 415a2173b7594522994c0d8b20a61e84
25e995f3ba4c22c8f252550532609cecc9e8e80b
49c82e367a121c73a821d132f5e48c06490731203c241c779ae7c58bfab60da5
GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=60tV_LxDPpUp3W9NrcMz8N1XSQqArhQc-ic5dG-uOiWJHltQY8kkGF6Ak6fduLyiqc7jFpHgLN7_tjp24WIxXTKM4pCjFuB9pwgRxN4GJhwLjiKwD1MoY2Y-U5C~Jo~P; kelkooID=a4c6294-184ecc6bb0e-31bf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 42664
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 07 Dec 2022 10:03:12 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront), 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
date: Wed, 07 Dec 2022 13:03:19 GMT
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 13:03:20 GMT
etag: "32de8-5ef3a07422ee0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: s7Sz-6VlKguvMpQffo52B8BCf-n5pQ7DbbXjutmOSxnZlG7xWwsinQ==
age: 1558
X-Firefox-Spdy: h2
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae28a6a3eaab2abe497c6826d655858d172a261df879af2316dc4aaf4c47a693499a21d9f4bf15ee1a705bc3d6273d62fd8139c7955002e0d4f80bdfbbdd80172aab299a4af020791582e7ccf9f9c498d78b45de7c3c78ea48545aeff88a57403aeb4c3b60e283faa5fe8ee5d205330e44d0fa0cd179686af9223578327fb27b24b3c5609447296791114670ce8a8e74ffc279804b44ff04d9a0d944796069d2fcd&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1670419757861_2345&clickId=107698148_1670419757838_38127
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae28a6a3eaab2abe497c6826d655858d172a261df879af2316dc4aaf4c47a693499a21d9f4bf15ee1a705bc3d6273d62fd8139c7955002e0d4f80bdfbbdd80172aab299a4af020791582e7ccf9f9c498d78b45de7c3c78ea48545aeff88a57403aeb4c3b60e283faa5fe8ee5d205330e44d0fa0cd179686af9223578327fb27b24b3c5609447296791114670ce8a8e74ffc279804b44ff04d9a0d944796069d2fcd&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1670419757861_2345&clickId=107698148_1670419757838_38127
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae28a6a3eaab2abe497c6826d655858d172a261df879af2316dc4aaf4c47a693499a21d9f4bf15ee1a705bc3d6273d62fd8139c7955002e0d4f80bdfbbdd80172aab299a4af020791582e7ccf9f9c498d78b45de7c3c78ea48545aeff88a57403aeb4c3b60e283faa5fe8ee5d205330e44d0fa0cd179686af9223578327fb27b24b3c5609447296791114670ce8a8e74ffc279804b44ff04d9a0d944796069d2fcd&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1670419757861_2345&clickId=107698148_1670419757838_38127 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670386060919&.sig=N_VVbZB.i7VdpEW.zLEG_Uk_MVc-&affiliationId=96979714&comId=10846323&country=no&offerId=47384293fab6c5f09361010c7233859c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=28&
Content-Type: text/plain;charset=utf-8
Content-Length: 544
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=60tV_LxDPpUp3W9NrcMz8N1XSQqArhQc-ic5dG-uOiWJHltQY8kkGF6Ak6fduLyiqc7jFpHgLN7_tjp24WIxXTKM4pCjFuB9pwgRxN4GJhwLjiKwD1MoY2Y-U5C~Jo~P; kelkooID=a4c6294-184ecc6bb0e-31bf; _ga=GA1.2.1529606039.1670419757; _gid=GA1.2.1266458408.1670419757
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 13:29:17 GMT
Request-Time: PT0.003356S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=99
Connection: Keep-Alive
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae28a6a3eaab2abe497c6826d655858d172a261df879af2316dc4aaf4c47a693499a21d9f4bf15ee1a705bc3d6273d62fd8139c7955002e0d4f80bdfbbdd80172aab299a4af020791582e7ccf9f9c498d78b45de7c3c78ea48545aeff88a57403aeb4c3b60e283faa5fe8ee5d205330e44d0fa0cd179686af9223578327fb27b24b3c5609447296791114670ce8a8e74ffc279804b44ff04d9a0d944796069d2fcd&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1670419757861_2345&clickId=107698148_1670419757838_38127&url=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&initiator=timeout
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae28a6a3eaab2abe497c6826d655858d172a261df879af2316dc4aaf4c47a693499a21d9f4bf15ee1a705bc3d6273d62fd8139c7955002e0d4f80bdfbbdd80172aab299a4af020791582e7ccf9f9c498d78b45de7c3c78ea48545aeff88a57403aeb4c3b60e283faa5fe8ee5d205330e44d0fa0cd179686af9223578327fb27b24b3c5609447296791114670ce8a8e74ffc279804b44ff04d9a0d944796069d2fcd&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1670419757861_2345&clickId=107698148_1670419757838_38127&url=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&initiator=timeout
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae28a6a3eaab2abe497c6826d655858d172a261df879af2316dc4aaf4c47a693499a21d9f4bf15ee1a705bc3d6273d62fd8139c7955002e0d4f80bdfbbdd80172aab299a4af020791582e7ccf9f9c498d78b45de7c3c78ea48545aeff88a57403aeb4c3b60e283faa5fe8ee5d205330e44d0fa0cd179686af9223578327fb27b24b3c5609447296791114670ce8a8e74ffc279804b44ff04d9a0d944796069d2fcd&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1670419757861_2345&clickId=107698148_1670419757838_38127&url=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&initiator=timeout HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670386060919&.sig=N_VVbZB.i7VdpEW.zLEG_Uk_MVc-&affiliationId=96979714&comId=10846323&country=no&offerId=47384293fab6c5f09361010c7233859c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=28&
Connection: keep-alive
Cookie: datadome=60tV_LxDPpUp3W9NrcMz8N1XSQqArhQc-ic5dG-uOiWJHltQY8kkGF6Ak6fduLyiqc7jFpHgLN7_tjp24WIxXTKM4pCjFuB9pwgRxN4GJhwLjiKwD1MoY2Y-U5C~Jo~P; kelkooID=a4c6294-184ecc6bb0e-31bf; _ga=GA1.2.1529606039.1670419757; _gid=GA1.2.1266458408.1670419757
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Wed, 07 Dec 2022 13:29:18 GMT
leadId: dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1670419757861_2345
clickId: 107698148_1670419757838_38127
country: no
Location: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.014822S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=4u8RaR5192g55hUkR8JmCQIaAceBf7_OSIy1IPXsNSm2BVVJZeaHTmj_ymVBYeFtOIqcJJvUi6iX9BPYZpefKYe_jdpHZeqiyTYmJRd9GZgdwrU5yKqcDMmbPrIouBGU; Max-Age=31536000; Expires=Thu, 07 Dec 2023 13:29:18 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=100
Connection: Keep-Alive
Content-Type: text/plain
ocsp.usertrust.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash befe05fb3c85ee9a74ab672aaecb9aa6
a6ffd7600387830e3e1a3173f08d347aea042679
238e4f98a73ff58ae548e020a3c8d36967d5e76ed7051502abb530fc769f4ea2
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 13:29:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:51:18 GMT
Expires: Tue, 13 Dec 2022 13:51:17 GMT
Etag: "a6ffd7600387830e3e1a3173f08d347aea042679"
Cache-Control: max-age=602318,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 7
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775d9c00ae57b4f3-OSL
api-js.datadome.co/js/
13.51.39.45200 OK 236 B IP 13.51.39.45:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e15a964674ccb8caf4f168cff1a7488f
48a1790cc547a7db992776f7402d35268a3ccae4
19ec4f2f1f109ddd5c7f2679ef8a859b987c723b234345f84dbdbaedf136a85b
POST /js/ HTTP/1.1
Host: api-js.datadome.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 3863
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:18 GMT
content-type: application/json;charset=utf-8
content-length: 236
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2
evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
80.86.142.229200 OK 26 kB URL HTTP/2 evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6752), with CRLF, LF line terminators
Hash bf0ca4f912f243b3b7b077af8b238b2d
6d26f06f7e9bd8056fe417ac5a7631d3b4c48291
f23815025e29e05a84a5b6d77d51ed8f47aaa3d33bdfdbb8eb1ad53d483f334c
GET /presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: DENY, DENY
x-aspnet-version: 4.0.30319
set-cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; expires=Wed, 15-Feb-2023 00:09:18 GMT; path=/; HttpOnly; SameSite=Lax
ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; path=/; HttpOnly; SameSite=Lax
McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; expires=Thu, 07-Dec-2023 13:29:18 GMT; path=/; SameSite=Lax
McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; expires=Thu, 07-Dec-2023 13:29:18 GMT; path=/; SameSite=Lax
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 26370
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.css
80.86.142.229200 OK 36 kB URL HTTP/2 evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.css
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (65536), with no line terminators
Hash ddb7f27fac893c0f86fdd7287c9e7bcc
28d8915e41266a9dabd9c321e1e4fefcf539d2e4
90dd0b885e1d701a2c2b4f98056fb551e06d297acc3be4b990f5dd062dd88089
GET /dist/js/5.c97c0cb1fc3aef23e7cb.bundle.css HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 35817
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/main-styles.983569736b6ec5f6a2f6.bundle.css
80.86.142.229200 OK 5.3 kB URL HTTP/2 evenstadmusikk.no/dist/js/main-styles.983569736b6ec5f6a2f6.bundle.css
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type Unicode text, UTF-8 text, with very long lines (29049)
Hash fcf3559ffa9e565dab01c36d30a68ac6
bc14a55cf31dcb18672d43d53911189c7a3e0fac
8c747cd13d87d80bd397fd6f33684195100deb27520aec8b343938d5936bcfdf
GET /dist/js/main-styles.983569736b6ec5f6a2f6.bundle.css HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 5256
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css
80.86.142.229200 OK 59 kB URL HTTP/2 evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type Unicode text, UTF-8 text, with very long lines (65516), with no line terminators
Hash 4659df9f7cc6bb95890aa4489f5a1bb1
b6be689693a32e035b8907faa8e1c8efbcad930e
cd7c9ed05995d68c454adbdece28668912e4f008bc92cc6b680c0d7a4bf9f239
GET /dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 58637
X-Firefox-Spdy: h2
evenstadmusikk.no/scripts/specialoffers.js?v=pkgGl6kFu7beKoc6j6iZhA3Knu5xyVJxTFSnxLoSxcs1
80.86.142.229200 OK 1.0 kB URL HTTP/2 evenstadmusikk.no/scripts/specialoffers.js?v=pkgGl6kFu7beKoc6j6iZhA3Knu5xyVJxTFSnxLoSxcs1
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (1823), with no line terminators
Hash d5cbf6e684d066ada657228d15c6a262
19b0fdbf000387738f4d461353ef690967a7c5a4
9d06e957d4ae1913a2be1fc77c90fa5caef509a1d3f985f5d59c6e642160c8c0
GET /scripts/specialoffers.js?v=pkgGl6kFu7beKoc6j6iZhA3Knu5xyVJxTFSnxLoSxcs1 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Thu, 07 Dec 2023 13:29:18 GMT
last-modified: Wed, 07 Dec 2022 13:29:18 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 1032
X-Firefox-Spdy: h2
evenstadmusikk.no/scripts/autocampaigns.js?v=n3tBbxhGbfbVv-EpRYrzDrTG2U8bHxXVzDvv_lu6DHQ1
80.86.142.229200 OK 1.3 kB URL HTTP/2 evenstadmusikk.no/scripts/autocampaigns.js?v=n3tBbxhGbfbVv-EpRYrzDrTG2U8bHxXVzDvv_lu6DHQ1
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (3914), with no line terminators
Hash 711c5d58494443d5fd28b0209f25837c
0cd7fe531010a72cb4f52bc1aeeaa1a1f5e7e8ce
2d5668b1ebf7be16d0c436bf0c4b624d8863cda63354c710cd7b49b4aad07981
GET /scripts/autocampaigns.js?v=n3tBbxhGbfbVv-EpRYrzDrTG2U8bHxXVzDvv_lu6DHQ1 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Thu, 07 Dec 2023 13:29:18 GMT
last-modified: Wed, 07 Dec 2022 13:29:18 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 1260
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/runtime.df29bc903bd9297c5e1d.js
80.86.142.229200 OK 998 B URL HTTP/2 evenstadmusikk.no/dist/js/runtime.df29bc903bd9297c5e1d.js
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (1501)
Hash cab9eab5b4d4eb8fcbd645b6e0bfc52b
1a7d98b4bf9a4db3aaf56c47ad726eebd89389ee
eabe0a9859ebe569ab5116574a9ac136ea385985e3883f7633c8f499eb5223c7
GET /dist/js/runtime.df29bc903bd9297c5e1d.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 998
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/2.0da3ac3e030567eb42ed.bundle.js
80.86.142.229200 OK 17 kB URL HTTP/2 evenstadmusikk.no/dist/js/2.0da3ac3e030567eb42ed.bundle.js
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (65074)
Hash 99b90c3783ee788dccde1fe0db90ee8b
7a86c50d42c453f10f0dfb7c9606bdcb751221e7
f8ee55cf8ea6de787a60e07dd5368927ee56b7bc4ed00e78c8dddcb3081e08c3
GET /dist/js/2.0da3ac3e030567eb42ed.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 16763
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/main.ce4c6c793c2ece21ca7a.bundle.js
80.86.142.229200 OK 11 kB URL HTTP/2 evenstadmusikk.no/dist/js/main.ce4c6c793c2ece21ca7a.bundle.js
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (43050)
Hash fcfe4a392d71570f374119d43f520470
7e53800c88831fbf22b7237c90f239e5a74fedcb
8d214b0d4a15c310485724db332b76bcd8dca354e78fa95d36f7cdef662d82b5
GET /dist/js/main.ce4c6c793c2ece21ca7a.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 10880
