Overview

URL social.medialinks.cc/files/scan0001.rar
IP37.48.65.152
ASNLeaseWeb Netherlands B.V.
Location Netherlands
Report completed2022-10-04 03:04:57 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 social.medialinks.cc/files/scan0001.rar Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (30)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-10-03 20:08:32 UTC 142.250.74.164
mnemonic passive DNS www.google.no (3) 25607 2016-04-05 19:50:59 UTC 2022-10-03 09:28:40 UTC 142.250.74.3
mnemonic passive DNS media.bigbasketshop.com (1) 644547 2021-05-27 13:11:29 UTC 2022-10-04 00:03:17 UTC 104.21.86.113
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 09:28:24 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-10-03 20:32:42 UTC 93.184.220.29
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-10-03 19:40:13 UTC 172.217.21.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS social.medialinks.cc (3) 0 2020-04-10 10:42:50 UTC 2022-10-03 12:29:48 UTC 37.48.65.152 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.76.226
mnemonic passive DNS eu.pushnow.net (2) 0 2022-03-23 00:35:15 UTC 2022-10-03 17:27:22 UTC 38.100.129.67 Unknown ranking
mnemonic passive DNS client.24nettbutikk.chat (1) 0 2022-10-03 08:42:09 UTC 2022-10-03 14:11:34 UTC 143.204.55.112 Unknown ranking
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-10-03 09:10:55 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS irene-eux.com (3) 0 2022-09-21 16:06:22 UTC 2022-10-03 16:27:20 UTC 34.239.209.41 Unknown ranking
mnemonic passive DNS tc.tradetracker.net (1) 148392 2020-11-09 11:51:21 UTC 2022-10-03 20:13:15 UTC 18.202.182.169
mnemonic passive DNS assets2.24nettbutikk.no (3) 0 2017-01-30 05:36:42 UTC 2022-10-03 14:11:34 UTC 193.107.29.107 Unknown ranking
mnemonic passive DNS googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-10-03 20:53:50 UTC 142.250.74.162
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-03 17:23:50 UTC 143.204.55.115
mnemonic passive DNS www.googletagmanager.com (2) 75 2012-12-25 14:52:06 UTC 2022-10-03 20:08:49 UTC 142.250.74.168
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-03 17:32:53 UTC 216.58.211.10
mnemonic passive DNS celis.no (31) 0 2017-02-02 10:52:14 UTC 2022-10-03 14:11:44 UTC 193.107.30.42 Unknown ranking
mnemonic passive DNS widget.trustpilot.com (3) 6018 2017-09-05 07:45:53 UTC 2022-10-03 13:18:20 UTC 143.204.55.80
mnemonic passive DNS stats.g.doubleclick.net (2) 96 2013-06-02 22:47:44 UTC 2022-10-03 14:17:35 UTC 74.125.131.155
mnemonic passive DNS sc-static.net (1) 1183 2022-01-24 20:13:30 UTC 2022-10-04 01:06:41 UTC 54.230.82.240
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-10-03 07:45:02 UTC 31.13.72.12
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 09:28:24 UTC 52.35.74.102
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-03 14:02:45 UTC 34.120.237.76
mnemonic passive DNS tr.snapchat.com (4) 978 2017-04-26 06:25:03 UTC 2022-10-03 09:28:39 UTC 35.190.43.134
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 143.204.55.25
mnemonic passive DNS ocsp.pki.goog (16) 175 2017-06-14 07:23:31 UTC 2022-10-03 07:14:52 UTC 142.250.74.3
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-10-03 22:24:01 UTC 142.250.74.174


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 37.48.65.152

Date UQ / IDS / BL URL IP
2022-12-06 10:48:17 +0000
0 - 0 - 1 mkuu.483e3.pq.wy5532.com/ 37.48.65.152
2022-12-06 03:57:12 +0000
0 - 0 - 1 wrrpnqa.nn.wy5532.com/ 37.48.65.152
2022-12-06 03:40:43 +0000
0 - 0 - 4 xiaoimi.com/5/login.globalsources.com.zip 37.48.65.152
2022-12-06 02:58:31 +0000
0 - 0 - 1 lkjkui.852fa.ve.wy5532.com/ 37.48.65.152
2022-12-05 20:53:14 +0000
0 - 0 - 1 wasqrlct.uu.wy5532.com/ 37.48.65.152

Last 5 reports on ASN: LeaseWeb Netherlands B.V.

Date UQ / IDS / BL URL IP
2022-12-06 10:56:25 +0000
0 - 0 - 1 tgtggb.39f90.kb.wy5532.com/ 37.48.65.149
2022-12-06 10:48:17 +0000
0 - 0 - 1 mkuu.483e3.pq.wy5532.com/ 37.48.65.152
2022-12-06 10:35:48 +0000
0 - 0 - 1 wtyovak.google.wy5532.com/ 37.48.65.149
2022-12-06 10:00:15 +0000
0 - 0 - 1 weretrtrt441cf.sw.wy5532.com/ 81.171.22.6
2022-12-06 09:38:47 +0000
0 - 0 - 2 rasvetakandela.com/js/.ch/660e4be8f59ae4c3ab7 (...) 85.17.187.35

Last 5 reports on domain: medialinks.cc

Date UQ / IDS / BL URL IP
2022-11-10 11:40:44 +0000
0 - 0 - 1 social.medialinks.cc/files/scan0001.rar 81.171.22.5
2022-11-09 20:31:44 +0000
0 - 0 - 1 social.medialinks.cc/files/hot_song.rar 185.107.56.200
2022-11-09 02:37:30 +0000
0 - 0 - 5 social.medialinks.cc/files/hot_song.rar 185.107.56.199
2022-11-09 02:32:57 +0000
0 - 0 - 1 social.medialinks.cc/files/scan0001.rar 185.107.56.199
2022-11-08 11:42:39 +0000
0 - 0 - 3 social.medialinks.cc/files/hot_song.rar 81.171.22.7

No other reports with similar screenshot



JavaScript

Executed Scripts (37)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (106)


