social.medialinks.cc/files/scan0001.rar
37.48.65.152200 OK 494 B URL HTTP/1.1 social.medialinks.cc/files/scan0001.rar
IP 37.48.65.152:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (494), with no line terminators
Hash 75da96be8eb116819e7e895efb180977
39e5cd4694cb58215f33c1a51cc695d548f6667b
4d94542efb4d6e0c85a41944f3f7ed933d949b71f21de698a96bb734b3546a32
Analyzer Verdict Alert fortinet Malware
GET /files/scan0001.rar HTTP/1.1
Host: social.medialinks.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 494
content-type: text/html; charset=utf-8
date: Tue, 04 Oct 2022 03:04:45 GMT
server: nginx
set-cookie: sid=4d5818b0-4391-11ed-bf4e-843f71c80bd8; path=/; domain=.medialinks.cc; expires=Sun, 22 Oct 2090 06:18:53 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20649
Expires: Tue, 04 Oct 2022 08:48:55 GMT
Date: Tue, 04 Oct 2022 03:04:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 02:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7RusyZpDfliUraUaczMFvdzKkRz357CChIOmUFQ_PFgTZMlqM3LbFA==
Age: 1062
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vtSwGhnh2IWrHN0_5sF7CBbNubQQXn2plmBVozeH1sCSPP2m9wGSFw==
age: 77779
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 03:04:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
social.medialinks.cc/favicon.ico
37.48.65.152404 Not Found 9 B URL HTTP/1.1 social.medialinks.cc/favicon.ico
IP 37.48.65.152:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: social.medialinks.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://social.medialinks.cc/files/scan0001.rar
Cookie: sid=4d5818b0-4391-11ed-bf4e-843f71c80bd8
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Tue, 04 Oct 2022 03:04:46 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 02:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 03:10:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L9E3RRRgYyPZrkhqjWc2heuUtZ2sqfS7xyJJEAO5u7oO93eNPF-ywA==
Age: 2114
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5958
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:47 GMT
Last-Modified: Tue, 04 Oct 2022 01:25:30 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
social.medialinks.cc/files/scan0001.rar?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NDg1OTg4NiwiaWF0IjoxNjY0ODUyNjg2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2RidGNrb2k1ODJuNWFib28xcTZiZ2EiLCJuYmYiOjE2NjQ4NTI2ODYsInRzIjoxNjY0ODUyNjg2NTM5ODE4fQ.sxbFAUBzdlIwXBbfFRBb0qcJYyt-xDBuUqMO0zjOP2Q&sid=4d5818b0-4391-11ed-bf4e-843f71c80bd8
37.48.65.152302 Found 11 B URL HTTP/1.1 social.medialinks.cc/files/scan0001.rar?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NDg1OTg4NiwiaWF0IjoxNjY0ODUyNjg2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2RidGNrb2k1ODJuNWFib28xcTZiZ2EiLCJuYmYiOjE2NjQ4NTI2ODYsInRzIjoxNjY0ODUyNjg2NTM5ODE4fQ.sxbFAUBzdlIwXBbfFRBb0qcJYyt-xDBuUqMO0zjOP2Q&sid=4d5818b0-4391-11ed-bf4e-843f71c80bd8
IP 37.48.65.152:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /files/scan0001.rar?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NDg1OTg4NiwiaWF0IjoxNjY0ODUyNjg2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2RidGNrb2k1ODJuNWFib28xcTZiZ2EiLCJuYmYiOjE2NjQ4NTI2ODYsInRzIjoxNjY0ODUyNjg2NTM5ODE4fQ.sxbFAUBzdlIwXBbfFRBb0qcJYyt-xDBuUqMO0zjOP2Q&sid=4d5818b0-4391-11ed-bf4e-843f71c80bd8 HTTP/1.1
Host: social.medialinks.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://social.medialinks.cc/files/scan0001.rar
Cookie: sid=4d5818b0-4391-11ed-bf4e-843f71c80bd8
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Tue, 04 Oct 2022 03:04:46 GMT
location: http://irene-eux.com/zcvisitor/4da4ac71-4391-11ed-bae4-0a6038a7505d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4db96cf3-4391-11ed-bae4-0a6038a7505d
server: nginx
set-cookie: sid=4d5818b0-4391-11ed-bf4e-843f71c80bd8; path=/; domain=.medialinks.cc; expires=Sun, 22 Oct 2090 06:18:54 GMT; max-age=2147483647; HttpOnly
irene-eux.com/zcvisitor/4da4ac71-4391-11ed-bae4-0a6038a7505d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4db96cf3-4391-11ed-bae4-0a6038a7505d
34.239.209.41200 996 B URL HTTP/1.1 irene-eux.com/zcvisitor/4da4ac71-4391-11ed-bae4-0a6038a7505d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4db96cf3-4391-11ed-bae4-0a6038a7505d
IP 34.239.209.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5a318761f13e496b2c62451afa5b676d
1fea7300ffddde93d068dd9bdb894d20b379c04b
bde210f7d3a016c83222d637ad5240801976be3b7d4fd559e276e015dbf499f0
GET /zcvisitor/4da4ac71-4391-11ed-bae4-0a6038a7505d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4db96cf3-4391-11ed-bae4-0a6038a7505d HTTP/1.1
Host: irene-eux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://social.medialinks.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Tue, 04 Oct 2022 03:04:47 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: sKIcFhXd
push.services.mozilla.com/
52.35.74.102101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jaXhc5YBTU23kkjs3KJ4RQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gXgSxRzGwkYJ8fI75sxXTgWxJvY=
irene-eux.com/zcredirect?visitid=4da4ac71-4391-11ed-bae4-0a6038a7505d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
34.239.209.41200 400 B URL HTTP/1.1 irene-eux.com/zcredirect?visitid=4da4ac71-4391-11ed-bae4-0a6038a7505d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP 34.239.209.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 23afb038923fb5fb8fd55de6086b4a41
78630494a2a42d35e5e2ac8c849ebd65d8c03c62
8d952df50672636f5aad564c16de129fcebd56e0ae5a0c69c4f9ec920c0a2f14
GET /zcredirect?visitid=4da4ac71-4391-11ed-bae4-0a6038a7505d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: irene-eux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://irene-eux.com/zcvisitor/4da4ac71-4391-11ed-bae4-0a6038a7505d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4db96cf3-4391-11ed-bae4-0a6038a7505d
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Tue, 04 Oct 2022 03:04:47 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: tjlhIlLk
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bbca4bb623943633ac2a1f72beeaea41
64fa64dfd04935dd21b43e5acb7981fc9389f5f6
bf8dad309167fef7171faac545294c0283d2b6eb1f199c459dc053757bb7f62a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF8DAD309167FEF7171FAAC545294C0283D2B6EB1F199C459DC053757BB7F62A"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1830
Expires: Tue, 04 Oct 2022 03:35:18 GMT
Date: Tue, 04 Oct 2022 03:04:48 GMT
Connection: keep-alive
eu.pushnow.net/postback/click?key=v2-1664852687134-4-8763-999800-8554615c-d895-2d75-a97c-f1b084a62e53
38.100.129.67200 OK 2.1 kB URL HTTP/2 eu.pushnow.net/postback/click?key=v2-1664852687134-4-8763-999800-8554615c-d895-2d75-a97c-f1b084a62e53
IP 38.100.129.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2ee582b63be1818e6f135b5f7964727c
996e5cf92068740b69e3dabb6912c457e5a37cba
7e56301e3fe2b6fe1de89c64adc00e16cce60d755c9b0cec83944c8d76f3282b
GET /postback/click?key=v2-1664852687134-4-8763-999800-8554615c-d895-2d75-a97c-f1b084a62e53 HTTP/1.1
Host: eu.pushnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://irene-eux.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty/1.15.8.3
date: Tue, 04 Oct 2022 03:04:48 GMT
content-type: text/html;charset=UTF-8
content-length: 2089
X-Firefox-Spdy: h2