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.js
80.86.142.229200 OK 324 B URL HTTP/2 evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.js
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (482)
Hash 179532837400772dd29cd25dd70e12ee
dc3f5c2a19d9883798fc9e1196cd3cf65f7fd468
d42ab38beae6428f2859a7b3a8384b6ea5cb87d273a647b1d34afccac3c518bb
GET /dist/js/5.c97c0cb1fc3aef23e7cb.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 324
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/main-styles.983569736b6ec5f6a2f6.bundle.js
80.86.142.229200 OK 414 B URL HTTP/2 evenstadmusikk.no/dist/js/main-styles.983569736b6ec5f6a2f6.bundle.js
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (464)
Hash 209b3f0e68089d359864c983d4cb4ea5
56e758ec7b661173fa269a4759a4f4d73e26782e
21445b65e71e5206ba10634da783b06c778d805568bd966e5e85ba535379dc1b
GET /dist/js/main-styles.983569736b6ec5f6a2f6.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 414
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.js
80.86.142.229200 OK 307 B URL HTTP/2 evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.js
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
Hash ed75b580c347abdaaf2f8e21463a19ec
a29de8f0ba99ca6c7423016f351f2d82515885d9
94ecc976175501ed960a9abf60be6bd189b6007908b48b56784e4b80ba99eac6
GET /dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 307
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/bid-banner.9963cc1778d143d9e89d.bundle.js
80.86.142.229200 OK 1.1 kB URL HTTP/2 evenstadmusikk.no/dist/js/bid-banner.9963cc1778d143d9e89d.bundle.js
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (2901)
Hash a2eb359233bcc9e7f65d149e21ecc20a
2e661c297a24a175fc7bc6316a6c2b4b9b304fc6
f1b03dc42dc988b0bafed04d8e0578ff4909ea98f7b4277828527e128293e50a
GET /dist/js/bid-banner.9963cc1778d143d9e89d.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 1073
X-Firefox-Spdy: h2
evenstadmusikk.no/App_Themes/Demonstrare4Dummy/Images/SeperatorArrow.gif
80.86.142.229200 OK 37 B URL HTTP/2 evenstadmusikk.no/App_Themes/Demonstrare4Dummy/Images/SeperatorArrow.gif
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type GIF image data, version 87a, 2 x 11\012- data
Hash 6f73aa84eb3170630d812433a7f859ae
5d6f769d44b1a26dc7659047d006310b40dc1666
18052af927c25016d55b3f4dcdf96f767536b94fb29e2713adc5080bdb220fa1
GET /App_Themes/Demonstrare4Dummy/Images/SeperatorArrow.gif HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/gif
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 37
X-Firefox-Spdy: h2
evenstadmusikk.no/App_Themes/MASTER/images/1px_transparent.png
80.86.142.229200 OK 141 B URL HTTP/2 evenstadmusikk.no/App_Themes/MASTER/images/1px_transparent.png
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 273352ef860dea665ed24eed59488efe
14fbeaca4303ceff0662c23a0d13365766db1654
38631a426e372dbe90a52ab1b1f0312d254c3d2559472ced786530f89363295f
GET /App_Themes/MASTER/images/1px_transparent.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 141
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Cache/Images/2/2/WEB_Image_Presonus_SL-AR8_Rack_Ear__1138474990000290_plid_251452.Jpeg
80.86.142.229200 OK 13 kB URL HTTP/2 evenstadmusikk.no/Media/Cache/Images/2/2/WEB_Image_Presonus_SL-AR8_Rack_Ear__1138474990000290_plid_251452.Jpeg
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 762x562, components 3\012- data
Hash c43f7f0361183158ccc2182b6fcabe89
d4d4deb959188a76048e9ea9cf8b915bc378d202
8dbc9cd60ea5ff4be5b168ba4a49160a2cdc3c427d70ef028990d70b2bb23f1c
GET /Media/Cache/Images/2/2/WEB_Image_Presonus_SL-AR8_Rack_Ear__1138474990000290_plid_251452.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Tue, 17 May 2022 09:45:38 GMT
accept-ranges: bytes
etag: "ccec83ddd269d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 12999
X-Firefox-Spdy: h2
evenstadmusikk.no/scripts/askforpriceview.js?v=rlZ5vyozOM1UtB9AJ4mR2v7PO3u6q1uvQh7D8zOIeH41
80.86.142.229200 OK 2.5 kB URL HTTP/2 evenstadmusikk.no/scripts/askforpriceview.js?v=rlZ5vyozOM1UtB9AJ4mR2v7PO3u6q1uvQh7D8zOIeH41
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type Unicode text, UTF-8 text, with very long lines (5780), with no line terminators
Hash fa66d28df0716c956dc20fb9bc63a36e
819f161f4672dfd51e882a6cd8133d979ce95dd8
e6c59b3f4612e5bcc575a1e1ccc93c66817baca50629aad5d2e1340d29d65130
GET /scripts/askforpriceview.js?v=rlZ5vyozOM1UtB9AJ4mR2v7PO3u6q1uvQh7D8zOIeH41 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Thu, 07 Dec 2023 13:29:18 GMT
last-modified: Wed, 07 Dec 2022 13:29:18 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 2484
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670386060919%26.sig%3DN_VVbZB.i7VdpEW.zLEG_Uk_MVc-%26affiliationId%3D96979714%26comId%3D10846323%26country%3Dno%26offerId%3D47384293fab6c5f09361010c7233859c%26service%3D37%26tokenId%3D32f34312-f203-4070-8685-542fb127b110%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D28%26&dr=https%3A%2F%2Fshopde.pricedeals.shop%2F&dp=%2F96979714%7C10846323%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Evenstad%20Musikk&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1529606039.1670419757&tid=UA-168544891-6&_gid=1266458408.1670419757&_r=1&cd1=96979714&cd2=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1670419757861_2345&cd3=10846323&cd4=a4c6294-184ecc6bb0e-31bf&cd5=&cd6=96979714%7C10846323%7C&z=1034796765
142.250.74.110200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670386060919%26.sig%3DN_VVbZB.i7VdpEW.zLEG_Uk_MVc-%26affiliationId%3D96979714%26comId%3D10846323%26country%3Dno%26offerId%3D47384293fab6c5f09361010c7233859c%26service%3D37%26tokenId%3D32f34312-f203-4070-8685-542fb127b110%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D28%26&dr=https%3A%2F%2Fshopde.pricedeals.shop%2F&dp=%2F96979714%7C10846323%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Evenstad%20Musikk&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1529606039.1670419757&tid=UA-168544891-6&_gid=1266458408.1670419757&_r=1&cd1=96979714&cd2=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1670419757861_2345&cd3=10846323&cd4=a4c6294-184ecc6bb0e-31bf&cd5=&cd6=96979714%7C10846323%7C&z=1034796765
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670386060919%26.sig%3DN_VVbZB.i7VdpEW.zLEG_Uk_MVc-%26affiliationId%3D96979714%26comId%3D10846323%26country%3Dno%26offerId%3D47384293fab6c5f09361010c7233859c%26service%3D37%26tokenId%3D32f34312-f203-4070-8685-542fb127b110%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D28%26&dr=https%3A%2F%2Fshopde.pricedeals.shop%2F&dp=%2F96979714%7C10846323%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Evenstad%20Musikk&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1529606039.1670419757&tid=UA-168544891-6&_gid=1266458408.1670419757&_r=1&cd1=96979714&cd2=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1670419757861_2345&cd3=10846323&cd4=a4c6294-184ecc6bb0e-31bf&cd5=&cd6=96979714%7C10846323%7C&z=1034796765 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Wed, 07 Dec 2022 13:29:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
evenstadmusikk.no/api/ProductInfo/IsBuyButtonVisible?plid=251452&_=1670419758223
80.86.142.229200 OK 4 B URL HTTP/2 evenstadmusikk.no/api/ProductInfo/IsBuyButtonVisible?plid=251452&_=1670419758223
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /api/ProductInfo/IsBuyButtonVisible?plid=251452&_=1670419758223 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 4
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/scripts/product-infoD4.js?v=XoJnnZ3NT3IGyy0pjUmMnkgkP4q1SxkGQkJHmqiCnmk1
80.86.142.229200 OK 1.1 kB URL HTTP/2 evenstadmusikk.no/scripts/product-infoD4.js?v=XoJnnZ3NT3IGyy0pjUmMnkgkP4q1SxkGQkJHmqiCnmk1
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
Hash 8e58fcd8722c906510f344d0b7223d93
31a534aca1b0094344c8d87450e7066e3139b614
8a387d8558f49244c17766a18c27cacebdf97e8135ae386fa8e6aacca8aaa636
GET /scripts/product-infoD4.js?v=XoJnnZ3NT3IGyy0pjUmMnkgkP4q1SxkGQkJHmqiCnmk1 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Thu, 07 Dec 2023 13:29:18 GMT
last-modified: Wed, 07 Dec 2022 13:29:18 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 7464
X-Firefox-Spdy: h2
evenstadmusikk.no/App_Themes/Demonstrare2MASTER/Images/Flags/Norway.png
80.86.142.229200 OK 626 B URL HTTP/2 evenstadmusikk.no/App_Themes/Demonstrare2MASTER/Images/Flags/Norway.png
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash 0114e6aac48ec2f163429219fe36a42e
6908b2a4a82c1ac33d40a906ff65780c9b5c60ea
2ff81c8bf1be911f9f376f64b8f7f97e230b96adf6e95892a6a43e1de6a32265
GET /App_Themes/Demonstrare2MASTER/Images/Flags/Norway.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 626
X-Firefox-Spdy: h2
evenstadmusikk.no/userfiles/image/theme/EvenstadD4/logo-ny.png
80.86.142.229200 OK 10 kB URL HTTP/2 evenstadmusikk.no/userfiles/image/theme/EvenstadD4/logo-ny.png
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type PNG image data, 295 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e4465aedb678084dec217680cffcc6a
03be16aa6f66a059090ef5aa5445633e4f55d2bc
5744489b7ff9864d5d64834d7efbd373712e29acabdd75fff06abf32d255fe91
GET /userfiles/image/theme/EvenstadD4/logo-ny.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/api/stylesheet/combined/EvenstadD4.css?version=60
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Mon, 17 Jan 2022 11:42:53 GMT
accept-ranges: bytes
etag: "21ddab5c97bd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 10352
X-Firefox-Spdy: h2
evenstadmusikk.no/fonts/multicase-icons.woff2?19959973
80.86.142.229200 OK 9.0 kB URL HTTP/2 evenstadmusikk.no/fonts/multicase-icons.woff2?19959973
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type Web Open Font Format (Version 2), TrueType, length 9000, version 1.0\012- data
Hash ae9297c781988524286f15cc0d4523ad
a0cb1b8403f21e6d52ecf39b0f6405932bb69b71
dc06cd9132370d5fe97173d66d4eef4ae4419353ba2eb0f2cd75a530e0441c3b
GET /fonts/multicase-icons.woff2?19959973 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.css
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/font-woff2
last-modified: Fri, 04 Nov 2022 07:49:38 GMT
accept-ranges: bytes
etag: "01533fd21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 9000
X-Firefox-Spdy: h2
evenstadmusikk.no/favicon.ico?dev=abcdefgh
80.86.142.229200 OK 326 B URL HTTP/2 evenstadmusikk.no/favicon.ico?dev=abcdefgh
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type MS Windows icon resource - 1 icon, 32x32, 2 colors\012- data
Hash 5a4d24568f6a92a0cacfe2f05ba3ae82
aaa07e287c68effb8a81615a19948203609cc54b
e734a7e810d7d2b2e915e621f2e3611fce849940db563fa44829b3aac3df6cdb
GET /favicon.ico?dev=abcdefgh HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/x-icon
last-modified: Thu, 21 Aug 2014 08:17:10 GMT
accept-ranges: bytes
etag: "8d42234e18bdcf1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 326
X-Firefox-Spdy: h2
evenstadmusikk.no/css/cust/favicon/apple-touch-icon.png?v=dLmbbyaK80
80.86.142.229200 OK 6.5 kB URL HTTP/2 evenstadmusikk.no/css/cust/favicon/apple-touch-icon.png?v=dLmbbyaK80
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type PNG image data, 76 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash f799e68bcb69dabe8939d2556f0c9bd6
88b49665766539945d9220965a8c0a4889099571
3bf946e26f8b8e155021f2d0ffbc0423a8ec667f084a69526c3b8f92157199c9
GET /css/cust/favicon/apple-touch-icon.png?v=dLmbbyaK80 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Thu, 01 Mar 2018 12:37:56 GMT
accept-ranges: bytes
etag: "0aaa51f5ab1d31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
content-length: 6483
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
142.250.74.74200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 04:38:14 GMT
expires: Thu, 07 Dec 2023 04:38:14 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 31864
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/Media/Cache/Images/2/2/WEB_Image_Presonus_SL-AR8_Rack_Ear__1138474710032674_plid_251452.Jpeg
80.86.142.229200 OK 1.3 kB URL HTTP/2 evenstadmusikk.no/Media/Cache/Images/2/2/WEB_Image_Presonus_SL-AR8_Rack_Ear__1138474710032674_plid_251452.Jpeg
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 74d3c19fbaaa1e2c82dc735949e787e1
b5bc5a3fa07b94e14ea967ef6788d0423adbea02
2912e96826f6cd94732f42ba7df36f079cfafcbd46ff218b95ce09c282aa3627
GET /Media/Cache/Images/2/2/WEB_Image_Presonus_SL-AR8_Rack_Ear__1138474710032674_plid_251452.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Mon, 26 Apr 2021 19:44:57 GMT
accept-ranges: bytes