Request Response
                                        
                                            GET /files/scan0001.rar HTTP/1.1 
Host: social.medialinks.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         37.48.65.152
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 494
date: Tue, 04 Oct 2022 03:04:45 GMT
server: nginx
set-cookie: sid=4d5818b0-4391-11ed-bf4e-843f71c80bd8; path=/; domain=.medialinks.cc; expires=Sun, 22 Oct 2090 06:18:53 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (494), with no line terminators
Size:   494
Md5:    75da96be8eb116819e7e895efb180977
Sha1:   39e5cd4694cb58215f33c1a51cc695d548f6667b
Sha256: 4d94542efb4d6e0c85a41944f3f7ed933d949b71f21de698a96bb734b3546a32

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20649
Expires: Tue, 04 Oct 2022 08:48:55 GMT
Date: Tue, 04 Oct 2022 03:04:46 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 02:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7RusyZpDfliUraUaczMFvdzKkRz357CChIOmUFQ_PFgTZMlqM3LbFA==
Age: 1062


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vtSwGhnh2IWrHN0_5sF7CBbNubQQXn2plmBVozeH1sCSPP2m9wGSFw==
age: 77779
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 03:04:46 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: social.medialinks.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://social.medialinks.cc/files/scan0001.rar
Cookie: sid=4d5818b0-4391-11ed-bf4e-843f71c80bd8

                                         
                                         37.48.65.152
HTTP/1.1 404 Not Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Tue, 04 Oct 2022 03:04:46 GMT
server: nginx


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   9
Md5:    d8f4a1993546cc4b850cde3599e27aec
Sha1:   094b763b4cfcc0b05e5d040581cd513c3ca08067
Sha256: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 02:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 03:10:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L9E3RRRgYyPZrkhqjWc2heuUtZ2sqfS7xyJJEAO5u7oO93eNPF-ywA==
Age: 2114


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5958
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 03:04:47 GMT
Last-Modified: Tue, 04 Oct 2022 01:25:30 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /files/scan0001.rar?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NDg1OTg4NiwiaWF0IjoxNjY0ODUyNjg2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2RidGNrb2k1ODJuNWFib28xcTZiZ2EiLCJuYmYiOjE2NjQ4NTI2ODYsInRzIjoxNjY0ODUyNjg2NTM5ODE4fQ.sxbFAUBzdlIwXBbfFRBb0qcJYyt-xDBuUqMO0zjOP2Q&sid=4d5818b0-4391-11ed-bf4e-843f71c80bd8 HTTP/1.1 
Host: social.medialinks.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://social.medialinks.cc/files/scan0001.rar
Cookie: sid=4d5818b0-4391-11ed-bf4e-843f71c80bd8
Upgrade-Insecure-Requests: 1

                                         
                                         37.48.65.152
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Tue, 04 Oct 2022 03:04:46 GMT
location: http://irene-eux.com/zcvisitor/4da4ac71-4391-11ed-bae4-0a6038a7505d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4db96cf3-4391-11ed-bae4-0a6038a7505d
server: nginx
set-cookie: sid=4d5818b0-4391-11ed-bf4e-843f71c80bd8; path=/; domain=.medialinks.cc; expires=Sun, 22 Oct 2090 06:18:54 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
                                        
                                            GET /zcvisitor/4da4ac71-4391-11ed-bae4-0a6038a7505d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4db96cf3-4391-11ed-bae4-0a6038a7505d HTTP/1.1 
Host: irene-eux.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://social.medialinks.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         34.239.209.41
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 03:04:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: sKIcFhXd


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   996
Md5:    5a318761f13e496b2c62451afa5b676d
Sha1:   1fea7300ffddde93d068dd9bdb894d20b379c04b
Sha256: bde210f7d3a016c83222d637ad5240801976be3b7d4fd559e276e015dbf499f0
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jaXhc5YBTU23kkjs3KJ4RQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.35.74.102
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gXgSxRzGwkYJ8fI75sxXTgWxJvY=

                                        
                                            GET /zcredirect?visitid=4da4ac71-4391-11ed-bae4-0a6038a7505d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1 
Host: irene-eux.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://irene-eux.com/zcvisitor/4da4ac71-4391-11ed-bae4-0a6038a7505d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4db96cf3-4391-11ed-bae4-0a6038a7505d
Upgrade-Insecure-Requests: 1

                                         
                                         34.239.209.41
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 03:04:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: tjlhIlLk


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   400
Md5:    23afb038923fb5fb8fd55de6086b4a41
Sha1:   78630494a2a42d35e5e2ac8c849ebd65d8c03c62
Sha256: 8d952df50672636f5aad564c16de129fcebd56e0ae5a0c69c4f9ec920c0a2f14
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BF8DAD309167FEF7171FAAC545294C0283D2B6EB1F199C459DC053757BB7F62A"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1830
Expires: Tue, 04 Oct 2022 03:35:18 GMT
Date: Tue, 04 Oct 2022 03:04:48 GMT
Connection: keep-alive

                                        
                                            GET /postback/click?key=v2-1664852687134-4-8763-999800-8554615c-d895-2d75-a97c-f1b084a62e53 HTTP/1.1 
Host: eu.pushnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://irene-eux.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         38.100.129.67
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
server: openresty/1.15.8.3
date: Tue, 04 Oct 2022 03:04:48 GMT
content-length: 2089
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   2089
Md5:    2ee582b63be1818e6f135b5f7964727c
Sha1:   996e5cf92068740b69e3dabb6912c457e5a37cba
Sha256: 7e56301e3fe2b6fe1de89c64adc00e16cce60d755c9b0cec83944c8d76f3282b
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: irene-eux.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://irene-eux.com/zcredirect?visitid=4da4ac71-4391-11ed-bae4-0a6038a7505d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false

                                         
                                         34.239.209.41
HTTP/1.1 404
Content-Type: text/html;charset=utf-8
                                        
Date: Tue, 04 Oct 2022 03:04:48 GMT
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: rjCiaOGS


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size:   653
Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66
Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
                                        