irene-eux.com/favicon.ico
34.239.209.41404 653 B URL HTTP/1.1 irene-eux.com/favicon.ico
IP 34.239.209.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: irene-eux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://irene-eux.com/zcredirect?visitid=4da4ac71-4391-11ed-bae4-0a6038a7505d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
HTTP/1.1 404
Date: Tue, 04 Oct 2022 03:04:48 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: rjCiaOGS
eu.pushnow.net/postback/click?key=v2-1664852687134-4-8763-999800-8554615c-d895-2d75-a97c-f1b084a62e53&token=e9fded8558b52180f46c6c8b53e6405f&timezone=0&iframe_test=false&webdriver_test=false
38.100.129.67302 Found 0 B URL HTTP/2 eu.pushnow.net/postback/click?key=v2-1664852687134-4-8763-999800-8554615c-d895-2d75-a97c-f1b084a62e53&token=e9fded8558b52180f46c6c8b53e6405f&timezone=0&iframe_test=false&webdriver_test=false
IP 38.100.129.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /postback/click?key=v2-1664852687134-4-8763-999800-8554615c-d895-2d75-a97c-f1b084a62e53&token=e9fded8558b52180f46c6c8b53e6405f&timezone=0&iframe_test=false&webdriver_test=false HTTP/1.1
Host: eu.pushnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eu.pushnow.net/postback/click?key=v2-1664852687134-4-8763-999800-8554615c-d895-2d75-a97c-f1b084a62e53
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: openresty/1.15.8.3
date: Tue, 04 Oct 2022 03:04:48 GMT
content-length: 0
set-cookie: platform_user_id=desktop:7980a459be274bf511db30c901634a36
platform_user_id_3rd_party=desktop:7980a459be274bf511db30c901634a36; SameSite=None; Secure; Max-Age=31556952
location: https://media.bigbasketshop.com/track?q=y9mVqLVe3evR
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash e9ddc0ee01ff066179fc611c4cf8fc01
c421e5f4c23a38592e63d76c59c0ce8e4959549f
39137c23f2b3d2c69053c45f5b22df938d4ecafdf570d04031b90dbfb2014ef0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 03:04:48 GMT
Last-Modified: Tue, 04 Oct 2022 02:15:25 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 96PmOHX839BvnX7XBZ0G61ZZAxFh6hiLN-uO2oI02-NiqKEl6j8iLA==
Age: 2963
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19804
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 03:04:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19804
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 03:04:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 19229
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae824db4a95391149198a4b6b8556c70
db07d58d8feff4ea01866d095e5264ee5c8e1ca3
19e96d204813247697e1858daf9e07d6c4cafd9ab1175a3bf39a7f07f6991521
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11101
x-amzn-requestid: f98e84d9-1e66-4436-b793-219a777f2ba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqcvE8JoAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5784-25bd2b234c1093de70074c92;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: becOxfqUowywFrxzDSeK7F1lFdDVTSHIF1TLC5k5aSlLPpsR6F8gjw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:42:37 GMT
age: 15732
etag: "db07d58d8feff4ea01866d095e5264ee5c8e1ca3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f5077e-59b1-4f52-bd32-a57c373ce2f1.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f5077e-59b1-4f52-bd32-a57c373ce2f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59c6121e6f6cb833939e12585aca131e
5cc38c9cfe6a2ade7a1d8ee272c4eda47c35f5df
88b8a458ad437bf40d154b21d844ba56530ae05c2f42b417cfb0e6cffcb294e5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f5077e-59b1-4f52-bd32-a57c373ce2f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 35cc0acc-ac90-4f36-a976-c61c34cfe4fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqNXG3mIAMFujg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5722-112061742493dd5255c3fb00;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XKgAjOSBnAxpQtL7a0q2jUDfpzjybydP2ZBV7J1ypKVeuMdAzl-MXg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 19229
etag: "5cc38c9cfe6a2ade7a1d8ee272c4eda47c35f5df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7df28993-57e6-4e7f-9751-93778578bd1e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7df28993-57e6-4e7f-9751-93778578bd1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6258b8768ba4c3edcc049c494dac733a
40e4337611c74e26efbc53633ba1a9ac04d9ae81
b170aaabbd17b712ed861f5e1d13ad2ff3604b47e9ec833077caeb1199f44d08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7df28993-57e6-4e7f-9751-93778578bd1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10595
x-amzn-requestid: 7cc6c91c-4dfc-4c17-b27c-5c0eec4a390a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqdOHTzoAMFYdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5787-11525116257b72eb382ecefa;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qglxUK18M0WVvuSzN-pkwoIagT-hMmp_77qKAVaGq-3vJ4gwwsRzdA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:14:26 GMT
age: 17423
etag: "40e4337611c74e26efbc53633ba1a9ac04d9ae81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TVz3oiy-Z2r9lGFDgsnGNxotvvAPeOaa7LMzqs432QjZpZo-PNt1-g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 80518
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24a4a122273ef9f772852031eb13114a
c20f1fac9020eb4bd6c84583f73872979639b991
8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iHjSrLdzntzVnJ-qaRf834nLglcKXY1cTgLY5VcCyKtp0lwN2gGnnw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 19229
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tc.tradetracker.net/?c=31502&m=12&a=416060&r=RA&u=
18.202.182.169301 Moved Permanently 16 kB URL HTTP/2 tc.tradetracker.net/?c=31502&m=12&a=416060&r=RA&u=
IP 18.202.182.169:0
File type gzip compressed data, from Unix\012- data
Hash e9ecb6338332695f0bb10972335c2d07
682af629e044c67eaae9cd8ec8024f2faa334d7a
8221824a138c542b15510c91a4d95abec48add6375069200062ebb99607aa159
GET /?c=31502&m=12&a=416060&r=RA&u= HTTP/1.1
Host: tc.tradetracker.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://media.bigbasketshop.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 04 Oct 2022 03:04:48 GMT
content-type: text/html; charset=UTF-8
location: https://celis.no/
server: nginx
cache-control: no-cache, must-revalidate
set-cookie: uf=Q1E0RvA%2FK1%2FL9bgYOhOj0zIydCtlZXNCVHUyTmxmTisyN3daN0JvL29MbnVBR2NRdFBDditFRElxRnUxRStXcThxSE5QeFB5VXFXL0lwemZvNVJteUZZMlJ1MnRXZzRDb0JZRUhRPT0%3D; expires=Wed, 04-Oct-2023 03:04:48 GMT; Max-Age=31536000; path=/; domain=.tradetracker.net; secure; SameSite=None
__tdat31502=MTY2NDg1MjY4ODo6MTI6OjQxNjA2MDo6UkE6OmY6OmFmZjIyNmVlMjQxYWY5YWE3Zjc4YmEwMzc2NTc0YTky; expires=Thu, 03-Nov-2022 04:04:48 GMT; Max-Age=2595600; path=/; domain=.tradetracker.net; secure; SameSite=None
X-Firefox-Spdy: h2
celis.no/assets/themes/afterburner/css/afterburner.compiled.css?ver=1575982250
193.107.30.42200 OK 39 kB URL HTTP/1.1 celis.no/assets/themes/afterburner/css/afterburner.compiled.css?ver=1575982250
IP 193.107.30.42:0
File type ASCII text, with very long lines (65425)
Hash 59a2ce90ebfbdad3a756b517c0f88ba8
718d9f2514203722d8aad597f5866ce85663399d
7805eb72e4e6ddc49c65a24f4f3d0882889ac0332ef987ccc990081366f3e0b4
GET /assets/themes/afterburner/css/afterburner.compiled.css?ver=1575982250 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: text/css
Content-Length: 38985