etag: "6e381a3d43ad71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 1333
X-Firefox-Spdy: h2
evenstadmusikk.no/css/Demonstrare4/images/royalslider/rs-default.png
80.86.142.229200 OK 1.5 kB URL HTTP/2 evenstadmusikk.no/css/Demonstrare4/images/royalslider/rs-default.png
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type PNG image data, 197 x 133, 8-bit colormap, non-interlaced\012- data
Hash 681c1acdf3b644425e5cca45dd78a675
98c3b4a42100bf1f165ddf5d23d0e3768ca4454e
5ea1a728dcf8b49df966750696ae4c0b11d2273cfed529425df78fb9898e7abe
GET /css/Demonstrare4/images/royalslider/rs-default.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 04 Nov 2022 07:49:38 GMT
accept-ranges: bytes
etag: "01533fd21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 1509
X-Firefox-Spdy: h2
evenstadmusikk.no/css/Demonstrare4/images/royalslider/preloader.gif
80.86.142.229200 OK 2.0 kB URL HTTP/2 evenstadmusikk.no/css/Demonstrare4/images/royalslider/preloader.gif
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type GIF image data, version 89a, 20 x 20\012- data
Hash 5695f03663b39ed4b9436d789f0b27ec
62be0d1e5848a717a52ea0b923a47f0d0d6086e3
04c9abd7ff30a71e2e308f76c509c325b099ab6e3667859df6ede4b9aebf6c4c
GET /css/Demonstrare4/images/royalslider/preloader.gif HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/gif
last-modified: Fri, 04 Nov 2022 07:49:38 GMT
accept-ranges: bytes
etag: "01533fd21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 1986
X-Firefox-Spdy: h2
evenstadmusikk.no/api/Campaign/LoadSpecialOffers?_=1670419758224
80.86.142.229200 OK 41 B URL HTTP/2 evenstadmusikk.no/api/Campaign/LoadSpecialOffers?_=1670419758224
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type JSON data\012- , ASCII text, with no line terminators
Hash 869a8c7b1da5af6130726896dc38da10
393c31667a6b2a37462994d42e01c7db1efd653b
a823eabc48c16d9fa3176bcda6e8788956b4c7eff3b709f11f63458cab894dbb
GET /api/Campaign/LoadSpecialOffers?_=1670419758224 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 41
X-Firefox-Spdy: h2
evenstadmusikk.no/api/AreaRenderer/GetPriceDataAsync
80.86.142.229200 OK 368 B URL HTTP/2 evenstadmusikk.no/api/AreaRenderer/GetPriceDataAsync
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type JSON data\012- , ASCII text, with very long lines (368), with no line terminators
Hash 77d867d4ebe764e992e3671b921a0225
266ceeb2d40f6d3389eab02c0f99a8e0dec500f8
f33516b4960def57c7635d882fce5b25c5fa0906da8b9750c9bd0a03a8d87104
POST /api/AreaRenderer/GetPriceDataAsync HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 159
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 368
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/api/AreaRenderer/RenderFields
80.86.142.229200 OK 6.6 kB URL HTTP/2 evenstadmusikk.no/api/AreaRenderer/RenderFields
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (6558), with no line terminators
Hash 6e0a13fd8bfd605e6a65803c99802377
340a21b3409d772856b966569358b562d0777bf4
a156709e2b5ff402b12063d1bc50d4aa0bce33f2715a2d595f89fb999e5d8f67
POST /api/AreaRenderer/RenderFields HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 2208
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
set-cookie: McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; expires=Thu, 07-Dec-2023 13:29:18 GMT; path=/; SameSite=Lax
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 6577
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 153398
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/yanonekaffeesatz/v24/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2
216.58.207.227200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/yanonekaffeesatz/v24/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 25540, version 1.0\012- data
Hash 3dc72cae1a32e87b38144a702ba627e0
bfbc729a34b987cd06d20842c5049ac275ea4139
1c57101bb57275c8c8cafc5d6216131a378c4388a52656ed3770068cd0ab10b9
GET /s/yanonekaffeesatz/v24/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25540
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 23:44:58 GMT
expires: Wed, 06 Dec 2023 23:44:58 GMT
cache-control: public, max-age=31536000
age: 49461
last-modified: Tue, 23 Aug 2022 18:11:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
evenstadmusikk.no/api/TinyPopup/RenderTinyPopup
80.86.142.229200 OK 977 B URL HTTP/2 evenstadmusikk.no/api/TinyPopup/RenderTinyPopup
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type JSON data\012- HTML document, ASCII text, with very long lines (977), with no line terminators
Hash 5a91e9a5dd231efcda1b0e443d374db2
1b0a78777e3352edb6e54c52607573d12c85abbe
82902e2c642af193113b73b451bdfe31c7cda5b3d7192e3b10a0ce9e932b4cbf
POST /api/TinyPopup/RenderTinyPopup HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 11
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 977
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/evenstadlogo%20bw1318232963_scaled_3201644415965_scaled_320.Jpeg
80.86.142.229200 OK 2.0 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/evenstadlogo%20bw1318232963_scaled_3201644415965_scaled_320.Jpeg
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 68x67, components 3\012- data
Hash a1465910a001ee5c10bdbb468a945d03
8372b7a8073459dd598478586e50b4f00aed85e6
3b77d4ec27723324fe864c362001b5263f6a5e6c3c9b9b194148a4bd91fe0191
GET /Media/Publisher/ArticleImages/evenstadlogo%20bw1318232963_scaled_3201644415965_scaled_320.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Mon, 04 Apr 2022 09:38:27 GMT
accept-ranges: bytes
etag: "858f91bc748d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 2027
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/facebook1644415965_scaled_320.Png
80.86.142.229200 OK 851 B URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/facebook1644415965_scaled_320.Png
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b3bab07d4e9d123055aaaf2df5a212e
0bc878c327e7b5f6fcf2f652cc93b5583ce3641d
418af470f0be5746d7391db907c658d9c4b74bc7b10bdd27fe245807043f338d
GET /Media/Publisher/ArticleImages/facebook1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "eed36467bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 851
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/instagram1644415965_scaled_320.Png
80.86.142.229200 OK 1.1 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/instagram1644415965_scaled_320.Png
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 673f78118abb9a568a6fe579b8349149
a068caa12bbdbc88fec8b39bd7e82ce34c0ea94b
d67d8e824be7bc112f7c094f103eac4179848fbb584d217b7324f2ea6bd27a27
GET /Media/Publisher/ArticleImages/instagram1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "45366767bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 1102
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/twitter1644415965_scaled_320.Png
80.86.142.229200 OK 891 B URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/twitter1644415965_scaled_320.Png
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 8736afd5ed0a28ed6175615d0ec9abf3
d9f28966fa4e2af8a85197f59792da857b109dd9
b2050927a90edc5a9b9fe86fbdaf28e9483d34df614e266aca9d653516cc4ef3
GET /Media/Publisher/ArticleImages/twitter1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "45366767bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 891
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/youtube1644415965_scaled_320.Png
80.86.142.229200 OK 2.4 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/youtube1644415965_scaled_320.Png
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type PNG image data, 96 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fc0a4417800592af0662b12e57cbfe3
e3a00dafcf326d847a360b4d2c3453fad461436b
04dbb85c3e4fce945cefc48d4700a8b7f9290caef7771f8b93396298bf908930
GET /Media/Publisher/ArticleImages/youtube1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "45366767bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 2420
X-Firefox-Spdy: h2
evenstadmusikk.no/api/Responsive/SetScreenSizeMatched?matched=true&_=1670419758225
80.86.142.229200 OK 6 B URL HTTP/2 evenstadmusikk.no/api/Responsive/SetScreenSizeMatched?matched=true&_=1670419758225
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type ASCII text, with no line terminators
Hash ebc576222020c2a2ae2fc769169f1d2a
0e1cdc4ff179fdf17f6cc1de1f04f79e3ba63503
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee
GET /api/Responsive/SetScreenSizeMatched?matched=true&_=1670419758225 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 6
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/api/SlideOverBox/RenderSlideOverBox
80.86.142.229200 OK 920 B URL HTTP/2 evenstadmusikk.no/api/SlideOverBox/RenderSlideOverBox
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type JSON data\012- HTML document, ASCII text, with very long lines (920), with no line terminators
Hash aa4319af842e781d8ef78c6fac1194c4
923cbcb23020323bc4909e6ab91c1f5a82da7882
ea2d8a500bc9d8ee170aae8af5986203069291079869fe9e8b3cb005a84ccf9e
POST /api/SlideOverBox/RenderSlideOverBox HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 11
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 920
X-Firefox-Spdy: h2
evenstadmusikk.no/api/Cart/LoadCart?cartName=&hasCarrier=false&guid=&favGuid=&_=1670419758226
80.86.142.229200 OK 1.9 kB URL HTTP/2 evenstadmusikk.no/api/Cart/LoadCart?cartName=&hasCarrier=false&guid=&favGuid=&_=1670419758226
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type JSON data\012- , ASCII text, with very long lines (1889), with no line terminators
Hash 5d0f07b192a7b41a55b7f17bd81829ab
a079308a424323a269ebe0b66f69975a07a923ca
c23993b6582e1540dde2801808c2a6698dcc14bff9432be692cb901cdc66de2a
GET /api/Cart/LoadCart?cartName=&hasCarrier=false&guid=&favGuid=&_=1670419758226 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 1889
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/api/OrderbookManagement/GetFavouriteSettings?_=1670419758228
80.86.142.229200 OK 29 B URL HTTP/2 evenstadmusikk.no/api/OrderbookManagement/GetFavouriteSettings?_=1670419758228
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type JSON data\012- , ASCII text, with no line terminators
Hash efa5e4ce7d2d30bd853f5e49f3390727
e79e5f66d448ebd9a4177b5cbdae7266486b7590
95b096eaa4a28e8d1bd5d14eb376a69087c17d8eb4f85bd2843f194fd2da9b6f
GET /api/OrderbookManagement/GetFavouriteSettings?_=1670419758228 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 29
X-Firefox-Spdy: h2
evenstadmusikk.no/api/Stats/CheckForPopupAfterProductVisit
80.86.142.229200 OK 5 B URL HTTP/2 evenstadmusikk.no/api/Stats/CheckForPopupAfterProductVisit
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
POST /api/Stats/CheckForPopupAfterProductVisit HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 32
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 5
X-Firefox-Spdy: h2
evenstadmusikk.no/api/ProductInfo/HasMultipleFavouriteCarts?_=1670419758229
80.86.142.229200 OK 5 B URL HTTP/2 evenstadmusikk.no/api/ProductInfo/HasMultipleFavouriteCarts?_=1670419758229
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /api/ProductInfo/HasMultipleFavouriteCarts?_=1670419758229 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 5
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-M4PR24
142.250.74.168200 OK 88 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M4PR24
IP 142.250.74.168:0
File type ASCII text, with very long lines (11328)
Hash 817cad3a4618455a5d2c6204e5e310c8
d4f4dfd724b68572f4190a02300a1869471825e5
505e533f560a38e026a990defe046274fb24a37422470215e71f188e704a7cd1
GET /gtm.js?id=GTM-M4PR24 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 13:29:19 GMT
expires: Wed, 07 Dec 2022 13:29:19 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87961
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025019056/?random=1670419759015&cv=11&fst=1670419759015&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Presonus%20SL-AR8%20Rack%20Ear%20-%20Evenstad%20Musikk&rfmt=3&fmt=4
142.250.74.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1025019056/?random=1670419759015&cv=11&fst=1670419759015&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Presonus%20SL-AR8%20Rack%20Ear%20-%20Evenstad%20Musikk&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2335), with no line terminators
Hash 2b866add29c8050b4c7d1523339aef0e
a5841a340cc8e54300b3868ceae58793bcbfaa38
1a17014db79acd24d7a7587c7acf86f385fecec5e1b3898a4c21756ee832ba88