                                            GET /postback/click?key=v2-1664852687134-4-8763-999800-8554615c-d895-2d75-a97c-f1b084a62e53&token=e9fded8558b52180f46c6c8b53e6405f&timezone=0&iframe_test=false&webdriver_test=false HTTP/1.1 
Host: eu.pushnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eu.pushnow.net/postback/click?key=v2-1664852687134-4-8763-999800-8554615c-d895-2d75-a97c-f1b084a62e53
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         38.100.129.67
HTTP/2 302 Found
                                        
server: openresty/1.15.8.3
date: Tue, 04 Oct 2022 03:04:48 GMT
content-length: 0
set-cookie: platform_user_id=desktop:7980a459be274bf511db30c901634a36 platform_user_id_3rd_party=desktop:7980a459be274bf511db30c901634a36; SameSite=None; Secure; Max-Age=31556952
location: https://media.bigbasketshop.com/track?q=y9mVqLVe3evR
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 03:04:48 GMT
Last-Modified: Tue, 04 Oct 2022 02:15:25 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 96PmOHX839BvnX7XBZ0G61ZZAxFh6hiLN-uO2oI02-NiqKEl6j8iLA==
Age: 2963

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19804
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 03:04:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19804
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 03:04:49 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 19229
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11101
x-amzn-requestid: f98e84d9-1e66-4436-b793-219a777f2ba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqcvE8JoAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5784-25bd2b234c1093de70074c92;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: becOxfqUowywFrxzDSeK7F1lFdDVTSHIF1TLC5k5aSlLPpsR6F8gjw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:42:37 GMT
age: 15732
etag: "db07d58d8feff4ea01866d095e5264ee5c8e1ca3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11101
Md5:    ae824db4a95391149198a4b6b8556c70
Sha1:   db07d58d8feff4ea01866d095e5264ee5c8e1ca3
Sha256: 19e96d204813247697e1858daf9e07d6c4cafd9ab1175a3bf39a7f07f6991521
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f5077e-59b1-4f52-bd32-a57c373ce2f1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8308
x-amzn-requestid: 35cc0acc-ac90-4f36-a976-c61c34cfe4fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqNXG3mIAMFujg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5722-112061742493dd5255c3fb00;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XKgAjOSBnAxpQtL7a0q2jUDfpzjybydP2ZBV7J1ypKVeuMdAzl-MXg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 19229
etag: "5cc38c9cfe6a2ade7a1d8ee272c4eda47c35f5df"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8308
Md5:    59c6121e6f6cb833939e12585aca131e
Sha1:   5cc38c9cfe6a2ade7a1d8ee272c4eda47c35f5df
Sha256: 88b8a458ad437bf40d154b21d844ba56530ae05c2f42b417cfb0e6cffcb294e5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7df28993-57e6-4e7f-9751-93778578bd1e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10595
x-amzn-requestid: 7cc6c91c-4dfc-4c17-b27c-5c0eec4a390a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqdOHTzoAMFYdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5787-11525116257b72eb382ecefa;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qglxUK18M0WVvuSzN-pkwoIagT-hMmp_77qKAVaGq-3vJ4gwwsRzdA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:14:26 GMT
age: 17423
etag: "40e4337611c74e26efbc53633ba1a9ac04d9ae81"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10595
Md5:    6258b8768ba4c3edcc049c494dac733a
Sha1:   40e4337611c74e26efbc53633ba1a9ac04d9ae81
Sha256: b170aaabbd17b712ed861f5e1d13ad2ff3604b47e9ec833077caeb1199f44d08
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TVz3oiy-Z2r9lGFDgsnGNxotvvAPeOaa7LMzqs432QjZpZo-PNt1-g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 80518
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iHjSrLdzntzVnJ-qaRf834nLglcKXY1cTgLY5VcCyKtp0lwN2gGnnw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 19229
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4151
Md5:    24a4a122273ef9f772852031eb13114a
Sha1:   c20f1fac9020eb4bd6c84583f73872979639b991
Sha256: 8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
                                        
                                            GET /?c=31502&m=12&a=416060&r=RA&u= HTTP/1.1 
Host: tc.tradetracker.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://media.bigbasketshop.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         18.202.182.169
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
date: Tue, 04 Oct 2022 03:04:48 GMT
location: https://celis.no/
server: nginx
cache-control: no-cache, must-revalidate
set-cookie: uf=Q1E0RvA%2FK1%2FL9bgYOhOj0zIydCtlZXNCVHUyTmxmTisyN3daN0JvL29MbnVBR2NRdFBDditFRElxRnUxRStXcThxSE5QeFB5VXFXL0lwemZvNVJteUZZMlJ1MnRXZzRDb0JZRUhRPT0%3D; expires=Wed, 04-Oct-2023 03:04:48 GMT; Max-Age=31536000; path=/; domain=.tradetracker.net; secure; SameSite=None __tdat31502=MTY2NDg1MjY4ODo6MTI6OjQxNjA2MDo6UkE6OmY6OmFmZjIyNmVlMjQxYWY5YWE3Zjc4YmEwMzc2NTc0YTky; expires=Thu, 03-Nov-2022 04:04:48 GMT; Max-Age=2595600; path=/; domain=.tradetracker.net; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   16036
Md5:    e9ecb6338332695f0bb10972335c2d07
Sha1:   682af629e044c67eaae9cd8ec8024f2faa334d7a
Sha256: 8221824a138c542b15510c91a4d95abec48add6375069200062ebb99607aa159
                                        
                                            GET /assets/themes/afterburner/css/afterburner.compiled.css?ver=1575982250 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 38985
Connection: keep-alive
Last-Modified: Tue, 10 Dec 2019 12:50:50 GMT
ETag: "42584-59958f63ddd3a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with very long lines (65425)
Size:   38985
Md5:    59a2ce90ebfbdad3a756b517c0f88ba8
Sha1:   718d9f2514203722d8aad597f5866ce85663399d
Sha256: 7805eb72e4e6ddc49c65a24f4f3d0882889ac0332ef987ccc990081366f3e0b4
                                        
                                            GET /assets/js/modernizr.min-dev.js HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 4844
Connection: keep-alive
Expires: Tue, 04 Oct 2022 03:04:49 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (10835)
Size:   4844
Md5:    b1455783dc6934fc9da050919f63e7b2
Sha1:   e1e7a7a08e141c0ddcbb8a50bae5fc845352515b
Sha256: f16bfb5663df5cd6d55463eb801edbf74c2acc5375d199ecc21664e757efe3ab
                                        