Connection: keep-alive
Last-Modified: Tue, 10 Dec 2019 12:50:50 GMT
ETag: "42584-59958f63ddd3a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/assets/js/modernizr.min-dev.js
193.107.30.42200 OK 4.8 kB URL HTTP/1.1 celis.no/assets/js/modernizr.min-dev.js
IP 193.107.30.42:0
File type HTML document, ASCII text, with very long lines (10835)
Hash b1455783dc6934fc9da050919f63e7b2
e1e7a7a08e141c0ddcbb8a50bae5fc845352515b
f16bfb5663df5cd6d55463eb801edbf74c2acc5375d199ecc21664e757efe3ab
GET /assets/js/modernizr.min-dev.js HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: application/javascript
Content-Length: 4844
Connection: keep-alive
Expires: Tue, 04 Oct 2022 03:04:49 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/js/slider-cart.js?v=433d4581379f0a04f683c5adbcd86727
193.107.30.42200 OK 144 kB URL HTTP/1.1 celis.no/js/slider-cart.js?v=433d4581379f0a04f683c5adbcd86727
IP 193.107.30.42:0
File type Unicode text, UTF-8 text, with very long lines (54822)
Size 144 kB (144278 bytes)
Hash b4f321dea9ee9d0dec44efc87b3f27a8
e042a9c862a22ec3361bcd2f3af64c7380cea93f
d5fa6cad74c067348bb2e88d272cbbb5216d417e39c56d0ba00d0911ef85e263
GET /js/slider-cart.js?v=433d4581379f0a04f683c5adbcd86727 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 22:35:18 GMT
ETag: "671c3-5ea28f55054ce-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/css/cookie_consent.css
193.107.30.42200 OK 4.4 kB URL HTTP/1.1 celis.no/css/cookie_consent.css
IP 193.107.30.42:0
File type ASCII text, with very long lines (18698), with no line terminators
Hash 166166356a197dc79d7abf95aef97e66
dae0b9bc69625ccf4469b8bcfd45088c712f6cb7
217049ace8de69b61ff92d668ab19c1354716d3c10e7519f415bbd6f694c0900
GET /css/cookie_consent.css HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: text/css
Content-Length: 4431
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 22:35:18 GMT
ETag: "490a-5ea28f54fe76e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/bilder_diverse/slide_1664692281.png
193.107.30.42200 OK 1.6 MB URL HTTP/1.1 celis.no/bilder_diverse/slide_1664692281.png
IP 193.107.30.42:0
File type PNG image data, 1406 x 767, 8-bit/color RGBA, non-interlaced\012- data
Size 1.6 MB (1560625 bytes)
Hash dd613907ded8894cd067a867ad7b7550
17ae4a232ce96d74cb3ae5b23d0388e85fba4984
d02ef2432b25625d69433dd55e4f78b984fad1b34b10bbdf24b725407ffc3cb4
GET /bilder_diverse/slide_1664692281.png HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/png
Content-Length: 1560625
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 06:31:21 GMT
ETag: "17d031-5ea07601ea796"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/assets/js/theme.js?m=1664803414
193.107.30.42200 OK 48 kB URL HTTP/1.1 celis.no/assets/js/theme.js?m=1664803414
IP 193.107.30.42:0
Hash f5db4c7ffd2b563ccc08c4ceeda053ce
475aaa0807e0a35ae677957bbf29a0d23a8b1994
a85637334c2d38dba928b6fd307407706c3d2ccd839c71b85104837787864542
GET /assets/js/theme.js?m=1664803414 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: application/javascript
Content-Length: 48163
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 13:23:34 GMT
ETag: "30eeb-5ea21401cc180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/js/cookie_consent.js
193.107.30.42200 OK 6.8 kB URL HTTP/1.1 celis.no/js/cookie_consent.js
IP 193.107.30.42:0
File type ASCII text, with very long lines (1022)
Hash fe0290e5cd3f7b65a629e4207915b7c0
2d3f28169abd3a0faa5fa8a749431a42a33aea83
c5bc71256e67080a533aa8e191e9b377b629406ab12f5c786ba1f523bdd59180
GET /js/cookie_consent.js HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: application/javascript
Content-Length: 6816
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 22:35:18 GMT
ETag: "4de8-5ea28f550452e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-0VEB93L6P3
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-0VEB93L6P3
IP 142.250.74.168:0
File type ASCII text, with very long lines (21348)
Hash 4fd9c0c07086bedb8e1773aa2550bb82
7d450896a99af6b2543cbd23fd13cf1355772ef1
4cd39a8cdfc4495fa7d835ee89b7e7e80e8b087a561a3428ea7530db6fd03a28
GET /gtag/js?id=G-0VEB93L6P3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 03:04:49 GMT
expires: Tue, 04 Oct 2022 03:04:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-871076749
142.250.74.168200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-871076749
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash cb9bf4c908222642b371b869aa49c68e
6f2bd6e50d6858ab24b9ca6effcaa29702a93276
e9c912e4c5f13893a3637b1f478e6d71af7dadac32dff50bfee020bed5dc86ef
GET /gtag/js?id=AW-871076749 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 03:04:49 GMT
expires: Tue, 04 Oct 2022 03:04:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46794
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assets2.24nettbutikk.no/24960style/images/logo/posten_bring.png
193.107.29.107200 OK 7.9 kB URL HTTP/1.1 assets2.24nettbutikk.no/24960style/images/logo/posten_bring.png
IP 193.107.29.107:0
File type PNG image data, 155 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash 39649c575ee9031d6088b5d32fcab958
69afe59a8e08e4fa29841450ae7b3729c60cffd2
d0ee72c420fee38cbba66da4b21fa3f8670faa8619e79ee1e48f1f98573ef31d
GET /24960style/images/logo/posten_bring.png HTTP/1.1
Host: assets2.24nettbutikk.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 04 Oct 2022 03:03:57 GMT
Content-Type: image/png
Content-Length: 7860
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Last-Modified: Wed, 24 Apr 2019 12:59:31 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 03:04:49 GMT
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
celis.no/images_hovedside/24/vinter2022/nyheter.jpg?1664783229456
193.107.30.42200 OK 35 kB URL HTTP/1.1 celis.no/images_hovedside/24/vinter2022/nyheter.jpg?1664783229456
IP 193.107.30.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Hash 9b5eb2d0659c52ea1ed7e1325be17bf5
2e1b249ae7fd76a7969a5659f6582313d79d1926
f56be72773655d66478ed5b512adb2189bf53f51518e180ea6f938392ab642b2
GET /images_hovedside/24/vinter2022/nyheter.jpg?1664783229456 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/jpeg
Content-Length: 34987
Connection: keep-alive
Last-Modified: Thu, 03 Feb 2022 13:38:07 GMT
ETag: "88ab-5d71d3e8e04b8"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
assets2.24nettbutikk.no/24960style/images/logo/klarna_konto.png
193.107.29.107200 OK 3.4 kB URL HTTP/1.1 assets2.24nettbutikk.no/24960style/images/logo/klarna_konto.png
IP 193.107.29.107:0
File type PNG image data, 100 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 73e27a9ea2473b3e22ea7eb69f6abc76
9d9aee22ddd75749035cc78c3e43a7c5aa573ed3
a47bbeff0e3361638a73c958087cd2eab0d49bb90abb47680bd8c747e68d51aa
GET /24960style/images/logo/klarna_konto.png HTTP/1.1
Host: assets2.24nettbutikk.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 04 Oct 2022 03:03:57 GMT
Content-Type: image/png
Content-Length: 3424
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Last-Modified: Thu, 15 Dec 2016 17:46:08 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 03:04:49 GMT
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
celis.no/images_hovedside/24/h%C3%B8stogvinter2022/alvene.jpg?1664521818193