GET /pagead/viewthroughconversion/1025019056/?random=1670419759015&cv=11&fst=1670419759015&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Presonus%20SL-AR8%20Rack%20Ear%20-%20Evenstad%20Musikk&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:29:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1007
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 13:44:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 61c6bcff9c20eb242b427f3cac03020b
05e3e9676a27855b31ae097d1ca60ab9bdd14d67
f25a2e3110a678d1b13e818d700cb8ca843d66e254389ccbbe3eaea4e5528548
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "F25A2E3110A678D1B13E818D700CB8CA843D66E254389CCBBE3EAEA4E5528548"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20209
Expires: Wed, 07 Dec 2022 19:06:08 GMT
Date: Wed, 07 Dec 2022 13:29:19 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 3a488fc3dcdaafb273e7c74bca56bb53
e04c3fa14a45cb81a4fa39085ae8504b63f31589
afa21e0ef1b2ca8bc6b71a0215fe0a27b9e6a4bed9e90031c8b90d434153ca7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3815
Cache-Control: max-age=119819
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:19 GMT
Etag: "638fb753-139"
Expires: Thu, 08 Dec 2022 22:46:18 GMT
Last-Modified: Tue, 06 Dec 2022 21:42:43 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
s.kk-resources.com/leadtag.js
143.204.55.92200 OK 2.6 kB URL HTTP/1.1 s.kk-resources.com/leadtag.js
IP 143.204.55.92:0
File type C source, ASCII text, with very long lines (6910)
Hash b9c7aa9898d0e7b5d8dfa27c81eda1ac
3e22a4f4ac1fd469128de60e1a80433513242071
980531f0a81016e3a7a4c3fa56f75e7b791f1f4c09296992221bd766b91a53a0
GET /leadtag.js HTTP/1.1
Host: s.kk-resources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2595
Connection: keep-alive
X-Gravitee-Transaction-Id: 015f3df4-fb28-470e-9f3d-f4fb28870e49
X-Gravitee-Request-Id: 015f3df4-fb28-470e-9f3d-f4fb28870e49
Request-Time: 7
Accept-Ranges: bytes
Last-Modified: Tue, 12 Jul 2022 13:48:05 GMT
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 13:01:38 GMT
Cache-Control: public, max-age=3600
ETag: "01eb894c46b26432f1c6dc225e35b2f1bfc24a0c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oppRB4pnyYdxjKs5vs7TM-8mj6IGPdJu_z5oBbqpKIG9ot3KDqATQA==
Age: 1661
instore.prisjakt.no/in.js
104.18.4.123200 OK 1.0 kB URL HTTP/2 instore.prisjakt.no/in.js
IP 104.18.4.123:0
File type ASCII text, with CRLF line terminators
Hash fb418ac27bb48675b4803917790b3982
f6c7dcf10618bd0c2d40efe053397999ca9f6c98
7893b875a76fd8e460ebe49c174610b89b1fac032b399e39c6a2520bbee70257
GET /in.js HTTP/1.1
Host: instore.prisjakt.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:19 GMT
content-type: application/javascript
content-length: 1031
last-modified: Fri, 06 Feb 2015 07:12:58 GMT
etag: "a9f-50e662671d280-gzip"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 663
accept-ranges: bytes
set-cookie: __cf_bm=a1T.1lwP1CXMJIJrR2XkWUyuteF6qWUpXc.6KmzMgNw-1670419759-0-Af0AjDP7cfq50+SL5ESCjl5dvMloGoPwLkh6CKiQdyzCx5J9+FQ4ODOD/zXNB//BLu/ZTFaLP9Oz72CA5ANvBQ8=; path=/; expires=Wed, 07-Dec-22 13:59:19 GMT; domain=.prisjakt.no; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 775d9c08e9dfb4f3-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4837
Cache-Control: max-age=88832
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:19 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 14:09:51 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 07 Dec 2022 12:41:08 GMT
expires: Wed, 07 Dec 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 2891
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=29A4C0545DC76CE41E39D2275C326D41; domain=.bing.com; expires=Mon, 01-Jan-2024 13:29:19 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FEFCCD7C53DB484AA695F2A866CE7E62 Ref B: OSL30EDGE0105 Ref C: 2022-12-07T13:29:19Z
date: Wed, 07 Dec 2022 13:29:19 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/scripts/web-4.0.js?v=UT230Hepij_Kq8SEtin6YFsQVg5zgW3vFEE3RJV2x_41
80.86.142.229200 OK 97 kB URL HTTP/2 evenstadmusikk.no/scripts/web-4.0.js?v=UT230Hepij_Kq8SEtin6YFsQVg5zgW3vFEE3RJV2x_41
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
Hash 72a58a412f77cb777f6ccf45232345ed
683a3fc042efeb00611aebea5dfa240af04dcf6e
28d0acac3f0f2a8b572329766fa305de36f06aad7a54fd59b783e294f40b9822
GET /scripts/web-4.0.js?v=UT230Hepij_Kq8SEtin6YFsQVg5zgW3vFEE3RJV2x_41 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Thu, 07 Dec 2023 13:29:18 GMT
last-modified: Wed, 07 Dec 2022 13:29:18 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 55YuA57vPWsFu07SP1z88ulxCBuLA3IjcqXTRTjq3S+s9AD2eiR8uKFcfCuYOxjNt3HJPatQmfHv26rdlPbBMw==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 2050670934
date: Wed, 07 Dec 2022 13:29:19 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1025019056/?random=1670419759015&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Presonus%20SL-AR8%20Rack%20Ear%20-%20Evenstad%20Musikk&fmt=3&is_vtc=1&random=1028330681&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1025019056/?random=1670419759015&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Presonus%20SL-AR8%20Rack%20Ear%20-%20Evenstad%20Musikk&fmt=3&is_vtc=1&random=1028330681&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1025019056/?random=1670419759015&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Presonus%20SL-AR8%20Rack%20Ear%20-%20Evenstad%20Musikk&fmt=3&is_vtc=1&random=1028330681&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:29:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1025019056/?random=1670419759015&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Presonus%20SL-AR8%20Rack%20Ear%20-%20Evenstad%20Musikk&fmt=3&is_vtc=1&random=1028330681&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1025019056/?random=1670419759015&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Presonus%20SL-AR8%20Rack%20Ear%20-%20Evenstad%20Musikk&fmt=3&is_vtc=1&random=1028330681&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1025019056/?random=1670419759015&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Presonus%20SL-AR8%20Rack%20Ear%20-%20Evenstad%20Musikk&fmt=3&is_vtc=1&random=1028330681&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:29:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
evenstadmusikk.no/api/stylesheet/combined/EvenstadD4.css?version=60
80.86.142.229200 OK 13 kB URL HTTP/2 evenstadmusikk.no/api/stylesheet/combined/EvenstadD4.css?version=60
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
Hash 4fc6f858f2607293fda5f25491e85ab3
6076302bb09913031c3db9cebc2c54b4477fe410
9795614ac1c1f53b85e982dace8bc59d8677ff6bfc02b12cf243d48cd2820085
GET /api/stylesheet/combined/EvenstadD4.css?version=60 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=142000613&tm=gtm002&Ver=2&mid=355e5676-75aa-46e8-ac1b-9f443919d7ae&sid=275be420763311ed86274112b9f4e390&vid=275bd270763311edbca9a5ab9e157d36&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Presonus%20SL-AR8%20Rack%20Ear%20-%20Evenstad%20Musikk&kw=Presonus%20SL-AR8%20Rack%20Ear,,Tilbeh%C3%B8r,Miksere,PA-Utstyr,Produkter,Instrumenter,Evenstad%20Musikk&p=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&r=https%3A%2F%2Fno-go.kelkoogroup.net%2F<=851&evt=pageLoad&sv=1&rn=914413
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=142000613&tm=gtm002&Ver=2&mid=355e5676-75aa-46e8-ac1b-9f443919d7ae&sid=275be420763311ed86274112b9f4e390&vid=275bd270763311edbca9a5ab9e157d36&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Presonus%20SL-AR8%20Rack%20Ear%20-%20Evenstad%20Musikk&kw=Presonus%20SL-AR8%20Rack%20Ear,,Tilbeh%C3%B8r,Miksere,PA-Utstyr,Produkter,Instrumenter,Evenstad%20Musikk&p=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&r=https%3A%2F%2Fno-go.kelkoogroup.net%2F<=851&evt=pageLoad&sv=1&rn=914413
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=142000613&tm=gtm002&Ver=2&mid=355e5676-75aa-46e8-ac1b-9f443919d7ae&sid=275be420763311ed86274112b9f4e390&vid=275bd270763311edbca9a5ab9e157d36&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Presonus%20SL-AR8%20Rack%20Ear%20-%20Evenstad%20Musikk&kw=Presonus%20SL-AR8%20Rack%20Ear,,Tilbeh%C3%B8r,Miksere,PA-Utstyr,Produkter,Instrumenter,Evenstad%20Musikk&p=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&r=https%3A%2F%2Fno-go.kelkoogroup.net%2F<=851&evt=pageLoad&sv=1&rn=914413 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=300DD2BCCD4F65861C73C0CFCCBA647E; domain=.bing.com; expires=Mon, 01-Jan-2024 13:29:19 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EF70DE9C53F54665980CE8A0869902EB Ref B: OSL30EDGE0105 Ref C: 2022-12-07T13:29:19Z
date: Wed, 07 Dec 2022 13:29:19 GMT
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5481275-1&cid=1566410878.1670419759&jid=810986274&gjid=807840173&_gid=1440722327.1670419759&_u=YGBAgAABAAAAAE~&z=234616082
64.233.164.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5481275-1&cid=1566410878.1670419759&jid=810986274&gjid=807840173&_gid=1440722327.1670419759&_u=YGBAgAABAAAAAE~&z=234616082
IP 64.233.164.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5481275-1&cid=1566410878.1670419759&jid=810986274&gjid=807840173&_gid=1440722327.1670419759&_u=YGBAgAABAAAAAE~&z=234616082 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://evenstadmusikk.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Dec 2022 13:29:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/142000613.js
204.79.197.200200 OK 1.4 kB URL HTTP/2 bat.bing.com/p/action/142000613.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash f2373b9a40df2085788a080ec9a01e14
90d478d3d2da085f633f1b695317b5a161923f00
494132763b87ccd7a0bc79c5ce70823b7b50e076c62aeca90fc4909f7fae66c8
GET /p/action/142000613.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1447
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=2C4B9CFA21306E6B0B388E8920C56F26; domain=.bing.com; expires=Mon, 01-Jan-2024 13:29:19 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 60512B8C67B54CE09D996D7F99152302 Ref B: OSL30EDGE0105 Ref C: 2022-12-07T13:29:19Z
date: Wed, 07 Dec 2022 13:29:19 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c174a8460fc91e0fa77ad52a7e8ae593
6ba0d1078d0c938a50210fa1c0f34f07b64f2e75
b525786005fcac6a7db51cb0e792c8d56e76f41c8094240e8cfed32f14fb1b19
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 13:29:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 06:02:17 GMT
Expires: Sun, 11 Dec 2022 06:02:16 GMT
Etag: "6ba0d1078d0c938a50210fa1c0f34f07b64f2e75"
Cache-Control: max-age=318175,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775d9c094ef6b4f4-OSL
evenstadmusikk.no/api/Menu/GetHtmlMenu?nodeId=2003612&screensize=lg&screensizePixels=1200&width=1280&height=1024&showMobileMenuCollapsed=false&_=1670419758227
80.86.142.229200 OK 29 kB URL HTTP/2 evenstadmusikk.no/api/Menu/GetHtmlMenu?nodeId=2003612&screensize=lg&screensizePixels=1200&width=1280&height=1024&showMobileMenuCollapsed=false&_=1670419758227
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
Hash 1844d9b05d91f0cf0e4126bd67d7400e
4cf79ec6d506576d5a935d4591f782e5e3f33b44
e5ba8ddffcb4af6ec04c1e7579d0a82a817e991338d8e7b2c28113f410b7c378
GET /api/Menu/GetHtmlMenu?nodeId=2003612&screensize=lg&screensizePixels=1200&width=1280&height=1024&showMobileMenuCollapsed=false&_=1670419758227 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22db7ad285-789d-47c7-a83f-b1ca8209d20e%22%2C%22lw%22:%2212-7-13-29%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: text/plain; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:19 GMT
X-Firefox-Spdy: h2
static.itxuc.com/r10120.10.2.1/jsv2/lib/babel/regeneratorRuntime.js
85.196.80.229200 OK 7.0 kB URL HTTP/2 static.itxuc.com/r10120.10.2.1/jsv2/lib/babel/regeneratorRuntime.js
IP 85.196.80.229:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (6995), with no line terminators
Hash 65afb5c3ff3838e9f91c3b8f083c41e9
82846d481a92a6738ed8496f724aaf97b9efa148
688e51c1099e0876f57f5d13a105544fcf076f2cb267462104576762457e4213
GET /r10120.10.2.1/jsv2/lib/babel/regeneratorRuntime.js HTTP/1.1
Host: static.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 13:29:20 GMT
content-type: application/javascript
content-length: 6995
last-modified: Mon, 05 Dec 2022 14:17:33 GMT
etag: "638dfd7d-1b53"
expires: Sat, 02 Dec 2023 13:29:20 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-expose-headers: Content-Length
pragma: public
cache-control: max-age=31104000, public
vary: Origin
accept-ranges: bytes
X-Firefox-Spdy: h2
static.itxuc.com/r10120.10.2.1/jsv2/lib/portalPolyfill.js
85.196.80.229200 OK 15 kB URL HTTP/2 static.itxuc.com/r10120.10.2.1/jsv2/lib/portalPolyfill.js