                                            GET /js/slider-cart.js?v=433d4581379f0a04f683c5adbcd86727 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 22:35:18 GMT
ETag: "671c3-5ea28f55054ce-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (54822)
Size:   144278
Md5:    b4f321dea9ee9d0dec44efc87b3f27a8
Sha1:   e042a9c862a22ec3361bcd2f3af64c7380cea93f
Sha256: d5fa6cad74c067348bb2e88d272cbbb5216d417e39c56d0ba00d0911ef85e263
                                        
                                            GET /css/cookie_consent.css HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 4431
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 22:35:18 GMT
ETag: "490a-5ea28f54fe76e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with very long lines (18698), with no line terminators
Size:   4431
Md5:    166166356a197dc79d7abf95aef97e66
Sha1:   dae0b9bc69625ccf4469b8bcfd45088c712f6cb7
Sha256: 217049ace8de69b61ff92d668ab19c1354716d3c10e7519f415bbd6f694c0900
                                        
                                            GET /bilder_diverse/slide_1664692281.png HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 1560625
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 06:31:21 GMT
ETag: "17d031-5ea07601ea796"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  PNG image data, 1406 x 767, 8-bit/color RGBA, non-interlaced\012- data
Size:   1560625
Md5:    dd613907ded8894cd067a867ad7b7550
Sha1:   17ae4a232ce96d74cb3ae5b23d0388e85fba4984
Sha256: d02ef2432b25625d69433dd55e4f78b984fad1b34b10bbdf24b725407ffc3cb4
                                        
                                            GET /assets/js/theme.js?m=1664803414 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 48163
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 13:23:34 GMT
ETag: "30eeb-5ea21401cc180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   48163
Md5:    f5db4c7ffd2b563ccc08c4ceeda053ce
Sha1:   475aaa0807e0a35ae677957bbf29a0d23a8b1994
Sha256: a85637334c2d38dba928b6fd307407706c3d2ccd839c71b85104837787864542
                                        
                                            GET /js/cookie_consent.js HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 6816
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 22:35:18 GMT
ETag: "4de8-5ea28f550452e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with very long lines (1022)
Size:   6816
Md5:    fe0290e5cd3f7b65a629e4207915b7c0
Sha1:   2d3f28169abd3a0faa5fa8a749431a42a33aea83
Sha256: c5bc71256e67080a533aa8e191e9b377b629406ab12f5c786ba1f523bdd59180
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=G-0VEB93L6P3 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 03:04:49 GMT
expires: Tue, 04 Oct 2022 03:04:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21348)
Size:   75693
Md5:    4fd9c0c07086bedb8e1773aa2550bb82
Sha1:   7d450896a99af6b2543cbd23fd13cf1355772ef1
Sha256: 4cd39a8cdfc4495fa7d835ee89b7e7e80e8b087a561a3428ea7530db6fd03a28
                                        
                                            GET /gtag/js?id=AW-871076749 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 03:04:49 GMT
expires: Tue, 04 Oct 2022 03:04:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46794
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   46794
Md5:    cb9bf4c908222642b371b869aa49c68e
Sha1:   6f2bd6e50d6858ab24b9ca6effcaa29702a93276
Sha256: e9c912e4c5f13893a3637b1f478e6d71af7dadac32dff50bfee020bed5dc86ef
                                        
                                            GET /24960style/images/logo/posten_bring.png HTTP/1.1 
Host: assets2.24nettbutikk.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.107.29.107
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 04 Oct 2022 03:03:57 GMT
Content-Length: 7860
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Last-Modified: Wed, 24 Apr 2019 12:59:31 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 03:04:49 GMT
X-Frame-Options: DENY
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  PNG image data, 155 x 84, 8-bit/color RGBA, non-interlaced\012- data
Size:   7860
Md5:    39649c575ee9031d6088b5d32fcab958
Sha1:   69afe59a8e08e4fa29841450ae7b3729c60cffd2
Sha256: d0ee72c420fee38cbba66da4b21fa3f8670faa8619e79ee1e48f1f98573ef31d
                                        
                                            GET /images_hovedside/24/vinter2022/nyheter.jpg?1664783229456 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 34987
Connection: keep-alive
Last-Modified: Thu, 03 Feb 2022 13:38:07 GMT
ETag: "88ab-5d71d3e8e04b8"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Size:   34987
Md5:    9b5eb2d0659c52ea1ed7e1325be17bf5
Sha1:   2e1b249ae7fd76a7969a5659f6582313d79d1926
Sha256: f56be72773655d66478ed5b512adb2189bf53f51518e180ea6f938392ab642b2
                                        
                                            GET /24960style/images/logo/klarna_konto.png HTTP/1.1 
Host: assets2.24nettbutikk.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.107.29.107
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 04 Oct 2022 03:03:57 GMT
Content-Length: 3424
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Last-Modified: Thu, 15 Dec 2016 17:46:08 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 03:04:49 GMT
X-Frame-Options: DENY
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  PNG image data, 100 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size:   3424
Md5:    73e27a9ea2473b3e22ea7eb69f6abc76
Sha1:   9d9aee22ddd75749035cc78c3e43a7c5aa573ed3
Sha256: a47bbeff0e3361638a73c958087cd2eab0d49bb90abb47680bd8c747e68d51aa
                                        
                                            GET /images_hovedside/24/h%C3%B8stogvinter2022/alvene.jpg?1664521818193 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 110810
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 08:37:35 GMT
ETag: "1b0da-5e83a75335b2e"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Size:   110810
Md5:    0768c5094cf972081e403293273a5173
Sha1:   0d0d9f5a1f531bbf6d4dd98b1a7dd1294ac03ee3
Sha256: ca595433ba6af9ed2aa0e8d53e5082abe20841859985717295168cbf62507213
                                        