193.107.30.42200 OK 111 kB URL HTTP/1.1 celis.no/images_hovedside/24/h%C3%B8stogvinter2022/alvene.jpg?1664521818193
IP 193.107.30.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Size 111 kB (110810 bytes)
Hash 0768c5094cf972081e403293273a5173
0d0d9f5a1f531bbf6d4dd98b1a7dd1294ac03ee3
ca595433ba6af9ed2aa0e8d53e5082abe20841859985717295168cbf62507213
GET /images_hovedside/24/h%C3%B8stogvinter2022/alvene.jpg?1664521818193 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/jpeg
Content-Length: 110810
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 08:37:35 GMT
ETag: "1b0da-5e83a75335b2e"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
assets2.24nettbutikk.no/logos/vipps_logo_rgb_trimmed.png
193.107.29.107200 OK 3.5 kB URL HTTP/1.1 assets2.24nettbutikk.no/logos/vipps_logo_rgb_trimmed.png
IP 193.107.29.107:0
File type PNG image data, 126 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 08304e6043314b994d728592a20b16f2
898d1c320db91722a7d15f99719716fe5db71715
5ab5c4baf539e790f3e49b4a250599e8854363714f38a7f060b19c7bb845d9e9
GET /logos/vipps_logo_rgb_trimmed.png HTTP/1.1
Host: assets2.24nettbutikk.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 04 Oct 2022 03:03:57 GMT
Content-Type: image/png
Content-Length: 3507
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Last-Modified: Thu, 30 Aug 2018 13:57:05 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 03:04:49 GMT
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
celis.no/images_hovedside/24/vinter2022/99marked.jpg?1664783316706
193.107.30.42200 OK 70 kB URL HTTP/1.1 celis.no/images_hovedside/24/vinter2022/99marked.jpg?1664783316706
IP 193.107.30.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Hash e6078db9952600fe44da27c6c2fb9416
9787d0ac984fc0108ec36713b4242fcf2b40ad80
c66892e713f6ed18b461fb5ffb8fc022185fdb0512480c83be5c5ac0d3151089
GET /images_hovedside/24/vinter2022/99marked.jpg?1664783316706 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/jpeg
Content-Length: 70222
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 13:10:25 GMT
ETag: "1124e-5e83e44f281ec"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/images_hovedside/24/h%C3%B8stogvinter2022/holdvarmen.jpg?1664521796308
193.107.30.42200 OK 90 kB URL HTTP/1.1 celis.no/images_hovedside/24/h%C3%B8stogvinter2022/holdvarmen.jpg?1664521796308
IP 193.107.30.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Hash 1eb5490988b0577a5918e2dcad260ca0
c6dc3555a7723478467c6b9dd598749e12f82dda
22d0ce82b18d9fbcc6b5dd69d6ccdd7cfa05c38b0bb277c68a2a5fe8e1252ed0
GET /images_hovedside/24/h%C3%B8stogvinter2022/holdvarmen.jpg?1664521796308 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/jpeg
Content-Length: 90017
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 08:36:48 GMT
ETag: "15fa1-5e83a7263082e"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/images_hovedside/24/h%C3%B8stogvinter2022/drikkeflasker.jpg?1664521782717
193.107.30.42200 OK 116 kB URL HTTP/1.1 celis.no/images_hovedside/24/h%C3%B8stogvinter2022/drikkeflasker.jpg?1664521782717
IP 193.107.30.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Size 116 kB (115665 bytes)
Hash b9e3d215664abbc4b74cb037912a99c2
795d1e77e564ab72679457f21bf34d1806bff723
f2ccc9df805331af79a2492e9d798d319d46f4d6cae352c5ee86164d7bd2952f
GET /images_hovedside/24/h%C3%B8stogvinter2022/drikkeflasker.jpg?1664521782717 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/jpeg
Content-Length: 115665
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 08:36:48 GMT
ETag: "1c3d1-5e83a726a1ca6"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/images_hovedside/24/h%C3%B8stogvinter2022/kalendere.jpg?1664521833547
193.107.30.42200 OK 94 kB URL HTTP/1.1 celis.no/images_hovedside/24/h%C3%B8stogvinter2022/kalendere.jpg?1664521833547
IP 193.107.30.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Hash 6117904aaf414d4584ce393974a76d5c
ed1b4f3a18201ddd46538a71dd08fda6180566b1
6546732524cfcc8d56b45d1c5052d385bc1c8a89837e524eb40482cd61b08ac2
GET /images_hovedside/24/h%C3%B8stogvinter2022/kalendere.jpg?1664521833547 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/jpeg
Content-Length: 93488
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 08:37:36 GMT
ETag: "16d30-5e83a75431a5c"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/images_hovedside/24/h%C3%B8stogvinter2022/seogblisett.jpg?1664522101424
193.107.30.42200 OK 62 kB URL HTTP/1.1 celis.no/images_hovedside/24/h%C3%B8stogvinter2022/seogblisett.jpg?1664522101424
IP 193.107.30.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Hash f50ad33a09061ef72f7d36fff05585ea
3046d2212e6090b5a07b563daf84cfc3f738dd07
9d6cde05e391150fdd8518ad626d34d5b65bdecadeee8811c4d2b3700dfacb7b
GET /images_hovedside/24/h%C3%B8stogvinter2022/seogblisett.jpg?1664522101424 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/jpeg
Content-Length: 61821
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 08:37:38 GMT
ETag: "f17d-5e83a755a5b61"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/images_hovedside/24/jul2021/toalettsefw.jpg?1664484518932
193.107.30.42200 OK 210 kB URL HTTP/1.1 celis.no/images_hovedside/24/jul2021/toalettsefw.jpg?1664484518932
IP 193.107.30.42:0
File type JPEG image data, progressive, precision 8, 1250x550, components 3\012- data
Size 210 kB (209526 bytes)
Hash 826b7a18242884759cc4d35c3fc8bbf0
cf23fbd1606a5e68aed3dcc39d41299a83b41216
105a7c66191c0b32cc1e3af8f3c6077a9cfecf1f4450d29dc5e3b74782eac086
GET /images_hovedside/24/jul2021/toalettsefw.jpg?1664484518932 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/jpeg
Content-Length: 209526
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 20:48:36 GMT
ETag: "33276-5e9d70053627a"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
celis.no/images_hovedside/24/vinter2022/plukkogmiks.jpg?1664783379958
193.107.30.42200 OK 105 kB URL HTTP/1.1 celis.no/images_hovedside/24/vinter2022/plukkogmiks.jpg?1664783379958
IP 193.107.30.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Size 105 kB (104561 bytes)
Hash 4881ffb7dd17ad4f21849955522365d4
8c9eb8a92cb00f87a5fc30c4f6f11562c9b00634
5cbf2d0a75ee7cd46c78313b3bc1bb3b716843879b71c30dffd8c789d0c3295e
GET /images_hovedside/24/vinter2022/plukkogmiks.jpg?1664783379958 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/jpeg
Content-Length: 104561
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 07:48:29 GMT
ETag: "19871-5ea1c91ca461b"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/images_hovedside/24/vinter2022/lager.jpg?1664783352341
193.107.30.42200 OK 84 kB URL HTTP/1.1 celis.no/images_hovedside/24/vinter2022/lager.jpg?1664783352341
IP 193.107.30.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Hash 9aedb6350c1a3a59e3985adc3390b140
6c2e29c00d8f2b50add76188eae191130f907b8e
af7b42dcdf0bdd004c725e77918f6a5ee80078a82888a515ee175498ae7dea54
GET /images_hovedside/24/vinter2022/lager.jpg?1664783352341 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/jpeg
Content-Length: 84333
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 07:48:28 GMT
ETag: "1496d-5ea1c91c1d9e4"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/bilder_diverse/slide_1664537925.jpg
193.107.30.42200 OK 197 kB URL HTTP/1.1 celis.no/bilder_diverse/slide_1664537925.jpg