IP 85.196.80.229:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (14558), with no line terminators
Hash 7635320ef1aad608d965da49107b3790
15dae88b9aff31d5c1e4e6a32522ec4168bcdd21
3b31518219d8fa1d0c2fb7cbe9dea153cdd5c2bdda5a4d85a296a7951a563d2a
GET /r10120.10.2.1/jsv2/lib/portalPolyfill.js HTTP/1.1
Host: static.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 13:29:20 GMT
content-type: application/javascript
content-length: 14558
last-modified: Mon, 05 Dec 2022 14:17:38 GMT
etag: "638dfd82-38de"
expires: Sat, 02 Dec 2023 13:29:20 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-expose-headers: Content-Length
pragma: public
cache-control: max-age=31104000, public
vary: Origin
accept-ranges: bytes
X-Firefox-Spdy: h2
static.itxuc.com/r10120.10.2.1/jsv2/lib/itx.js
85.196.80.229200 OK 30 kB URL HTTP/2 static.itxuc.com/r10120.10.2.1/jsv2/lib/itx.js
IP 85.196.80.229:0
ASN #2116 Globalconnect As
File type Unicode text, UTF-8 text, with very long lines (29485), with no line terminators
Hash d95df38c9816f455aba6cd7b04cf90c0
ab51c120c0402e85217c78e93b9716b474e041b3
849ddc3b541aa63b9011e907495ff56a76a9d263b0113d5c7d4d3c5c397dd880
GET /r10120.10.2.1/jsv2/lib/itx.js HTTP/1.1
Host: static.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 13:29:20 GMT
content-type: application/javascript
content-length: 29486
last-modified: Mon, 05 Dec 2022 14:17:34 GMT
etag: "638dfd7e-732e"
expires: Sat, 02 Dec 2023 13:29:20 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-expose-headers: Content-Length
pragma: public
cache-control: max-age=31104000, public
vary: Origin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1303440676530456&ev=PageView&dl=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1670419759647&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670419759646.390256457&it=1670419759437&coo=false&rqm=GET
157.240.247.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1303440676530456&ev=PageView&dl=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1670419759647&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670419759646.390256457&it=1670419759437&coo=false&rqm=GET
IP 157.240.247.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1303440676530456&ev=PageView&dl=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1670419759647&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670419759646.390256457&it=1670419759437&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 07 Dec 2022 13:29:20 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1303440676530456&ev=ViewContent&dl=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1670419759651&cd[content_type]=product&cd[content_ids]=1138474&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670419759646.390256457&it=1670419759437&coo=false&exp=c1&rqm=GET
157.240.247.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1303440676530456&ev=ViewContent&dl=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1670419759651&cd[content_type]=product&cd[content_ids]=1138474&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670419759646.390256457&it=1670419759437&coo=false&exp=c1&rqm=GET
IP 157.240.247.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1303440676530456&ev=ViewContent&dl=https%3A%2F%2Fevenstadmusikk.no%2Fpresonus%2F1138474%2Fpresonus-sl-ar8-rack-ear%3Fkk%3Da4c6294-184ecc6bb0e-31bf%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPresonus%2BSl-Ar8%2BRack%2BEar&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1670419759651&cd[content_type]=product&cd[content_ids]=1138474&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670419759646.390256457&it=1670419759437&coo=false&exp=c1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 07 Dec 2022 13:29:20 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash aa9e9cc4cf21d2f8e869a92e65a45506
32bac4c290787256eb7362fd11b4342d20a6c8ab
b82203e3d34d3cd6c7b013b8887a74af649ef07edccacf3a1874a670951a915b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3881
Cache-Control: max-age=168125
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:20 GMT
Etag: "639073c4-139"
Expires: Fri, 09 Dec 2022 12:11:25 GMT
Last-Modified: Wed, 07 Dec 2022 11:06:44 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
services14-node2.itxuc.com/rest/uc/chat/plugin/anonconfig?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141&hostname=evenstadmusikk.no
85.196.81.178200 OK 5.7 kB URL HTTP/1.1 services14-node2.itxuc.com/rest/uc/chat/plugin/anonconfig?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141&hostname=evenstadmusikk.no
IP 85.196.81.178:0
ASN #2116 Globalconnect As
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5668)
Hash b3429772ccde19d00fd3a8341d361a2f
1bfefa40d66674a6e8603574a4b4ba60d317a3bf
67511321533e7c6ab4d170ee686293697679c19ac6db6dfa3937cf7deb8f8507
GET /rest/uc/chat/plugin/anonconfig?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141&hostname=evenstadmusikk.no HTTP/1.1
Host: services14-node2.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:29:20 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
ITXVOS: true
Cache-Control: public, max-age=300, must-revalidate
Pragma: cache
Expires: Wed, 07 Dec 2022 13:34:20 GMT
Access-Control-Allow-Headers: Content-Type,ITXVOS-Frontend-Version,Content-Length,Content-Disposition,ITXVOS-Mobile-App-Version,Iwp-User-Agent,Date,Object-Map-Response,ITX-Ensure-User
Access-Control-Expose-Headers: Content-Type,ITXVOS-Frontend-Version,Content-Length,Content-Disposition,ITXVOS-Mobile-App-Version,ETag,Date,ITX-Ensure-User-Failure,Vary
Access-Control-Allow-Origin: https://evenstadmusikk.no
Access-Control-Allow-Credentials: true
ITXVOS-Action: no.itx.portal.web.uc.action.ChatPluginConfigAnonActionGet
ITXVOS-Action-ID: 41011
ITXVOS-Frontend-Version: r10120.10.2.1
ITXVOS-Mobile-App-Version: 1.4.6/1.4.6
ITXVOS-Cached-Resource: No
Last-Modified: Sun, 04 Dec 2022 21:20:39 GMT
ETag: W/"1670188839617C60000141"
Vary: Origin, Range
Set-Cookie: JSESSIONID=E50554DF79FA43B60040580AAE248FCA; Path=/; Secure; HttpOnly; SameSite=None
iwpsessioncookie=iwpsess; Expires=Thu, 08-Dec-2022 13:29:20 GMT; Path=/; Secure; SameSite=None
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 20f6192e4535e9cd0534fde901f8accf
6925717fe60389306d0f6b75465fd915b7df3c16
73b29633a00c3685251d2fb2741fa364e050320867040502f876187c8fe36b39
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5282
Cache-Control: max-age=106165
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:20 GMT
Etag: "638f7c43-1d7"
Expires: Thu, 08 Dec 2022 18:58:45 GMT
Last-Modified: Tue, 06 Dec 2022 17:30:43 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 20f6192e4535e9cd0534fde901f8accf
6925717fe60389306d0f6b75465fd915b7df3c16
73b29633a00c3685251d2fb2741fa364e050320867040502f876187c8fe36b39
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4823
Cache-Control: max-age=105706
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:20 GMT
Etag: "638f7c43-1d7"
Expires: Thu, 08 Dec 2022 18:51:06 GMT
Last-Modified: Tue, 06 Dec 2022 17:30:43 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
s.kelkoogroup.net/k.gif
185.60.164.26200 OK 0 B IP 185.60.164.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: etag
Referer: https://evenstadmusikk.no/
Origin: https://evenstadmusikk.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 6e63a422-2de4-446f-a3a4-222de4a46f12
X-Gravitee-Request-Id: 6e63a422-2de4-446f-a3a4-222de4a46f12
Vary: Origin
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://evenstadmusikk.no
Access-Control-Allow-Headers: etag
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Date: Wed, 07 Dec 2022 13:29:20 GMT
content-length: 0
s.kelkoogroup.net/k.gif
185.60.164.26200 OK 43 B IP 185.60.164.26:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
ETag: a2Vsa29vSWQ9YTRjNjI5NC0xODRlY2M2YmIwZS0zMWJm
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 35264728-8ab4-46bd-a647-288ab4e6bd21
X-Gravitee-Request-Id: 35264728-8ab4-46bd-a647-288ab4e6bd21
ETag: a2Vsa29vSWQ9YTRjNjI5NC0xODRlY2M2YmIwZS0zMWJm
Vary: *,Origin
Pragma: no-cache
Expires: 0
Request-Time: 1
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Last-Modified: Fri, 01 Jan 2010 00:00:00 GMT
Access-Control-Allow-Origin: https://evenstadmusikk.no
Access-Control-Expose-Headers: ETag
Access-Control-Allow-Credentials: true
Date: Wed, 07 Dec 2022 13:29:20 GMT
Content-Type: image/gif
content-length: 43
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4c9688944e55047f879844d038061d17
e772514463f92964d1aa73b65a5b5e727665e2e6
b7da6d01a2e65b5691557e6c340a64632aed3e7fb41bf5a1e5fdbe96c7c9e700
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3708
Cache-Control: max-age=105345
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:20 GMT
Etag: "638f7f35-139"
Expires: Thu, 08 Dec 2022 18:45:05 GMT
Last-Modified: Tue, 06 Dec 2022 17:43:17 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:19 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=VUJPD180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRjd2SFZib0g4RGt2M3NsV2xuT1UydVZPeiUyRlo5UVNTWUJrNUloRmtvVGZ3; expires=Mon, 01 Jan 2024 13:29:20 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 273596
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 5814ad3b7f0d449d58b5505e41a3f293
66fe5d7620cc08430e8c06b981dd034307dbbc8d
aac640fcca4acaf55321ba49f1eb08c3a29d771445b35a33213aa627900d2579
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3925
Cache-Control: max-age=164223
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:20 GMT
Etag: "6390645a-139"
Expires: Fri, 09 Dec 2022 11:06:23 GMT
Last-Modified: Wed, 07 Dec 2022 10:00:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 5814ad3b7f0d449d58b5505e41a3f293
66fe5d7620cc08430e8c06b981dd034307dbbc8d
aac640fcca4acaf55321ba49f1eb08c3a29d771445b35a33213aa627900d2579
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3925
Cache-Control: max-age=164223
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:20 GMT
Etag: "6390645a-139"
Expires: Fri, 09 Dec 2022 11:06:23 GMT
Last-Modified: Wed, 07 Dec 2022 10:00:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=C77EDF17FE174FAEA96FE9A07A676343&RedC=c.clarity.ms&MXFR=076E8BD1A484624524FA99A2A0846CAB
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=076E8BD1A484624524FA99A2A0846CAB; domain=.clarity.ms; expires=Mon, 01-Jan-2024 13:29:20 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 0
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.7200 OK 319 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.7:0
Hash 640998c7549b7e2af36a8a39c91e0e09
c3a813f934b68d2209bc420ccbc74fe92e13aed2
c3d9932a6d7242e861482163d1a99e1d1cfc1978b144130b4ee36fa08a6a03e2
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 91616
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=C77EDF17FE174FAEA96FE9A07A676343&RedC=c.clarity.ms&MXFR=076E8BD1A484624524FA99A2A0846CAB
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=C77EDF17FE174FAEA96FE9A07A676343&RedC=c.clarity.ms&MXFR=076E8BD1A484624524FA99A2A0846CAB
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=C77EDF17FE174FAEA96FE9A07A676343&RedC=c.clarity.ms&MXFR=076E8BD1A484624524FA99A2A0846CAB HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://evenstadmusikk.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=C77EDF17FE174FAEA96FE9A07A676343&MUID=0785CCB7FE42615005EEDEC4FFB760B9
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=0785CCB7FE42615005EEDEC4FFB760B9; domain=c.bing.com; expires=Mon, 01-Jan-2024 13:29:20 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 827267B372124E829493BEE676F3DB3F Ref B: OSL30EDGE0105 Ref C: 2022-12-07T13:29:20Z
date: Wed, 07 Dec 2022 13:29:20 GMT
content-length: 0
X-Firefox-Spdy: h2
apil1.spinnaker-js.com/
34.246.156.108200 OK 0 B IP 34.246.156.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: apil1.spinnaker-js.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:20 GMT
content-length: 0
server: nginx/1.20.0
access-control-allow-origin: https://evenstadmusikk.no
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: content-type, accept, X-Requested-With, X-HTTP-Method-Override, data, X-UA-Compatible
access-control-allow-credentials: false
access-control-max-age: 31536000
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=C77EDF17FE174FAEA96FE9A07A676343&MUID=0785CCB7FE42615005EEDEC4FFB760B9
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=C77EDF17FE174FAEA96FE9A07A676343&MUID=0785CCB7FE42615005EEDEC4FFB760B9