                                            GET /logos/vipps_logo_rgb_trimmed.png HTTP/1.1 
Host: assets2.24nettbutikk.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.107.29.107
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 04 Oct 2022 03:03:57 GMT
Content-Length: 3507
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Last-Modified: Thu, 30 Aug 2018 13:57:05 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 03:04:49 GMT
X-Frame-Options: DENY
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  PNG image data, 126 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   3507
Md5:    08304e6043314b994d728592a20b16f2
Sha1:   898d1c320db91722a7d15f99719716fe5db71715
Sha256: 5ab5c4baf539e790f3e49b4a250599e8854363714f38a7f060b19c7bb845d9e9
                                        
                                            GET /images_hovedside/24/vinter2022/99marked.jpg?1664783316706 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 70222
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 13:10:25 GMT
ETag: "1124e-5e83e44f281ec"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Size:   70222
Md5:    e6078db9952600fe44da27c6c2fb9416
Sha1:   9787d0ac984fc0108ec36713b4242fcf2b40ad80
Sha256: c66892e713f6ed18b461fb5ffb8fc022185fdb0512480c83be5c5ac0d3151089
                                        
                                            GET /images_hovedside/24/h%C3%B8stogvinter2022/holdvarmen.jpg?1664521796308 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 90017
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 08:36:48 GMT
ETag: "15fa1-5e83a7263082e"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Size:   90017
Md5:    1eb5490988b0577a5918e2dcad260ca0
Sha1:   c6dc3555a7723478467c6b9dd598749e12f82dda
Sha256: 22d0ce82b18d9fbcc6b5dd69d6ccdd7cfa05c38b0bb277c68a2a5fe8e1252ed0
                                        
                                            GET /images_hovedside/24/h%C3%B8stogvinter2022/drikkeflasker.jpg?1664521782717 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 115665
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 08:36:48 GMT
ETag: "1c3d1-5e83a726a1ca6"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Size:   115665
Md5:    b9e3d215664abbc4b74cb037912a99c2
Sha1:   795d1e77e564ab72679457f21bf34d1806bff723
Sha256: f2ccc9df805331af79a2492e9d798d319d46f4d6cae352c5ee86164d7bd2952f
                                        
                                            GET /images_hovedside/24/h%C3%B8stogvinter2022/kalendere.jpg?1664521833547 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 93488
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 08:37:36 GMT
ETag: "16d30-5e83a75431a5c"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Size:   93488
Md5:    6117904aaf414d4584ce393974a76d5c
Sha1:   ed1b4f3a18201ddd46538a71dd08fda6180566b1
Sha256: 6546732524cfcc8d56b45d1c5052d385bc1c8a89837e524eb40482cd61b08ac2
                                        
                                            GET /images_hovedside/24/h%C3%B8stogvinter2022/seogblisett.jpg?1664522101424 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 61821
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 08:37:38 GMT
ETag: "f17d-5e83a755a5b61"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Size:   61821
Md5:    f50ad33a09061ef72f7d36fff05585ea
Sha1:   3046d2212e6090b5a07b563daf84cfc3f738dd07
Sha256: 9d6cde05e391150fdd8518ad626d34d5b65bdecadeee8811c4d2b3700dfacb7b
                                        
                                            GET /images_hovedside/24/jul2021/toalettsefw.jpg?1664484518932 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 209526
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 20:48:36 GMT
ETag: "33276-5e9d70053627a"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  JPEG image data, progressive, precision 8, 1250x550, components 3\012- data
Size:   209526
Md5:    826b7a18242884759cc4d35c3fc8bbf0
Sha1:   cf23fbd1606a5e68aed3dcc39d41299a83b41216
Sha256: 105a7c66191c0b32cc1e3af8f3c6077a9cfecf1f4450d29dc5e3b74782eac086
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /images_hovedside/24/vinter2022/plukkogmiks.jpg?1664783379958 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 104561
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 07:48:29 GMT
ETag: "19871-5ea1c91ca461b"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Size:   104561
Md5:    4881ffb7dd17ad4f21849955522365d4
Sha1:   8c9eb8a92cb00f87a5fc30c4f6f11562c9b00634
Sha256: 5cbf2d0a75ee7cd46c78313b3bc1bb3b716843879b71c30dffd8c789d0c3295e
                                        
                                            GET /images_hovedside/24/vinter2022/lager.jpg?1664783352341 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 84333
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 07:48:28 GMT
ETag: "1496d-5ea1c91c1d9e4"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Size:   84333
Md5:    9aedb6350c1a3a59e3985adc3390b140
Sha1:   6c2e29c00d8f2b50add76188eae191130f907b8e
Sha256: af7b42dcdf0bdd004c725e77918f6a5ee80078a82888a515ee175498ae7dea54
                                        
                                            GET /bilder_diverse/slide_1664537925.jpg HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 196904
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 11:38:45 GMT
ETag: "30128-5e9e36fcad7e7"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1550x850, components 3\012- data
Size:   196904
Md5:    e1e1ac019a385cbe231ada2aa5521e81
Sha1:   683cdb3ec3f5f2479383a725eb3cd32f0fb29923
Sha256: 229bdc865798237b8b011c8e7560a7f89390ed03f8b86c6253e44a76c51c3b57
                                        
                                            GET /images_hovedside/24/jul2021/1.jpg?1664483910767 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 233430
Connection: keep-alive
Last-Modified: Thu, 04 Nov 2021 13:44:28 GMT
ETag: "38fd6-5cff6b9beb450"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1250x550, components 3\012- data
Size:   233430
Md5:    0f4e6d99161f9f61062c6cbf2c5d4063
Sha1:   6bc662034bd330360b5b3b92af04c7370108df57
Sha256: de51cb933d157348391261e3649d290b916becc9d603c8ad20d68ca3d553a228
                                        
                                            GET /images_hovedside/24/icons/rocket.png HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 8240
Connection: keep-alive
Last-Modified: Mon, 13 Jan 2020 09:43:04 GMT
ETag: "2030-59c024d49685a"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  PNG image data, 134 x 134, 8-bit/color RGBA, non-interlaced\012- data
Size:   8240
Md5:    03a11e047cb1ece27675a53adb4395ee
Sha1:   ed909f72dd2e9c641ccab20abd3f5c2ef8153783
Sha256: 099c4e1894ed1f05056bbe129734e4eab7c050f6438532b8c91ff081616ae580
                                        