IP 193.107.30.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1550x850, components 3\012- data
Size 197 kB (196904 bytes)
Hash e1e1ac019a385cbe231ada2aa5521e81
683cdb3ec3f5f2479383a725eb3cd32f0fb29923
229bdc865798237b8b011c8e7560a7f89390ed03f8b86c6253e44a76c51c3b57
GET /bilder_diverse/slide_1664537925.jpg HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/jpeg
Content-Length: 196904
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 11:38:45 GMT
ETag: "30128-5e9e36fcad7e7"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/images_hovedside/24/jul2021/1.jpg?1664483910767
193.107.30.42200 OK 233 kB URL HTTP/1.1 celis.no/images_hovedside/24/jul2021/1.jpg?1664483910767
IP 193.107.30.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1250x550, components 3\012- data
Size 233 kB (233430 bytes)
Hash 0f4e6d99161f9f61062c6cbf2c5d4063
6bc662034bd330360b5b3b92af04c7370108df57
de51cb933d157348391261e3649d290b916becc9d603c8ad20d68ca3d553a228
GET /images_hovedside/24/jul2021/1.jpg?1664483910767 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/jpeg
Content-Length: 233430
Connection: keep-alive
Last-Modified: Thu, 04 Nov 2021 13:44:28 GMT
ETag: "38fd6-5cff6b9beb450"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/images_hovedside/24/icons/rocket.png
193.107.30.42200 OK 8.2 kB URL HTTP/1.1 celis.no/images_hovedside/24/icons/rocket.png
IP 193.107.30.42:0
File type PNG image data, 134 x 134, 8-bit/color RGBA, non-interlaced\012- data
Hash 03a11e047cb1ece27675a53adb4395ee
ed909f72dd2e9c641ccab20abd3f5c2ef8153783
099c4e1894ed1f05056bbe129734e4eab7c050f6438532b8c91ff081616ae580
GET /images_hovedside/24/icons/rocket.png HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/png
Content-Length: 8240
Connection: keep-alive
Last-Modified: Mon, 13 Jan 2020 09:43:04 GMT
ETag: "2030-59c024d49685a"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/images_hovedside/24/vinter2022/bestselgere.jpg?1664783239684
193.107.30.42200 OK 42 kB URL HTTP/1.1 celis.no/images_hovedside/24/vinter2022/bestselgere.jpg?1664783239684
IP 193.107.30.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Hash 676e20376c1fd3d74bb5c9f37c8fb0ef
07f992f99c1ad71a563be019dd6c521c79bd9ad3
5d229dfc80ad8fd41bc251a19b152c3d82957377f49da2ba5f87591f9af079ce
GET /images_hovedside/24/vinter2022/bestselgere.jpg?1664783239684 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/jpeg
Content-Length: 41454
Connection: keep-alive
Last-Modified: Thu, 03 Feb 2022 13:38:02 GMT
ETag: "a1ee-5d71d3e470929"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
celis.no/images_hovedside/24/icons/people.png
193.107.30.42200 OK 18 kB URL HTTP/1.1 celis.no/images_hovedside/24/icons/people.png
IP 193.107.30.42:0
File type PNG image data, 134 x 134, 8-bit/color RGBA, non-interlaced\012- data
Hash d7cd7d1c2173d39fd896413750b0107c
c17f3ad2cc49fffd6f026f55f67657890547e5f7
29b4446f96a73aa06b88e1dffc78c792555b0a5da786b20e933e01e0ee585069
GET /images_hovedside/24/icons/people.png HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/png
Content-Length: 17921
Connection: keep-alive
Last-Modified: Mon, 13 Jan 2020 09:43:04 GMT
ETag: "4601-59c024d49685a"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/images_hovedside/24/h%C3%B8stogvinter2022/hostferie.jpg?1664522065057
193.107.30.42200 OK 89 kB URL HTTP/1.1 celis.no/images_hovedside/24/h%C3%B8stogvinter2022/hostferie.jpg?1664522065057
IP 193.107.30.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x500, components 3\012- data
Hash 438e10193057723055022e854cd97824
1451a20816dd919569c18bef1c0a6a2bbd5e7bea
5ce193ba239f304784b4e50b05b27e7270d74d88c7685c732d5b9f170926f0d9
GET /images_hovedside/24/h%C3%B8stogvinter2022/hostferie.jpg?1664522065057 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/jpeg
Content-Length: 88878
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 08:36:49 GMT
ETag: "15b2e-5e83a72717f3d"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/images_hovedside/24/icons/truck.png
193.107.30.42200 OK 9.1 kB URL HTTP/1.1 celis.no/images_hovedside/24/icons/truck.png
IP 193.107.30.42:0
File type PNG image data, 134 x 98, 8-bit/color RGBA, non-interlaced\012- data
Hash 735b3622549953e0ced0e06f3ac49ef8
ae55158915ef4a74a5de8fa8954c5e146d37caf1
32686c27465c3115e14a079f94efddeca2d6de009bcacd06b6028b37ba758148
GET /images_hovedside/24/icons/truck.png HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/png
Content-Length: 9131
Connection: keep-alive
Last-Modified: Mon, 13 Jan 2020 09:43:05 GMT
ETag: "23ab-59c024d5e38ac"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/images_hovedside/24/icons/shop.png
193.107.30.42200 OK 13 kB URL HTTP/1.1 celis.no/images_hovedside/24/icons/shop.png
IP 193.107.30.42:0
File type PNG image data, 134 x 113, 8-bit/color RGBA, non-interlaced\012- data
Hash db0af4837acf35603da0d5218581bb3a
63fab402cafc21499e7ba03021a3930e3c0a047c
81b79f832d24e0b319bbf0f9520062b6ad262109f70de7e5406aefc09f308705
GET /images_hovedside/24/icons/shop.png HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/png
Content-Length: 13159
Connection: keep-alive
Last-Modified: Mon, 13 Jan 2020 09:43:04 GMT
ETag: "3367-59c024d54e1f8"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/bilder_diverse/slide_1664491642.jpg
193.107.30.42200 OK 253 kB URL HTTP/1.1 celis.no/bilder_diverse/slide_1664491642.jpg
IP 193.107.30.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1250x550, components 3\012- data
Size 253 kB (252725 bytes)
Hash bfd555431fa9aecc5da4470d7046432e
e446eafab6da4a6279ec449c80fa07ac1e4690c6
81e52b8872d4027220f0208d2515829d4fe309b39670b4d6647b3829a3b921c9
GET /bilder_diverse/slide_1664491642.jpg HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/jpeg
Content-Length: 252725
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 22:47:22 GMT
ETag: "3db35-5e9d8a91c7a7b"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
celis.no/bilder_diverse/slide_1664692824.png
193.107.30.42200 OK 1.5 MB URL HTTP/1.1 celis.no/bilder_diverse/slide_1664692824.png
IP 193.107.30.42:0
File type PNG image data, 1406 x 767, 8-bit/color RGBA, non-interlaced\012- data
Size 1.5 MB (1508061 bytes)
Hash bd4605d07ad50b597981caeff4c35e5f
a4ecfeb89e8eabecbade83f948d6973d7ea589a0
6e4f5a46648d803dbf7700934c0f4319cf9060261db7aab2cefb3a6d17fcf00c
GET /bilder_diverse/slide_1664692824.png HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/png
Content-Length: 1508061
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 06:40:24 GMT
ETag: "1702dd-5ea0780732049"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.gstatic.com/s/bitter/v28/rax8HiqOu8IVPmn7f4xp.woff2
172.217.21.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/bitter/v28/rax8HiqOu8IVPmn7f4xp.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 30896, version 1.0\012- data
Hash a7332c352b59e1d882b5770b68ed9db5
6a4b2b9a2b35ae86769e0c6a0a6decbf67300db6
c470360f2548fb327562d8ce35185a96f59ab6daeb56c0d45ab712b63de848da
GET /s/bitter/v28/rax8HiqOu8IVPmn7f4xp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://celis.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30896
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 00:02:33 GMT
expires: Sun, 01 Oct 2023 00:02:33 GMT
cache-control: public, max-age=31536000
age: 270136
last-modified: Fri, 24 Jun 2022 18:46:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