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=C77EDF17FE174FAEA96FE9A07A676343&MUID=0785CCB7FE42615005EEDEC4FFB760B9 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://evenstadmusikk.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 07-Dec-2022 13:39:20 GMT; path=/; SameSite=None; Secure;
date: Wed, 07 Dec 2022 13:29:19 GMT
content-length: 42
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a2cd4e561f1ad90375522bec33bb9c57
94ec018dc1991d5d0b00c2b99c1d52c873ce2d7c
d34d6f434bebd00c1026fdaa7cb7b3fd2c514d681cb7fddfc0627014b9bd7eee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D34D6F434BEBD00C1026FDAA7CB7B3FD2C514D681CB7FDDFC0627014B9BD7EEE"
Last-Modified: Mon, 05 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15252
Expires: Wed, 07 Dec 2022 17:43:32 GMT
Date: Wed, 07 Dec 2022 13:29:20 GMT
Connection: keep-alive
cdn-sitegainer.com/sitegainer_5619307.js
104.26.6.123200 OK 69 kB URL HTTP/2 cdn-sitegainer.com/sitegainer_5619307.js
IP 104.26.6.123:0
File type Unicode text, UTF-8 text, with very long lines (32228)
Hash 0c510df44899776fad76c8965d6e45cd
e7a6f881a9ad1e3163e0a7e5ed60f89166e53d9b
eba2e589fa461917cb90aaf37631fd8a7b12658e9e8e07e419a7fb07876c3329
GET /sitegainer_5619307.js HTTP/1.1
Host: cdn-sitegainer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:18 GMT
content-type: text/javascript; charset=utf-8
cf-bgj: minify
cf-polished: origSize=237588
etag: W/"fc4ab11d61e7af5f240904475fe3f56e"
last-modified: Thu, 04 Aug 2022 12:46:22 GMT
x-amz-id-2: IIMMgrJjwpYsjy+vlTWgb6U3hKeOYg7SCArdHzMdk3oCc4JoB3d83fjJrC7vGxouu2vpUNZG6VQ=
x-amz-request-id: 8P2JPKXCH98Z8WB9
cache-control: max-age=1800
cf-cache-status: HIT
age: 2359
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YC3cOxEivk1VPzJngDAOPLzklf0ip1yYaAzPyB2DeduDn31r%2B2wLmtnvrgJ1fiGFB5%2FJU3H3XOke6nHxB6rVjxwIB7nYJwyeswyV5ZW9XZXdMtDx3TS8viE%2FT%2FzSQoc%2BXqXEYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d9c0198140b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a2cd4e561f1ad90375522bec33bb9c57
94ec018dc1991d5d0b00c2b99c1d52c873ce2d7c
d34d6f434bebd00c1026fdaa7cb7b3fd2c514d681cb7fddfc0627014b9bd7eee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D34D6F434BEBD00C1026FDAA7CB7B3FD2C514D681CB7FDDFC0627014B9BD7EEE"
Last-Modified: Mon, 05 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15251
Expires: Wed, 07 Dec 2022 17:43:32 GMT
Date: Wed, 07 Dec 2022 13:29:21 GMT
Connection: keep-alive
ag.gbc.criteo.com/newidsd
185.235.84.162200 OK 39 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.162:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 944cbdaf14cea30c9bc3ce2ab031ec03
4dc181614f4d070b77c3ca8da27653ffb000a8e9
7b54d282d6dae7c2aed33c87dccf4debec65b3ca2584c2cd356714558cd1751e
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 84210
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 113db688124c4e4aa39e693c33719da5
8f031d67d701dc01342c2b1407ac5769f504a417
ca364850449d7dda1d8ec5026cdb84bb5e56cefce12f49452bd3223b34f202db
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147071
Date: Wed, 07 Dec 2022 13:29:21 GMT
Etag: "63902225-1d7"
Expires: Fri, 09 Dec 2022 06:20:32 GMT
Last-Modified: Wed, 07 Dec 2022 05:18:29 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YCtFvPg7QnI8ISAa0oxRL6CvJyLf3t5K1HRsmGbUPs1whJdA4sRPzw==
Age: 3723
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 07 Dec 2022 13:29:20 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 685248
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-nuttMhGAq6NNBPvwPTGz2tW03d0Nkov4sSWoGQ
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-nuttMhGAq6NNBPvwPTGz2tW03d0Nkov4sSWoGQ
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-nuttMhGAq6NNBPvwPTGz2tW03d0Nkov4sSWoGQ HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3134213613580232000V10; Expires=Thu, 07 Dec 2023 13:29:21 GMT; domain=.media.net; Path=/;
data-c-ts=1670419761;Expires=Fri, 06 Jan 2023 13:29:21 GMT;path=/;domain=.media.net;
data-c=k-nuttMhGAq6NNBPvwPTGz2tW03d0Nkov4sSWoGQ~~3;Expires=Fri, 06 Jan 2023 13:29:21 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Wed, 07 Dec 2022 13:29:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 07 Dec 2022 13:29:21 GMT
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_-P4NBGAq6NNBPvwPTGz2tW03d3uNwA4gZE0Ww
104.18.33.19302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_-P4NBGAq6NNBPvwPTGz2tW03d3uNwA4gZE0Ww
IP 104.18.33.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-_-P4NBGAq6NNBPvwPTGz2tW03d3uNwA4gZE0Ww HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 07 Dec 2022 13:29:21 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-_-P4NBGAq6NNBPvwPTGz2tW03d3uNwA4gZE0Ww&C=1
cf-ray: 775d9c12fcc0b50c-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y5CVMeOUUMRX93kHPvVs1QAA; Path=/; Domain=casalemedia.com; Expires=Thu, 07 Dec 2023 13:29:21 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=702; Path=/; Domain=casalemedia.com; Expires=Tue, 07 Mar 2023 13:29:21 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=702; Path=/; Domain=casalemedia.com; Expires=Tue, 07 Mar 2023 13:29:21 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qg6J4p4DFfuup2Gwf4eyxsnS9nm%2Bg%2BFUSln0U3aw3GVrZVD8JlppWFpHppsSLufGsyBLOAz6hcz0pN4RqYsL7OnVGGRADEkyV4Bl%2BvFeQGBf%2BeX0P99DKpjRQViHNDoYk7HX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 02199db0be5314b9689c4849072cb05e
a1d7822f4d3f6919aa8ad8ba318774fc789e876d
6637d639b24e8ca67b161b180920aee0f467e5345317782b9cdcf8599fc20b14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3830
Cache-Control: max-age=132089
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:21 GMT
Etag: "638fe734-1d7"
Expires: Fri, 09 Dec 2022 02:10:50 GMT
Last-Modified: Wed, 07 Dec 2022 01:07:00 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9343c21914de6ba147d14be44c41f337
ff0adc96b17acb6f25c9fcde5a02c48283997841
65c27ab2ab46f3cd28894f2971edda97566033c2f8aeca067e289b544d45e357
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3680
Cache-Control: max-age=98797
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:21 GMT
Etag: "638f65be-139"
Expires: Thu, 08 Dec 2022 16:55:58 GMT
Last-Modified: Tue, 06 Dec 2022 15:54:38 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_-P4NBGAq6NNBPvwPTGz2tW03d3uNwA4gZE0Ww&C=1
104.18.33.19200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_-P4NBGAq6NNBPvwPTGz2tW03d3uNwA4gZE0Ww&C=1
IP 104.18.33.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-_-P4NBGAq6NNBPvwPTGz2tW03d3uNwA4gZE0Ww&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:21 GMT
content-type: image/gif
content-length: 43
cf-ray: 775d9c135d7ab50c-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLuoLAC11HyRHipmWo8O%2FsaLNvrJWIvJxXyrkMVBz%2BCvdgsqvFFGmP1pmARXs5dedU7wp2gjXe68kwRAsjxdTKqnUTMjlPrYfPVMEIyIa2Yo96PuSTMp%2B0aciqGZhKFxmzaE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
185.89.210.180307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP 185.89.210.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Dec 2022 13:29:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: 11522c8f-a9c7-47b2-bd3b-cdbc8f7b6e83
Set-Cookie: uuid2=2975463565791821259; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 07-Mar-2023 13:29:21 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-5JbOThGAq6NNBPvwPTGz2tW03d1r8TBvoY3BMw&expires=30
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-5JbOThGAq6NNBPvwPTGz2tW03d1r8TBvoY3BMw&expires=30
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-5JbOThGAq6NNBPvwPTGz2tW03d1r8TBvoY3BMw&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Content-Type: image/gif
criteo-sync.teads.tv/um?eid=80&uid=k-3UzbNRGAq6NNBPvwPTGz2tW03d0QEWjjUJwTzQ
23.195.255.234200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-3UzbNRGAq6NNBPvwPTGz2tW03d0QEWjjUJwTzQ
IP 23.195.255.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-3UzbNRGAq6NNBPvwPTGz2tW03d0QEWjjUJwTzQ HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Wed, 07 Dec 2022 13:29:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 07 Dec 2022 13:29:21 GMT
X-Firefox-Spdy: h2
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-sujI0xGAq6NNBPvwPTGz2tW03d0AuZGeEyq3OQ
185.86.137.132200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-sujI0xGAq6NNBPvwPTGz2tW03d0AuZGeEyq3OQ
IP 185.86.137.132:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-sujI0xGAq6NNBPvwPTGz2tW03d0AuZGeEyq3OQ HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Wed, 07 Dec 2022 13:29:20 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=728214703318993283; expires=Sat, 06 Jan 2024 13:29:21 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 06 Jan 2024 13:29:21 GMT; domain=smartadserver.com; path=/
csync=79:k-sujI0xGAq6NNBPvwPTGz2tW03d0AuZGeEyq3OQ; expires=Thu, 07 Dec 2023 13:29:21 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 0d8b9dfa21ccece797237eb477f62b03
339eb5c553802938abfc06f2d0444978216c1ed8
6a40a2468b98b33cedf48f8df5a54549e316612defa158448fe0131ef91da8f3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88743
Date: Wed, 07 Dec 2022 13:29:21 GMT
Etag: "638f3d20-1d7"
Expires: Thu, 08 Dec 2022 14:08:24 GMT
Last-Modified: Tue, 06 Dec 2022 13:01:20 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Q1V3uhLWkIyedwgfNo2lwThHJNMp1mxUPKi3YB2ihVu6bk8mZg3Gsw==
Age: 4024
eb2.3lift.com/xuid?mid=2711&xuid=k-FwiF2RGAq6NNBPvwPTGz2tW03d25ErI_InDkdg&dongle=013b
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-FwiF2RGAq6NNBPvwPTGz2tW03d25ErI_InDkdg&dongle=013b
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-FwiF2RGAq6NNBPvwPTGz2tW03d25ErI_InDkdg&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:21 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9dfb6f98524703cb28aa777c06f8307d
0259f1b07774b87d9bf5d69228f549946a1dd747
7b5ecd4e9bf216f4c71747b9eab5f135a610972adeb28d4f61118fab6decc065
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 13:29:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:56:48 GMT
Expires: Tue, 13 Dec 2022 13:56:47 GMT
Etag: "0259f1b07774b87d9bf5d69228f549946a1dd747"
Cache-Control: max-age=519445,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775d9c146ed4b4f4-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash abfe375096bfad484cdbeca1076184cd
41a864ca85b8798975b0bab4891129ff76f4fd55
6e89ad7525e4268ae0dc2f35741b2b3594f91e3242e576bedf6566d03fd09628
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3587
Cache-Control: max-age=149843
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:21 GMT
Etag: "63902d81-1d7"
Expires: Fri, 09 Dec 2022 07:06:44 GMT
Last-Modified: Wed, 07 Dec 2022 06:06:57 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
185.89.210.180302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP 185.89.210.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 07 Dec 2022 13:29:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: eabd5935-0815-4546-b296-e05066f98a8e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9cf3ccbda3bc6b018f1dee2e36b1706f
8ff67eb73ad0be65572b3335016e88d7eb7c6acf
8d859aa693421fc54385d70644f1157fb2c988fbb25570908fcc8ff3d1cf18e0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3513
Cache-Control: max-age=96099
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:21 GMT
Etag: "638f5bdb-1d7"
Expires: Thu, 08 Dec 2022 16:11:00 GMT
Last-Modified: Tue, 06 Dec 2022 15:12:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
x.bidswitch.net/sync?dsp_id=46&user_id=k-zoeHuxGAq6NNBPvwPTGz2tW03d30BYtPvb828g&expires=30
3.127.128.128200 OK 43 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-zoeHuxGAq6NNBPvwPTGz2tW03d30BYtPvb828g&expires=30
IP 3.127.128.128:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?dsp_id=46&user_id=k-zoeHuxGAq6NNBPvwPTGz2tW03d30BYtPvb828g&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:21 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e2d765e33fd8a4c43c71474455353dd9
fc20d4d1da464956eee7ec36d32f4c83d1d4a159
4993f35d974adf6ad914e6ea5d6310bf78c743122e022bc64b3bf470d18c3197
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2811
Cache-Control: max-age=94319
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:21 GMT
Etag: "638f57a6-1d7"
Expires: Thu, 08 Dec 2022 15:41:20 GMT
Last-Modified: Tue, 06 Dec 2022 14:54:30 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 9b7b7de880f8bc49786b374b33898d73
f058f2065e585e245f22e9645d93647e117e49f3
7d335ab945bf6d39e931d15cc1710ad78564c876223e73da367932670bb12008
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=130123
Date: Wed, 07 Dec 2022 13:29:21 GMT
Etag: "638fe03c-1d7"