                                            GET /images_hovedside/24/vinter2022/bestselgere.jpg?1664783239684 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 41454
Connection: keep-alive
Last-Modified: Thu, 03 Feb 2022 13:38:02 GMT
ETag: "a1ee-5d71d3e470929"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Size:   41454
Md5:    676e20376c1fd3d74bb5c9f37c8fb0ef
Sha1:   07f992f99c1ad71a563be019dd6c521c79bd9ad3
Sha256: 5d229dfc80ad8fd41bc251a19b152c3d82957377f49da2ba5f87591f9af079ce
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /images_hovedside/24/icons/people.png HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 17921
Connection: keep-alive
Last-Modified: Mon, 13 Jan 2020 09:43:04 GMT
ETag: "4601-59c024d49685a"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  PNG image data, 134 x 134, 8-bit/color RGBA, non-interlaced\012- data
Size:   17921
Md5:    d7cd7d1c2173d39fd896413750b0107c
Sha1:   c17f3ad2cc49fffd6f026f55f67657890547e5f7
Sha256: 29b4446f96a73aa06b88e1dffc78c792555b0a5da786b20e933e01e0ee585069
                                        
                                            GET /images_hovedside/24/h%C3%B8stogvinter2022/hostferie.jpg?1664522065057 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 88878
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 08:36:49 GMT
ETag: "15b2e-5e83a72717f3d"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Size:   88878
Md5:    438e10193057723055022e854cd97824
Sha1:   1451a20816dd919569c18bef1c0a6a2bbd5e7bea
Sha256: 5ce193ba239f304784b4e50b05b27e7270d74d88c7685c732d5b9f170926f0d9
                                        
                                            GET /images_hovedside/24/icons/truck.png HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 9131
Connection: keep-alive
Last-Modified: Mon, 13 Jan 2020 09:43:05 GMT
ETag: "23ab-59c024d5e38ac"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  PNG image data, 134 x 98, 8-bit/color RGBA, non-interlaced\012- data
Size:   9131
Md5:    735b3622549953e0ced0e06f3ac49ef8
Sha1:   ae55158915ef4a74a5de8fa8954c5e146d37caf1
Sha256: 32686c27465c3115e14a079f94efddeca2d6de009bcacd06b6028b37ba758148
                                        
                                            GET /images_hovedside/24/icons/shop.png HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 13159
Connection: keep-alive
Last-Modified: Mon, 13 Jan 2020 09:43:04 GMT
ETag: "3367-59c024d54e1f8"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  PNG image data, 134 x 113, 8-bit/color RGBA, non-interlaced\012- data
Size:   13159
Md5:    db0af4837acf35603da0d5218581bb3a
Sha1:   63fab402cafc21499e7ba03021a3930e3c0a047c
Sha256: 81b79f832d24e0b319bbf0f9520062b6ad262109f70de7e5406aefc09f308705
                                        
                                            GET /bilder_diverse/slide_1664491642.jpg HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 252725
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 22:47:22 GMT
ETag: "3db35-5e9d8a91c7a7b"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1250x550, components 3\012- data
Size:   252725
Md5:    bfd555431fa9aecc5da4470d7046432e
Sha1:   e446eafab6da4a6279ec449c80fa07ac1e4690c6
Sha256: 81e52b8872d4027220f0208d2515829d4fe309b39670b4d6647b3829a3b921c9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /bilder_diverse/slide_1664692824.png HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 1508061
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 06:40:24 GMT
ETag: "1702dd-5ea0780732049"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  PNG image data, 1406 x 767, 8-bit/color RGBA, non-interlaced\012- data
Size:   1508061
Md5:    bd4605d07ad50b597981caeff4c35e5f
Sha1:   a4ecfeb89e8eabecbade83f948d6973d7ea589a0
Sha256: 6e4f5a46648d803dbf7700934c0f4319cf9060261db7aab2cefb3a6d17fcf00c
                                        
                                            GET /s/bitter/v28/rax8HiqOu8IVPmn7f4xp.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://celis.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30896
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 00:02:33 GMT
expires: Sun, 01 Oct 2023 00:02:33 GMT
cache-control: public, max-age=31536000
age: 270136
last-modified: Fri, 24 Jun 2022 18:46:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30896, version 1.0\012- data
Size:   30896
Md5:    a7332c352b59e1d882b5770b68ed9db5
Sha1:   6a4b2b9a2b35ae86769e0c6a0a6decbf67300db6
Sha256: c470360f2548fb327562d8ce35185a96f59ab6daeb56c0d45ab712b63de848da
                                        
                                            GET /assets/js/fbremarketing.js?4b8a936472fbca5bed11 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited; javascript=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 754
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 13:23:34 GMT
ETag: "6a8-5ea21401cc180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   754
Md5:    e76c45545671cece5ad7531d3832c50d
Sha1:   f26e0e3b80d30486b6ffaa5f54a0187da8fd352f
Sha256: 1085896e2ed2470bb080f0824199227b33b5f531ab7472ce1f9c8f742513f118
                                        
                                            GET /assets2/fonts/pioneer/pioneer.ttf?tl2cf7 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/assets/themes/afterburner/css/afterburner.compiled.css?ver=1575982250
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited; javascript=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 7236
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 22:35:18 GMT
ETag: "1c44-5ea28f550646e"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, pioneer \012- data
Size:   7236
Md5:    c17564efd9d2cffc62799399f8ce99d8
Sha1:   43fa0947a23e3f276500d27bda03f9e280c550bf
Sha256: 524b61f6b815524da2899a33ed926a242e1df31a9d8ddc0a46482f61d3bc92b7
                                        