celis.no/assets/js/fbremarketing.js?4b8a936472fbca5bed11
193.107.30.42200 OK 754 B URL HTTP/1.1 celis.no/assets/js/fbremarketing.js?4b8a936472fbca5bed11
IP 193.107.30.42:0
Hash e76c45545671cece5ad7531d3832c50d
f26e0e3b80d30486b6ffaa5f54a0187da8fd352f
1085896e2ed2470bb080f0824199227b33b5f531ab7472ce1f9c8f742513f118
GET /assets/js/fbremarketing.js?4b8a936472fbca5bed11 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited; javascript=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: application/javascript
Content-Length: 754
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 13:23:34 GMT
ETag: "6a8-5ea21401cc180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/assets2/fonts/pioneer/pioneer.ttf?tl2cf7
193.107.30.42200 OK 7.2 kB URL HTTP/1.1 celis.no/assets2/fonts/pioneer/pioneer.ttf?tl2cf7
IP 193.107.30.42:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, pioneer \012- data
Hash c17564efd9d2cffc62799399f8ce99d8
43fa0947a23e3f276500d27bda03f9e280c550bf
524b61f6b815524da2899a33ed926a242e1df31a9d8ddc0a46482f61d3bc92b7
GET /assets2/fonts/pioneer/pioneer.ttf?tl2cf7 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/assets/themes/afterburner/css/afterburner.compiled.css?ver=1575982250
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited; javascript=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Length: 7236
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 22:35:18 GMT
ETag: "1c44-5ea28f550646e"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
172.217.21.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Hash ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://celis.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:03:13 GMT
expires: Tue, 03 Oct 2023 21:03:13 GMT
cache-control: public, max-age=31536000
age: 21696
last-modified: Mon, 09 May 2022 18:27:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sc-static.net/scevent.min.js
54.230.82.240200 OK 8.8 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (25316), with no line terminators
Hash 5d4285ddd0c228077c66505f012548a8
0fe70aec9189f6bc39397cfe6b627cfe1d8b0e97
9360b9744aeecff2d3b3c2b72ff985e8ba92192cc98ebea2b48886619529f23f
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 8757
server: CloudFront
date: Tue, 04 Oct 2022 03:04:49 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Wed, 05 Oct 2022 02:11:28 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G0mEnrzGdEz_KYoN5MOxjE-k9znwdHtNA2sE35BJn8ZZapSJcHDuKA==
X-Firefox-Spdy: h2
celis.no/images_hovedside/24/j%20(800%20%C3%97%20800%C2%A0px)%20(400%20%C3%97%20400%C2%A0px).gif?1664825247311
193.107.30.42200 OK 3.7 MB URL HTTP/1.1 celis.no/images_hovedside/24/j%20(800%20%C3%97%20800%C2%A0px)%20(400%20%C3%97%20400%C2%A0px).gif?1664825247311
IP 193.107.30.42:0
File type GIF image data, version 89a, 400 x 400\012- data
Size 3.7 MB (3679252 bytes)
Hash 04db2819866406d43c62e964a20d2b61
7dbb3cd741f6ddaeb4db02ad26382dc1f8939633
093bd1226e7285cdd4735a2b83deafa70708e9b12e06589aa408091be8798dd4
GET /images_hovedside/24/j%20(800%20%C3%97%20800%C2%A0px)%20(400%20%C3%97%20400%C2%A0px).gif?1664825247311 HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:49 GMT
Content-Type: image/gif
Content-Length: 3679252
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 19:27:25 GMT
ETag: "382414-5ea26555f803a"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
celis.no/favicon.ico
193.107.30.42200 OK 0 B IP 193.107.30.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: celis.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Cookie: 24nb=eyJpdiI6InJCVDN0M3B2U0RnWDFuKzFycnJwSFE9PSIsInZhbHVlIjoiMXZrTFhhSDVIQ1FTMU9xdTVzRGtiRG9WSGR6VTFERWI3OUxEeWJPT2wyY01ieGlnZTJLcHRCOVR6NGZDMUY1S2pYZndLOVhPYUlCMGliZlBsZWZOemc9PSIsIm1hYyI6IjRiMjlkNGZhY2Y0NzdjMzllMjcyYjU2YzgwMTZjOGFiOTBmNzJmM2YxZGQ0YWUxMzA0NzA2Mjc5ZjViYzM1MjgifQ%3D%3D; 24db790=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22382c1031b7476a8e0698e8b58c52001a%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22193.107.30.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1664852689%3B%7D22b0f10cae4f73b7e809a44ba0a5ba51; popup_module=visited; javascript=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 04 Oct 2022 03:04:50 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2016 22:32:33 GMT
ETag: "0-539bf39b2f663"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 429a962c9e9796af4cd7a3bb499a72b9
01d59b862d62ede70da6aef2ea8ce6731ec3c2f9
5767aa13c4cb06d50991f8e1851e30c6f6d365468353e3b68d5f19af6dda7fad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5753
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:50 GMT
Last-Modified: Tue, 04 Oct 2022 01:28:58 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 02:41:09 GMT
expires: Tue, 04 Oct 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 1421
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 9CBlN8fvrR4HERbzJm2Zz7fXqsuciSRL2MaJqJwsOJBNE5b9epx2d6CSeGszQSD+Exi1WoMWKLlHpktRhR03FA==
content-length: 26840
x-fb-trip-id: 2074150462
date: Tue, 04 Oct 2022 03:04:50 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 429a962c9e9796af4cd7a3bb499a72b9
01d59b862d62ede70da6aef2ea8ce6731ec3c2f9
5767aa13c4cb06d50991f8e1851e30c6f6d365468353e3b68d5f19af6dda7fad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5753
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:50 GMT
Last-Modified: Tue, 04 Oct 2022 01:28:58 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/css?family=Noto+Sans:400,700|Bitter:400,700,400italic
216.58.211.10200 OK 4.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Noto+Sans:400,700|Bitter:400,700,400italic
IP 216.58.211.10:0
File type ASCII text, with very long lines (12963)
Hash 6b4b9d4fc85f4e0075b09615a53aa7f1
486120d535f94053c2cf654ea191a534ca673d21
af6bd1c7899caf41f2f511bb514cb0e99ca78c94314348597d89a4ffe6e255de
GET /css?family=Noto+Sans:400,700|Bitter:400,700,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 03:04:49 GMT
date: Tue, 04 Oct 2022 03:04:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js
143.204.55.80200 OK 28 kB URL HTTP/2 widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js
IP 143.204.55.80:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (64281), with no line terminators
Hash 5d220cf839e981e50c65214dcd96e0fc
15070f97f761a68548a2a12de1c898c322e1a7b0
463c02075608ea7896ae7bd1b81f207874e744a5bde580ee8df20d911ef354f0
GET /trustboxes/53aa8912dec7e10d38f59f36/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5eb01c7a50715800017033f0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 27969
last-modified: Tue, 20 Sep 2022 08:01:15 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Mon, 03 Oct 2022 04:11:00 GMT
cache-control: max-age=86400
etag: "5d220cf839e981e50c65214dcd96e0fc"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VyUOlKEBCjRf-6OAjPZ-irsS5j4T9G3E7EEpv4l5kUt0v_eGPMPkIA==
age: 82430
X-Firefox-Spdy: h2
client.24nettbutikk.chat/embed.js
143.204.55.112200 OK 124 kB URL HTTP/2 client.24nettbutikk.chat/embed.js
IP 143.204.55.112:0
File type Unicode text, UTF-8 text, with very long lines (5371)
Size 124 kB (124508 bytes)
Hash e8f540bf6a3530197bebf095bb490d98
0697c6ff9ca7c01e31cca0d72bf8d82eaa8c3120