Expires: Fri, 09 Dec 2022 01:38:04 GMT
Last-Modified: Wed, 07 Dec 2022 00:37:16 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6SFZdRPruh_lhMGIleiZAhM7tMNnZbmQOWSIFWRMm8nCMjtkiKvXOg==
Age: 3648
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fa073b93078665638ee8c9372bfa9390
c7c2f5a4c5d39e68e7f61b5008c4bbcef4422397
e7b0aa9ef7d544fca18588da8646099830c7099a4b495f31e41eb5de7a2f05e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7B0AA9EF7D544FCA18588DA8646099830C7099A4B495F31E41EB5DE7A2F05E8"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3121
Expires: Wed, 07 Dec 2022 14:21:22 GMT
Date: Wed, 07 Dec 2022 13:29:21 GMT
Connection: keep-alive
cm.adform.net/pixel?adform_pid=15&adform_pc=k-4Ks4kRGAq6NNBPvwPTGz2tW03d1TUvcaKavX4A
37.157.4.28200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-4Ks4kRGAq6NNBPvwPTGz2tW03d1TUvcaKavX4A
IP 37.157.4.28:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-4Ks4kRGAq6NNBPvwPTGz2tW03d1TUvcaKavX4A HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 13:29:21 GMT
content-type: image/gif
content-length: 43
last-modified: Wed, 10 Apr 2019 10:06:26 GMT
etag: "5cadc022-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=28645&dpuuid=
34.240.144.110302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 34.240.144.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0c67d0b74.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=66286429249895337422487293999803990229; Max-Age=15552000; Expires=Mon, 05 Jun 2023 13:29:21 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: jp5wViC7Taw=
Content-Length: 0
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 62db0933850c4f1ab6eae6f8999d237c
335b1878afc1b0bc8ad7d42f494b878c9821a6f3
28af4dcc400afd461f7216ae590219652cf3a5596b538026696e50c1ae53f053
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146312
Date: Wed, 07 Dec 2022 13:29:21 GMT
Etag: "63901dfe-1d7"
Expires: Fri, 09 Dec 2022 06:07:53 GMT
Last-Modified: Wed, 07 Dec 2022 05:00:46 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SMTOada-yyR35WgUj6Ct6lr45ZfruUdrJ_J4Y6UI3qnFTS4tp6inVg==
Age: 4027
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-huj_bBGAq6NNBPvwPTGz2tW03d1UsPu0AhEb4A
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-huj_bBGAq6NNBPvwPTGz2tW03d1UsPu0AhEb4A
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-huj_bBGAq6NNBPvwPTGz2tW03d1UsPu0AhEb4A HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 07 Dec 2022 13:29:21 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-huj_bBGAq6NNBPvwPTGz2tW03d1UsPu0AhEb4A&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBDGVkGMCEAirelnIbOJps71NLuTiG10FEgEBAQHmkWOaYwAAAAAA_eMAAA&S=AQAAAo-VCnaGkDuAhe-JqVx6N2s; Expires=Thu, 7 Dec 2023 19:29:21 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 92e078f3076c59137dae77470733c126
43134eef6a45a528530d6710b0618baac8219348
82c36c961246e5642b9bbc34c584cc23eca4466687fa81d57d35d949befb577d
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6555
Cache-Control: max-age=120787
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:21 GMT
Etag: "638fb069-1d7"
Expires: Thu, 08 Dec 2022 23:02:28 GMT
Last-Modified: Tue, 06 Dec 2022 21:13:13 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-01_pbBGAq6NNBPvwPTGz2tW03d0twRlmwFMFtw
52.58.31.107302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-01_pbBGAq6NNBPvwPTGz2tW03d0twRlmwFMFtw
IP 52.58.31.107:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-01_pbBGAq6NNBPvwPTGz2tW03d0twRlmwFMFtw HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 07 Dec 2022 13:29:21 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-01_pbBGAq6NNBPvwPTGz2tW03d0twRlmwFMFtw
set-cookie: tuuid=5e141238-379d-40ce-b736-eab79fbddc41; Expires=Tue, 07 Mar 2023 13:29:21 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1670419761; Expires=Tue, 07 Mar 2023 13:29:21 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 50d44347480ddbf69ff2e269edb5cce5
33dd3dfeab6f79c528cad49c3ce78c82b2d675bc
5a1afe32968aa9a3c3e2240e7766ebe312b3d017505fe8a8596138ce95ab208e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3721
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:21 GMT
Last-Modified: Wed, 07 Dec 2022 12:27:20 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
id5-sync.com/s/966/9.gif?puid=k-EIsSlxGAq6NNBPvwPTGz2tW03d0INNgkc9gPZQ
141.95.33.111200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-EIsSlxGAq6NNBPvwPTGz2tW03d0INNgkc9gPZQ
IP 141.95.33.111:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-EIsSlxGAq6NNBPvwPTGz2tW03d0INNgkc9gPZQ HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Wed, 07-Dec-2022 13:34:21 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Wed, 07-Dec-2022 13:34:21 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Wed, 07-Dec-2022 13:34:21 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Wed, 07-Dec-2022 13:34:21 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Wed, 07-Dec-2022 13:34:21 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Wed, 07-Dec-2022 13:34:21 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Wed, 07 Dec 2022 13:29:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ad.yieldlab.net/m?dt_id=8664&ext_id=k-bOJQ9RGAq6NNBPvwPTGz2tW03d1kfLcXJnyEIQ
23.13.245.180204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-bOJQ9RGAq6NNBPvwPTGz2tW03d1kfLcXJnyEIQ
IP 23.13.245.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-bOJQ9RGAq6NNBPvwPTGz2tW03d1kfLcXJnyEIQ HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Tue, 06 Dec 2022 13:29:21 GMT
Date: Wed, 07 Dec 2022 13:29:21 GMT
Connection: keep-alive
Set-Cookie: id=2f344b48-8981-46dd-986d-8794f6fa934e; Path=/; Domain=prod.svc.y6b.de; Expires=Thu, 07-Dec-2023 13:29:21 GMT; Max-Age=31536000; Secure; SameSite=None
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash eb3ada812f0727a3c3c20655e43c20ab
2766d9dd26318e92c32ec924383ec39a9669b56b
5608fdbb0ddf0610e19db1f02ca3210c89a9bbd530c806c065d0d6e3dd4649d5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 13:29:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 03:11:57 GMT
Expires: Wed, 14 Dec 2022 03:11:56 GMT
Etag: "2766d9dd26318e92c32ec924383ec39a9669b56b"
Cache-Control: max-age=567154,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775d9c14ffa2b4f4-OSL
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-enShmBGAq6NNBPvwPTGz2tW03d3mDRcIv2Bz6Q
3.72.32.250204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-enShmBGAq6NNBPvwPTGz2tW03d3mDRcIv2Bz6Q
IP 3.72.32.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-enShmBGAq6NNBPvwPTGz2tW03d3mDRcIv2Bz6Q HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 07 Dec 2022 13:29:21 GMT
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-huj_bBGAq6NNBPvwPTGz2tW03d1UsPu0AhEb4A&verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-huj_bBGAq6NNBPvwPTGz2tW03d1UsPu0AhEb4A&verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-huj_bBGAq6NNBPvwPTGz2tW03d1UsPu0AhEb4A&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Dec 2022 13:29:21 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBDGVkGMCEB4reD-tjTzYR07vjWozQdUFEgEBAQHmkWOaYwAAAAAA_eMAAA&S=AQAAAjvhtt48c4hituErNkfm-9I; Expires=Thu, 7 Dec 2023 19:29:21 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-01_pbBGAq6NNBPvwPTGz2tW03d0twRlmwFMFtw
52.58.31.107200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-01_pbBGAq6NNBPvwPTGz2tW03d0twRlmwFMFtw
IP 52.58.31.107:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-01_pbBGAq6NNBPvwPTGz2tW03d0twRlmwFMFtw HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:21 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-d9kNBhGAq6NNBPvwPTGz2tW03d1GOj3DqoQmyA
185.64.190.80200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-d9kNBhGAq6NNBPvwPTGz2tW03d1GOj3DqoQmyA
IP 185.64.190.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-d9kNBhGAq6NNBPvwPTGz2tW03d1GOj3DqoQmyA HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 13:29:21 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-d9kNBhGAq6NNBPvwPTGz2tW03d1GOj3DqoQmyA&KRTB&23144-uid:k-d9kNBhGAq6NNBPvwPTGz2tW03d1GOj3DqoQmyA&KRTB&23286-uid:k-d9kNBhGAq6NNBPvwPTGz2tW03d1GOj3DqoQmyA&KRTB&23287-uid:k-d9kNBhGAq6NNBPvwPTGz2tW03d1GOj3DqoQmyA; domain=pubmatic.com; secure; expires=Fri, 06-Jan-2023 13:29:21 GMT; path=/
PugT=1670419761; domain=pubmatic.com; secure; expires=Fri, 06-Jan-2023 13:29:21 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
34.240.144.110200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 34.240.144.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-040129606.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: bmlzx+JMRsg=
Content-Length: 59
Connection: keep-alive
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 114236
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://evenstadmusikk.no
access-control-allow-credentials: true
date: Wed, 07 Dec 2022 13:29:21 GMT
X-Firefox-Spdy: h2
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-tgj22RGAq6NNBPvwPTGz2tW03d2ECzFIqwg6pA
185.255.84.152200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-tgj22RGAq6NNBPvwPTGz2tW03d2ECzFIqwg6pA
IP 185.255.84.152:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-tgj22RGAq6NNBPvwPTGz2tW03d2ECzFIqwg6pA HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=a376dbdf7345096fc41845163b1718f1; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 13:29:21 GMT
content-length: 49
x-envoy-upstream-service-time: 22
server: ayl-lb-fra02
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 07 Dec 2022 13:29:20 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 525417
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-YdOKWRGAq6NNBPvwPTGz2tW03d3UNu-saXLKSg
70.42.32.223200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-YdOKWRGAq6NNBPvwPTGz2tW03d3UNu-saXLKSg
IP 70.42.32.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-YdOKWRGAq6NNBPvwPTGz2tW03d3UNu-saXLKSg HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 13:29:21 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: add4b80ff8c4b66f4498c4cb7e8c5ce9
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash e2a880777201cd52592f5649a4763bfc
c0301503c652721b0b3fae742223f4a873456df8
b6cbe7a377078205eca9cf15e5e929affeca110baedcafd7a4c7694c79812a7b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171172
Date: Wed, 07 Dec 2022 13:29:21 GMT
Etag: "63908085-1d7"
Expires: Fri, 09 Dec 2022 13:02:13 GMT
Last-Modified: Wed, 07 Dec 2022 12:01:09 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: z0Da7sanrPa-dllYg5IKi9f692UtAJBT1LP7Lhldm80r1-72vYTzuA==
Age: 3664
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 4a4d131bd7d8c86082311ef51a15aec1
4d0ab3e3ed92eafa5f130bb95be983f548c2af26
3b5e894fb9f5ec86402893a5d6ea151d6948b6220d77889aca066bc2b826c70f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103883
Date: Wed, 07 Dec 2022 13:29:21 GMT
Etag: "638f7832-1d7"
Expires: Thu, 08 Dec 2022 18:20:44 GMT
Last-Modified: Tue, 06 Dec 2022 17:13:22 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9bvUIN40ACl4PtBX2slkFX3yaa2x50lq_ueXhigEz_rZyO0cGbyasg==
Age: 4042
sync-criteo.ads.yieldmo.com/sync?id=k-CIuXPBGAq6NNBPvwPTGz2tW03d0zy34NtF1t8g&pn_id=criteo&ext=1
52.49.74.99200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-CIuXPBGAq6NNBPvwPTGz2tW03d0zy34NtF1t8g&pn_id=criteo&ext=1
IP 52.49.74.99:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-CIuXPBGAq6NNBPvwPTGz2tW03d0zy34NtF1t8g&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:21 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=gb1a020bc7992e0474a6%7C1670419761599%7C0%7C; Domain=.yieldmo.com; Expires=Thu, 07-Dec-2023 13:29:21 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-CIuXPBGAq6NNBPvwPTGz2tW03d0zy34NtF1t8g; Domain=ads.yieldmo.com; Expires=Thu, 07-Dec-2023 13:29:21 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 50596c352614ac34197ef22f2b1751a8
469911ca4a7d9bb4d52cd99b9bb546f1ece549ce
a1f8eab0897f94325f42351c5ab7845d00d045b59710deab89761a2975b9cd81
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2591
Cache-Control: max-age=170096
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:29:21 GMT
Etag: "63908082-1d7"
Expires: Fri, 09 Dec 2022 12:44:17 GMT
Last-Modified: Wed, 07 Dec 2022 12:01:06 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
54.194.57.229204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 54.194.57.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 07 Dec 2022 13:29:21 GMT
set-cookie: _kuid_=PPltLL1u; Expires=Mon, 05-Jun-23 13:29:21 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n002-dub-prod.krxd.net