                                            GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://celis.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.217.21.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:03:13 GMT
expires: Tue, 03 Oct 2023 21:03:13 GMT
cache-control: public, max-age=31536000
age: 21696
last-modified: Mon, 09 May 2022 18:27:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Size:   12860
Md5:    ab21c24efd75543e16e34807ebc6cdec
Sha1:   eb2562f9729079333fbcbbe94868695669dd3301
Sha256: 88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /scevent.min.js HTTP/1.1 
Host: sc-static.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.82.240
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-length: 8757
server: CloudFront
date: Tue, 04 Oct 2022 03:04:49 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Wed, 05 Oct 2022 02:11:28 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G0mEnrzGdEz_KYoN5MOxjE-k9znwdHtNA2sE35BJn8ZZapSJcHDuKA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25316), with no line terminators
Size:   8757
Md5:    5d4285ddd0c228077c66505f012548a8
Sha1:   0fe70aec9189f6bc39397cfe6b627cfe1d8b0e97
Sha256: 9360b9744aeecff2d3b3c2b72ff985e8ba92192cc98ebea2b48886619529f23f
                                        
                                            GET /images_hovedside/24/j%20(800%20%C3%97%20800%C2%A0px)%20(400%20%C3%97%20400%C2%A0px).gif?1664825247311 HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 3679252
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 19:27:25 GMT
ETag: "382414-5ea26555f803a"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 400 x 400\012- data
Size:   3679252
Md5:    04db2819866406d43c62e964a20d2b61
Sha1:   7dbb3cd741f6ddaeb4db02ad26382dc1f8939633
Sha256: 093bd1226e7285cdd4735a2b83deafa70708e9b12e06589aa408091be8798dd4
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: celis.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited; javascript=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         193.107.30.42
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:50 GMT
Content-Length: 0
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2016 22:32:33 GMT
ETag: "0-539bf39b2f663"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5753
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 03:04:50 GMT
Last-Modified: Tue, 04 Oct 2022 01:28:58 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 02:41:09 GMT
expires: Tue, 04 Oct 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 1421
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 9CBlN8fvrR4HERbzJm2Zz7fXqsuciSRL2MaJqJwsOJBNE5b9epx2d6CSeGszQSD+Exi1WoMWKLlHpktRhR03FA==
content-length: 26840
x-fb-trip-id: 2074150462
date: Tue, 04 Oct 2022 03:04:50 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26840
Md5:    e1327a02d76346c7e23d114e4e508b30
Sha1:   195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
Sha256: 331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5753
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 03:04:50 GMT
Last-Modified: Tue, 04 Oct 2022 01:28:58 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /css?family=Noto+Sans:400,700|Bitter:400,700,400italic HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.211.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 03:04:49 GMT
date: Tue, 04 Oct 2022 03:04:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12963)
Size:   4121
Md5:    6b4b9d4fc85f4e0075b09615a53aa7f1
Sha1:   486120d535f94053c2cf654ea191a534ca673d21
Sha256: af6bd1c7899caf41f2f511bb514cb0e99ca78c94314348597d89a4ffe6e255de
                                        
                                            GET /trustboxes/53aa8912dec7e10d38f59f36/main.js HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5eb01c7a50715800017033f0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.80
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-length: 27969
last-modified: Tue, 20 Sep 2022 08:01:15 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Mon, 03 Oct 2022 04:11:00 GMT
cache-control: max-age=86400
etag: "5d220cf839e981e50c65214dcd96e0fc"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VyUOlKEBCjRf-6OAjPZ-irsS5j4T9G3E7EEpv4l5kUt0v_eGPMPkIA==
age: 82430
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (64281), with no line terminators
Size:   27969
Md5:    5d220cf839e981e50c65214dcd96e0fc
Sha1:   15070f97f761a68548a2a12de1c898c322e1a7b0
Sha256: 463c02075608ea7896ae7bd1b81f207874e744a5bde580ee8df20d911ef354f0
                                        
                                            GET /embed.js HTTP/1.1 
Host: client.24nettbutikk.chat
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.112
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 16 Sep 2022 18:39:07 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 04 Oct 2022 03:04:49 GMT
cache-control: public,max-age=600
etag: W/"8bbb378e6ea1fc5ce869b8af9ad3111f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VLbtE6xepO2OS_2DgNe0lOPdk8nzPsEoYz2G3_v8-QjhLEFzKNmOSA==
age: 172
x-xss-protection: 1; mode=block
referrer-policy: same-origin
content-security-policy: default-src 'self'; base-uri 'none'; object-src 'none'; img-src * data:; form-action 'none'; block-all-mixed-content; connect-src *; style-src 'self' *.gstatic.com *.googleapis.com; font-src 'self' *.gstatic.com *.googleapis.com; worker-src 'self' blob:; child-src 'self' blob:; script-src 'self' *.liveleader.com *.lr-ingest.io *.googletagmanager.com *.google-analytics.com *.gstatic.com; frame-src 'self' *.liveleader.com *.amazonaws.com; frame-ancestors *;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
permissions-policy: accelerometer=(), autoplay=(), camera=(self), cross-origin-isolated=(), display-capture=(self), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(self), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), idle-detection=(self), serial=()
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (5371)
Size:   124508
Md5:    e8f540bf6a3530197bebf095bb490d98
Sha1:   0697c6ff9ca7c01e31cca0d72bf8d82eaa8c3120
Sha256: 38919619db1f0d1d363849dd697758f89ad9a5d45bb0cacf102c73f411523882
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/conversion_async.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 04 Oct 2022 03:04:50 GMT
expires: Tue, 04 Oct 2022 03:04:50 GMT
cache-control: private, max-age=3600
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1654)
Size:   15187
Md5:    8766c5a801f08afceca9b66ff9097e6a
Sha1:   ce7640d1d166eddeb9d40be642ec34652f790713
Sha256: f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4426
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 03:04:50 GMT
Last-Modified: Tue, 04 Oct 2022 01:51:04 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2885
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 03:04:50 GMT
Last-Modified: Tue, 04 Oct 2022 02:16:45 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cm/i?pid=ac51940d-7a99-45df-8891-baebc7fa9a8d&u_scsid=83cf7f7a-1693-4916-bc11-4612c5f2e0ab&u_sclid=aa0ae0b0-5cea-4efa-b296-32a44f16070e HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         35.190.43.134
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 04 Oct 2022 03:04:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /p HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------280741550012276653524294721554
Content-Length: 2392
Origin: https://celis.no
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.43.134
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 04 Oct 2022 03:04:50 GMT
access-control-allow-origin: https://celis.no
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAA3HwREAIAgDsIm4AyxV1kHdguE1v+xhs2KkMLAE16ekg+IsrCjYvqfbyD9nausDpm6zHzIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 6
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   68
Md5:    c4a2b870062c2bb98c500bc1526c0498
Sha1:   528666ccdb12997358077bc8fcdbfb6b825c7788
Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
                                        