38919619db1f0d1d363849dd697758f89ad9a5d45bb0cacf102c73f411523882
GET /embed.js HTTP/1.1
Host: client.24nettbutikk.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 18:39:07 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 04 Oct 2022 03:04:49 GMT
cache-control: public,max-age=600
etag: W/"8bbb378e6ea1fc5ce869b8af9ad3111f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VLbtE6xepO2OS_2DgNe0lOPdk8nzPsEoYz2G3_v8-QjhLEFzKNmOSA==
age: 172
x-xss-protection: 1; mode=block
referrer-policy: same-origin
content-security-policy: default-src 'self'; base-uri 'none'; object-src 'none'; img-src * data:; form-action 'none'; block-all-mixed-content; connect-src *; style-src 'self' *.gstatic.com *.googleapis.com; font-src 'self' *.gstatic.com *.googleapis.com; worker-src 'self' blob:; child-src 'self' blob:; script-src 'self' *.liveleader.com *.lr-ingest.io *.googletagmanager.com *.google-analytics.com *.gstatic.com; frame-src 'self' *.liveleader.com *.amazonaws.com; frame-ancestors *;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
permissions-policy: accelerometer=(), autoplay=(), camera=(self), cross-origin-isolated=(), display-capture=(self), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(self), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), idle-detection=(self), serial=()
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 8766c5a801f08afceca9b66ff9097e6a
ce7640d1d166eddeb9d40be642ec34652f790713
f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 04 Oct 2022 03:04:50 GMT
expires: Tue, 04 Oct 2022 03:04:50 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a0cb5a542db6de710f46fcabfe542cc5
281ab8143f8aa5de08a4667426ac8afcca9a02a7
d7e3ab90fd37fa6b847582b9daea1c5a6d7ee6b1bca622328cb7a16625699a28
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4426
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:50 GMT
Last-Modified: Tue, 04 Oct 2022 01:51:04 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a0cb5a542db6de710f46fcabfe542cc5
281ab8143f8aa5de08a4667426ac8afcca9a02a7
d7e3ab90fd37fa6b847582b9daea1c5a6d7ee6b1bca622328cb7a16625699a28
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2885
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:50 GMT
Last-Modified: Tue, 04 Oct 2022 02:16:45 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tr.snapchat.com/cm/i?pid=ac51940d-7a99-45df-8891-baebc7fa9a8d&u_scsid=83cf7f7a-1693-4916-bc11-4612c5f2e0ab&u_sclid=aa0ae0b0-5cea-4efa-b296-32a44f16070e
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=ac51940d-7a99-45df-8891-baebc7fa9a8d&u_scsid=83cf7f7a-1693-4916-bc11-4612c5f2e0ab&u_sclid=aa0ae0b0-5cea-4efa-b296-32a44f16070e
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=ac51940d-7a99-45df-8891-baebc7fa9a8d&u_scsid=83cf7f7a-1693-4916-bc11-4612c5f2e0ab&u_sclid=aa0ae0b0-5cea-4efa-b296-32a44f16070e HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 03:04:50 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/p
35.190.43.134200 OK 68 B IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------280741550012276653524294721554
Content-Length: 2392
Origin: https://celis.no
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 03:04:50 GMT
access-control-allow-origin: https://celis.no
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAA3HwREAIAgDsIm4AyxV1kHdguE1v+xhs2KkMLAE16ekg+IsrCjYvqfbyD9nausDpm6zHzIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 6
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/init?pids=ac51940d-7a99-45df-8891-baebc7fa9a8d
35.190.43.134200 OK 86 kB URL HTTP/2 tr.snapchat.com/init?pids=ac51940d-7a99-45df-8891-baebc7fa9a8d
IP 35.190.43.134:0
File type JSON data\012- , ASCII text, with very long lines (64345)
Hash d8f99f68137309f77829e994b95b36ad
9b830e7bebddd266200191526e1d5085a04b5963
93c4569d20322b5da345f8f8609d68e203de5b5eded7a20672e3f7a433bc97a8
GET /init?pids=ac51940d-7a99-45df-8891-baebc7fa9a8d HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://celis.no/
Origin: https://celis.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 03:04:50 GMT
access-control-allow-origin: https://celis.no
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=nb-NO&styleHeight=140px&styleWidth=100%25&theme=light&stars=4%2C5&reviewLanguages=nb&url=https%3A%2F%2Fcelis.no%2F&referrer=https%3A%2F%2Fmedia.bigbasketshop.com%2F&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5eb01c7a50715800017033f0&widgetId=53aa8912dec7e10d38f59f36
143.204.55.80204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=nb-NO&styleHeight=140px&styleWidth=100%25&theme=light&stars=4%2C5&reviewLanguages=nb&url=https%3A%2F%2Fcelis.no%2F&referrer=https%3A%2F%2Fmedia.bigbasketshop.com%2F&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5eb01c7a50715800017033f0&widgetId=53aa8912dec7e10d38f59f36
IP 143.204.55.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=nb-NO&styleHeight=140px&styleWidth=100%25&theme=light&stars=4%2C5&reviewLanguages=nb&url=https%3A%2F%2Fcelis.no%2F&referrer=https%3A%2F%2Fmedia.bigbasketshop.com%2F&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5eb01c7a50715800017033f0&widgetId=53aa8912dec7e10d38f59f36 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5eb01c7a50715800017033f0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Tue, 04 Oct 2022 03:04:49 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DJuyKTkf6YdZ-Q-ILHmWSRCTqBswhjx69A5MrF46B6diG975FjJZHA==
X-Firefox-Spdy: h2
tr.snapchat.com/collector/is_enabled?pids=ac51940d-7a99-45df-8891-baebc7fa9a8d&tld=no
35.190.43.134200 OK 100 B URL HTTP/2 tr.snapchat.com/collector/is_enabled?pids=ac51940d-7a99-45df-8891-baebc7fa9a8d&tld=no
IP 35.190.43.134:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 388ca868ad022fdad152292b3f8a7e2c
5eb1850288dab54959329e0f05201713d30ecb00
e691dd49e4f03b7ac47c0e3b615de5873ce6ded2a2f31bc13922fdd22f2f07c7
GET /collector/is_enabled?pids=ac51940d-7a99-45df-8891-baebc7fa9a8d&tld=no HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://celis.no/
Origin: https://celis.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 03:04:50 GMT
access-control-allow-origin: https://celis.no
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-24343184-8&cid=1032397697.1664852690&jid=13465031&gjid=1910641952&_gid=2120442897.1664852690&_u=IEDAAEAAAAAAACAAI~&z=1447526250
74.125.131.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-24343184-8&cid=1032397697.1664852690&jid=13465031&gjid=1910641952&_gid=2120442897.1664852690&_u=IEDAAEAAAAAAACAAI~&z=1447526250
IP 74.125.131.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-24343184-8&cid=1032397697.1664852690&jid=13465031&gjid=1910641952&_gid=2120442897.1664852690&_u=IEDAAEAAAAAAACAAI~&z=1447526250 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://celis.no
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://celis.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 03:04:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-85161377-1&cid=1032397697.1664852690&jid=1626334661&gjid=1164319542&_gid=2120442897.1664852690&_u=IEDAAEABAAAAACAAI~&z=1917877660
74.125.131.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-85161377-1&cid=1032397697.1664852690&jid=1626334661&gjid=1164319542&_gid=2120442897.1664852690&_u=IEDAAEABAAAAACAAI~&z=1917877660