x-request-time: D=30 t=1670419761
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 07 Dec 2022 13:29:21 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 404407
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 4efff111dfc11a8ee5d293e618b45f43
9039cc21e1a0f4d45323a6d2fa7d0d7433473d8c
51c357935dfe0f1fda98298758251c3963c5aa6b301229cd18398469fca1166e
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "51C357935DFE0F1FDA98298758251C3963C5AA6B301229CD18398469FCA1166E"
Last-Modified: Wed, 07 Dec 2022 08:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3235
Expires: Wed, 07 Dec 2022 14:23:17 GMT
Date: Wed, 07 Dec 2022 13:29:22 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
3.18.206.73200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP 3.18.206.73:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:22 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: 28fea4a0-7633-11ed-98b8-0000ac170186
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
e1.emxdgt.com/put?d=d53&uid=k-TO0n4xGAq6NNBPvwPTGz2tW03d2CMAP9ZCpMDJ0einauDwP4
18.158.8.202204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-TO0n4xGAq6NNBPvwPTGz2tW03d2CMAP9ZCpMDJ0einauDwP4
IP 18.158.8.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-TO0n4xGAq6NNBPvwPTGz2tW03d2CMAP9ZCpMDJ0einauDwP4 HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Wed, 07 Dec 2022 13:29:21 GMT
content-length: 0
X-Firefox-Spdy: h2
apil1.spinnaker-js.com/
34.246.156.108200 OK 0 B IP 34.246.156.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: apil1.spinnaker-js.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:22 GMT
content-length: 0
server: nginx/1.20.0
access-control-allow-origin: https://evenstadmusikk.no
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: content-type, accept, X-Requested-With, X-HTTP-Method-Override, data, X-UA-Compatible
access-control-allow-credentials: false
access-control-max-age: 31536000
X-Firefox-Spdy: h2
evenstadmusikk.no/scripts/web-defered-4.0.js?v=fN0WFA_YErzDhsWH4WrlY8lI1cQt512_kP0y-_N2FxI1
80.86.142.229200 OK 0 B URL HTTP/2 evenstadmusikk.no/scripts/web-defered-4.0.js?v=fN0WFA_YErzDhsWH4WrlY8lI1cQt512_kP0y-_N2FxI1
IP 80.86.142.229:0
ASN #21119 Braathe Gruppen AS
GET /scripts/web-defered-4.0.js?v=fN0WFA_YErzDhsWH4WrlY8lI1cQt512_kP0y-_N2FxI1 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/presonus/1138474/presonus-sl-ar8-rack-ear?kk=a4c6294-184ecc6bb0e-31bf&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Presonus+Sl-Ar8+Rack+Ear
Cookie: .ASPXANONYMOUS=GHcMv9FA2QEkAAAAMjc4OTFhNTgtYzI3OS00NGJkLTg3MzYtOGNjY2FiZjc5ZTkxdlzUQ7OtIVo-M6GqnOG3d83rSoI1; ASP.NET_SessionId=mej4nyjyaamkhmtzln1uwlvk; McWeb3.15.2-1=SPCId=2834565&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Thu, 07 Dec 2023 13:29:18 GMT
last-modified: Wed, 07 Dec 2022 13:29:18 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Wed, 07 Dec 2022 13:29:17 GMT
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-oTkhlRGAq6NNBPvwPTGz2tW03d2nZg1m-KnUaQ
141.226.228.48200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-oTkhlRGAq6NNBPvwPTGz2tW03d2nZg1m-KnUaQ
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-oTkhlRGAq6NNBPvwPTGz2tW03d2nZg1m-KnUaQ HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 13:29:21 GMT
x-fastly-to-nlb-rtt: 21904
access-control-allow-credentials: true
X-Firefox-Spdy: h2
cdn.spinnaker-js.com/rc/34349/scripts/s.js
54.230.111.122200 OK 0 B URL HTTP/2 cdn.spinnaker-js.com/rc/34349/scripts/s.js
IP 54.230.111.122:0
GET /rc/34349/scripts/s.js HTTP/1.1
Host: cdn.spinnaker-js.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 18 Apr 2022 09:57:52 GMT
x-amz-meta-version: 6.19.18-1.5.0
x-amz-meta-previous: rc/34349/scripts/s-1650275870.js
x-amz-meta-deployeddate: 2022-04-18 09:57:50
server: AmazonS3
content-encoding: gzip
date: Wed, 07 Dec 2022 04:53:40 GMT
etag: W/"bc4303ad7fe6e07dff443f7b21cf3d0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tzllmCZ4Utj8Gm2Khm4uf5OQT-I9KBVF-jRDlrt65-hvAcc09uM2bg==
age: 30940
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/142000613
13.107.238.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/uet/142000613
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/uet/142000613 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=122d9abe5dae4e8582e71ef9e67400e5.20221207.20231207; expires=Thu, 07 Dec 2023 13:29:20 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
x-cache: CONFIG_NOCACHE
x-azure-ref: 0MJWQYwAAAABa9LLhXyt7SaXy9yJweZjiU1ZHMjBFREdFMDYxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 07 Dec 2022 13:29:19 GMT
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-o4LTmBGAq6NNBPvwPTGz2tW03d2616hgoCkY_A&google_error=3
178.250.2.151200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-o4LTmBGAq6NNBPvwPTGz2tW03d2616hgoCkY_A&google_error=3
IP 178.250.2.151:0
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-o4LTmBGAq6NNBPvwPTGz2tW03d2616hgoCkY_A&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:21 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 323925
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/js/ld/ld.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/ld.js
IP 178.250.2.130:0
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 13:29:19 GMT
content-type: text/javascript
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
etag: W/"636a704a-a8d9"
expires: Thu, 08 Dec 2022 13:29:19 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=evenstadmusikk.no&origin=onetag
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=evenstadmusikk.no&origin=onetag
IP 178.250.2.146:0
GET /syncframe?topUrl=evenstadmusikk.no&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:19 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=deaab1d3-8c2c-41f8-aec6-3fc603c1d741; expires=Mon, 01 Jan 2024 13:29:19 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 566542
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.238.53200 OK 0 B URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9082948124e4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0C2yPYwAAAADbDkcRdvRjSJJE8S+F2lXyQU1TMDRFREdFMTkwNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0MJWQYwAAAABL2yENIEETR7Pdz1r31pqjU1ZHMjBFREdFMDYxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 07 Dec 2022 13:29:19 GMT
X-Firefox-Spdy: h2
static.itxuc.com/r10120.10.2.1/plugins/uc/chat/active_chat_helper.html?hostname=evenstadmusikk.no&endpoint=https:%2F%2Fservices14-node2.itxuc.com&token=%3Ftokenv2%3Dcac3710d0da4768b2cf7339cd3fd9d19%26rcntrl%3D1406233%26ccntrl%3D60000141%26useCorp%3D60000141
85.196.80.229200 OK 0 B URL HTTP/2 static.itxuc.com/r10120.10.2.1/plugins/uc/chat/active_chat_helper.html?hostname=evenstadmusikk.no&endpoint=https:%2F%2Fservices14-node2.itxuc.com&token=%3Ftokenv2%3Dcac3710d0da4768b2cf7339cd3fd9d19%26rcntrl%3D1406233%26ccntrl%3D60000141%26useCorp%3D60000141
IP 85.196.80.229:0
ASN #2116 Globalconnect As
GET /r10120.10.2.1/plugins/uc/chat/active_chat_helper.html?hostname=evenstadmusikk.no&endpoint=https:%2F%2Fservices14-node2.itxuc.com&token=%3Ftokenv2%3Dcac3710d0da4768b2cf7339cd3fd9d19%26rcntrl%3D1406233%26ccntrl%3D60000141%26useCorp%3D60000141 HTTP/1.1
Host: static.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 13:29:20 GMT
content-type: text/html
last-modified: Mon, 05 Dec 2022 14:17:02 GMT
etag: W/"638dfd5e-bad"
expires: Sat, 02 Dec 2023 13:29:20 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-expose-headers: Content-Length
pragma: public
cache-control: max-age=31104000, public
vary: Origin
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CYanone+Kaffeesatz:700,400,300&subset=latin,latin
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CYanone+Kaffeesatz:700,400,300&subset=latin,latin
IP 142.250.74.74:0
GET /css?family=Open+Sans:300,400,700%7CYanone+Kaffeesatz:700,400,300&subset=latin,latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 13:29:18 GMT
date: Wed, 07 Dec 2022 13:29:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
chat.kindlycdn.com/kindly-chat.js
104.26.7.158200 OK 0 B URL HTTP/2 chat.kindlycdn.com/kindly-chat.js
IP 104.26.7.158:0
GET /kindly-chat.js HTTP/1.1
Host: chat.kindlycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:20 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycduT2VAnFyuoq6TD8oIoNJBhsYyMkfYRaAkxDoJ2uBnwZb5Vq0G1c949LOSvQRZFYIP7LRVTvVng5OEpbOzuYoEofEsHfYpZ
cache-control: public, max-age=1800
expires: Wed, 07 Dec 2022 13:55:44 GMT
last-modified: Tue, 22 Nov 2022 14:26:05 GMT
etag: W/"959d4fd403fd2c6dc47875a52640f6b6"
x-goog-generation: 1669127165705086
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 255889
x-goog-meta-goog-reserved-file-mtime: 1669127158
x-goog-meta-kindly-chat-version: v2.39.8
x-goog-hash: crc32c=9+4mPA==, md5=lZ1P1AP9LG3EeHWlJkD2tg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: HIT
age: 216
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzTbBk6dxZowpV%2Fykg4VfM6JdYDVN4C5EvdHWHNGm8PNkLFWeb1odGy%2BliVp3BfwUEddYtJdSX8%2BGao9fZ1R8vBqoA4fSyOFaTjnARL8dUl7F2Cz%2F%2FVNdf0TK2EYkgeQZBT%2BMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d9c0fcfc3b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-DN6u2BGAq6NNBPvwPTGz2tW03d111tOTqqEptoVtxkDY3dcU
52.58.68.225200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-DN6u2BGAq6NNBPvwPTGz2tW03d111tOTqqEptoVtxkDY3dcU
IP 52.58.68.225:0
GET /usersync/push?partner=criteo&partnerId=k-DN6u2BGAq6NNBPvwPTGz2tW03d111tOTqqEptoVtxkDY3dcU HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:21 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%22285f0940-7633-11ed-9090-c7cf51a57a27%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Wed, 21 Dec 2022 13:29:21 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%22285f0940-7633-11ed-9090-c7cf51a57a27%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Wed, 21 Dec 2022 13:29:21 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%22285f0940-7633-11ed-9090-c7cf51a57a27%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Wed, 21 Dec 2022 13:29:21 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%22285f0940-7633-11ed-9090-c7cf51a57a27%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Wed, 21 Dec 2022 13:29:21 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-DN6u2BGAq6NNBPvwPTGz2tW03d111tOTqqEptoVtxkDY3dcU%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Wed, 21 Dec 2022 13:29:21 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-Uke8RhGAq6NNBPvwPTGz2tW03d0CnaSFuuhk3w
54.167.115.223200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-Uke8RhGAq6NNBPvwPTGz2tW03d0CnaSFuuhk3w
IP 54.167.115.223:0
GET /sync?UICR=k-Uke8RhGAq6NNBPvwPTGz2tW03d0CnaSFuuhk3w HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:21 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=VUJPD180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRjd2SFZib0g4RGt2M3NsV2xuT1UydVZPeiUyRlo5UVNTWUJrNUloRmtvVGZ3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=h1ClJV80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRjd2SFZib0g4RGt2M3NsV2xuT1UydmhOckhUWm9LZDNwcWlyQlRXMTB0Vw; expires=Mon, 01 Jan 2024 13:29:20 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 378083
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=evenstadmusikk.no&sn=FirefoxSyncframe&so=0&topUrl=evenstadmusikk.no&info=h1ClJV80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRjd2SFZib0g4RGt2M3NsV2xuT1UydmhOckhUWm9LZDNwcWlyQlRXMTB0Vw&idsd=1506741307,-1271867054&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=evenstadmusikk.no&sn=FirefoxSyncframe&so=0&topUrl=evenstadmusikk.no&info=h1ClJV80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRjd2SFZib0g4RGt2M3NsV2xuT1UydmhOckhUWm9LZDNwcWlyQlRXMTB0Vw&idsd=1506741307,-1271867054&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=onetag&domain=evenstadmusikk.no&sn=FirefoxSyncframe&so=0&topUrl=evenstadmusikk.no&info=h1ClJV80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRjd2SFZib0g4RGt2M3NsV2xuT1UydmhOckhUWm9LZDNwcWlyQlRXMTB0Vw&idsd=1506741307,-1271867054&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=evenstadmusikk.no&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1225595
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
178.250.2.151200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP 178.250.2.151:0
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:29:20 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 391126
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2