                                            GET /init?pids=ac51940d-7a99-45df-8891-baebc7fa9a8d HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://celis.no/
Origin: https://celis.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.43.134
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 04 Oct 2022 03:04:50 GMT
access-control-allow-origin: https://celis.no
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (64345)
Size:   85998
Md5:    d8f99f68137309f77829e994b95b36ad
Sha1:   9b830e7bebddd266200191526e1d5085a04b5963
Sha256: 93c4569d20322b5da345f8f8609d68e203de5b5eded7a20672e3f7a433bc97a8
                                        
                                            GET /stats/TrustboxImpression?locale=nb-NO&styleHeight=140px&styleWidth=100%25&theme=light&stars=4%2C5&reviewLanguages=nb&url=https%3A%2F%2Fcelis.no%2F&referrer=https%3A%2F%2Fmedia.bigbasketshop.com%2F&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5eb01c7a50715800017033f0&widgetId=53aa8912dec7e10d38f59f36 HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5eb01c7a50715800017033f0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.80
HTTP/2 204 No Content
                                        
cache-control: no-store,no-cache
date: Tue, 04 Oct 2022 03:04:49 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DJuyKTkf6YdZ-Q-ILHmWSRCTqBswhjx69A5MrF46B6diG975FjJZHA==
X-Firefox-Spdy: h2

                                        
                                            GET /collector/is_enabled?pids=ac51940d-7a99-45df-8891-baebc7fa9a8d&tld=no HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://celis.no/
Origin: https://celis.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.43.134
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 04 Oct 2022 03:04:50 GMT
access-control-allow-origin: https://celis.no
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   100
Md5:    388ca868ad022fdad152292b3f8a7e2c
Sha1:   5eb1850288dab54959329e0f05201713d30ecb00
Sha256: e691dd49e4f03b7ac47c0e3b615de5873ce6ded2a2f31bc13922fdd22f2f07c7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-24343184-8&cid=1032397697.1664852690&jid=13465031&gjid=1910641952&_gid=2120442897.1664852690&_u=IEDAAEAAAAAAACAAI~&z=1447526250 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://celis.no
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         74.125.131.155
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://celis.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 03:04:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-85161377-1&cid=1032397697.1664852690&jid=1626334661&gjid=1164319542&_gid=2120442897.1664852690&_u=IEDAAEABAAAAACAAI~&z=1917877660 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://celis.no
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         74.125.131.155
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://celis.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 03:04:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            GET /pagead/viewthroughconversion/871076749/?random=1664852690026&cv=9&fst=1664852690026&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcelis.no%2F&ref=https%3A%2F%2Fmedia.bigbasketshop.com%2F&tiba=Celis.no%20-%20Pynt%2C%20accessories%2C%20julebutikk%20og%20mye%20mer&auid=1300566784.1664852690&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.162
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 03:04:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1074
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-Oct-2022 03:19:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2420), with no line terminators
Size:   1074
Md5:    96dfb6a452cad2e08d13a9790f56dc2c
Sha1:   4987fe59e18891adbed688c8e36ee45e9f7e22f2
Sha256: 58d0c3f88e0e93e41e088ee45c781a7f9068ad1718bfcf9f3a866f2467ba7510
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/1p-user-list/871076749/?random=1664852690026&cv=9&fst=1664852400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcelis.no%2F&ref=https%3A%2F%2Fmedia.bigbasketshop.com%2F&tiba=Celis.no%20-%20Pynt%2C%20accessories%2C%20julebutikk%20og%20mye%20mer&async=1&fmt=3&is_vtc=1&random=625862438&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 03:04:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-24343184-8&cid=1032397697.1664852690&jid=13465031&_u=IEDAAEAAAAAAACAAI~&z=1972626249 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 03:04:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-85161377-1&cid=1032397697.1664852690&jid=1626334661&_u=IEDAAEABAAAAACAAI~&z=1233468361 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 03:04:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /g/collect?v=2&tid=G-0VEB93L6P3&gtm=2oe9s0&_p=523153633&cid=1032397697.1664852690&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664852689&sct=1&seg=0&dl=https%3A%2F%2Fcelis.no%2F&dr=https%3A%2F%2Fmedia.bigbasketshop.com%2F&dt=Celis.no%20-%20Pynt%2C%20accessories%2C%20julebutikk%20og%20mye%20mer&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://celis.no
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://celis.no
date: Tue, 04 Oct 2022 03:04:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=5eb01c7a50715800017033f0&locale=nb-NO&reviewLanguages=nb&reviewStars=4%2C5&includeReviews=true&reviewsPerPage=15 HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5eb01c7a50715800017033f0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.80
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fallback-status: BYPASS
x-skip-cache-cookie: 0
x-xss-protection: 1; mode=block
date: Tue, 04 Oct 2022 03:03:13 GMT
cache-control: public,max-age=1800
etag: "a9212ac644e7f7869f6f51837122d0ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eWckA-fUISQ8q4DdMl-Yn7xxeu6bw2a8HGFft8Bja6rGa61V9pEAnQ==
age: 633
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://celis.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.217.21.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:03:15 GMT
expires: Tue, 03 Oct 2023 21:03:15 GMT
cache-control: public, max-age=31536000
age: 21694
last-modified: Mon, 09 May 2022 18:28:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /track?q=y9mVqLVe3evR HTTP/1.1 
Host: media.bigbasketshop.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eu.pushnow.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.21.86.113
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 04 Oct 2022 03:04:48 GMT
referrer-policy: origin
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRgIREoFhj27zFCxi7kaWqr3RmNaC9meNFocOTeBGgFID%2B7Tygj51vEE8dnqJTq2CPfhrHIDmfr0KdvhhCQOiRnimSxSOFL1Ql8towQYioFAphWqLGI3vGqGIuGfnFJWoXk4CPSnZf%2Fonw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754ab1367c50b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---