IP 74.125.131.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-85161377-1&cid=1032397697.1664852690&jid=1626334661&gjid=1164319542&_gid=2120442897.1664852690&_u=IEDAAEABAAAAACAAI~&z=1917877660 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://celis.no
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://celis.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 03:04:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/871076749/?random=1664852690026&cv=9&fst=1664852690026&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcelis.no%2F&ref=https%3A%2F%2Fmedia.bigbasketshop.com%2F&tiba=Celis.no%20-%20Pynt%2C%20accessories%2C%20julebutikk%20og%20mye%20mer&auid=1300566784.1664852690&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/871076749/?random=1664852690026&cv=9&fst=1664852690026&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcelis.no%2F&ref=https%3A%2F%2Fmedia.bigbasketshop.com%2F&tiba=Celis.no%20-%20Pynt%2C%20accessories%2C%20julebutikk%20og%20mye%20mer&auid=1300566784.1664852690&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2420), with no line terminators
Hash 96dfb6a452cad2e08d13a9790f56dc2c
4987fe59e18891adbed688c8e36ee45e9f7e22f2
58d0c3f88e0e93e41e088ee45c781a7f9068ad1718bfcf9f3a866f2467ba7510
GET /pagead/viewthroughconversion/871076749/?random=1664852690026&cv=9&fst=1664852690026&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcelis.no%2F&ref=https%3A%2F%2Fmedia.bigbasketshop.com%2F&tiba=Celis.no%20-%20Pynt%2C%20accessories%2C%20julebutikk%20og%20mye%20mer&auid=1300566784.1664852690&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 03:04:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1074
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-Oct-2022 03:19:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/871076749/?random=1664852690026&cv=9&fst=1664852400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcelis.no%2F&ref=https%3A%2F%2Fmedia.bigbasketshop.com%2F&tiba=Celis.no%20-%20Pynt%2C%20accessories%2C%20julebutikk%20og%20mye%20mer&async=1&fmt=3&is_vtc=1&random=625862438&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/871076749/?random=1664852690026&cv=9&fst=1664852400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcelis.no%2F&ref=https%3A%2F%2Fmedia.bigbasketshop.com%2F&tiba=Celis.no%20-%20Pynt%2C%20accessories%2C%20julebutikk%20og%20mye%20mer&async=1&fmt=3&is_vtc=1&random=625862438&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/871076749/?random=1664852690026&cv=9&fst=1664852400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcelis.no%2F&ref=https%3A%2F%2Fmedia.bigbasketshop.com%2F&tiba=Celis.no%20-%20Pynt%2C%20accessories%2C%20julebutikk%20og%20mye%20mer&async=1&fmt=3&is_vtc=1&random=625862438&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 03:04:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-24343184-8&cid=1032397697.1664852690&jid=13465031&_u=IEDAAEAAAAAAACAAI~&z=1972626249
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-24343184-8&cid=1032397697.1664852690&jid=13465031&_u=IEDAAEAAAAAAACAAI~&z=1972626249
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-24343184-8&cid=1032397697.1664852690&jid=13465031&_u=IEDAAEAAAAAAACAAI~&z=1972626249 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 03:04:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-85161377-1&cid=1032397697.1664852690&jid=1626334661&_u=IEDAAEABAAAAACAAI~&z=1233468361
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-85161377-1&cid=1032397697.1664852690&jid=1626334661&_u=IEDAAEABAAAAACAAI~&z=1233468361
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-85161377-1&cid=1032397697.1664852690&jid=1626334661&_u=IEDAAEABAAAAACAAI~&z=1233468361 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 03:04:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 03:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-0VEB93L6P3>m=2oe9s0&_p=523153633&cid=1032397697.1664852690&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664852689&sct=1&seg=0&dl=https%3A%2F%2Fcelis.no%2F&dr=https%3A%2F%2Fmedia.bigbasketshop.com%2F&dt=Celis.no%20-%20Pynt%2C%20accessories%2C%20julebutikk%20og%20mye%20mer&en=page_view&_fv=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-0VEB93L6P3>m=2oe9s0&_p=523153633&cid=1032397697.1664852690&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664852689&sct=1&seg=0&dl=https%3A%2F%2Fcelis.no%2F&dr=https%3A%2F%2Fmedia.bigbasketshop.com%2F&dt=Celis.no%20-%20Pynt%2C%20accessories%2C%20julebutikk%20og%20mye%20mer&en=page_view&_fv=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0VEB93L6P3>m=2oe9s0&_p=523153633&cid=1032397697.1664852690&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664852689&sct=1&seg=0&dl=https%3A%2F%2Fcelis.no%2F&dr=https%3A%2F%2Fmedia.bigbasketshop.com%2F&dt=Celis.no%20-%20Pynt%2C%20accessories%2C%20julebutikk%20og%20mye%20mer&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://celis.no
Connection: keep-alive
Referer: https://celis.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://celis.no
date: Tue, 04 Oct 2022 03:04:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=5eb01c7a50715800017033f0&locale=nb-NO&reviewLanguages=nb&reviewStars=4%2C5&includeReviews=true&reviewsPerPage=15
143.204.55.80200 OK 0 B URL HTTP/2 widget.trustpilot.com/trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=5eb01c7a50715800017033f0&locale=nb-NO&reviewLanguages=nb&reviewStars=4%2C5&includeReviews=true&reviewsPerPage=15
IP 143.204.55.80:0
GET /trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=5eb01c7a50715800017033f0&locale=nb-NO&reviewLanguages=nb&reviewStars=4%2C5&includeReviews=true&reviewsPerPage=15 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5eb01c7a50715800017033f0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fallback-status: BYPASS
x-skip-cache-cookie: 0
x-xss-protection: 1; mode=block
date: Tue, 04 Oct 2022 03:03:13 GMT
cache-control: public,max-age=1800
etag: "a9212ac644e7f7869f6f51837122d0ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eWckA-fUISQ8q4DdMl-Yn7xxeu6bw2a8HGFft8Bja6rGa61V9pEAnQ==
age: 633
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
172.217.21.163200 OK 0 B URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
IP 172.217.21.163:0
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://celis.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:03:15 GMT
expires: Tue, 03 Oct 2023 21:03:15 GMT
cache-control: public, max-age=31536000
age: 21694
last-modified: Mon, 09 May 2022 18:28:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
media.bigbasketshop.com/track?q=y9mVqLVe3evR
104.21.86.113200 OK 0 B URL HTTP/2 media.bigbasketshop.com/track?q=y9mVqLVe3evR
IP 104.21.86.113:0
GET /track?q=y9mVqLVe3evR HTTP/1.1
Host: media.bigbasketshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eu.pushnow.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 03:04:48 GMT
content-type: text/html
referrer-policy: origin
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRgIREoFhj27zFCxi7kaWqr3RmNaC9meNFocOTeBGgFID%2B7Tygj51vEE8dnqJTq2CPfhrHIDmfr0KdvhhCQOiRnimSxSOFL1Ql8towQYioFAphWqLGI3vGqGIuGfnFJWoXk4CPSnZf%2Fonw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754ab1367c50b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2