r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6017
Expires: Sun, 29 Jan 2023 15:11:37 GMT
Date: Sun, 29 Jan 2023 13:31:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5949
Expires: Sun, 29 Jan 2023 15:10:29 GMT
Date: Sun, 29 Jan 2023 13:31:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 12:35:37 GMT
content-type: application/json
age: 3343
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7494
Expires: Sun, 29 Jan 2023 15:36:14 GMT
Date: Sun, 29 Jan 2023 13:31:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FlRKnszp9gJgLSr0kqApEYgygMIOMTFbrr0Z664SjvwDGPZ6KrTurksqKWJlbf1Lhp//e7P6UYhGKKQFfpywFg==
x-amz-request-id: KWXYCJRMCQM2HJ33
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 13:21:24 GMT
age: 596
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 13:31:20 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 12:41:41 GMT
age: 2979
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
nabadashamal.com/wp-includes/css/dist/nux/DEUTSH/DEUTSH/account/card.php
302 Found 11 B URL HTTP/1.1 nabadashamal.com/wp-includes/css/dist/nux/DEUTSH/DEUTSH/account/card.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/nux/DEUTSH/DEUTSH/account/card.php HTTP/1.1
Host: nabadashamal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 29 Jan 2023 13:31:20 GMT
location: http://orest-vlv.com/zcvisitor/3736a0c6-9fd9-11ed-a98d-125e1845214f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=727d67a0-9191-11ed-911d-0a918cbcbb97
server: nginx
set-cookie: sid=372993da-9fd9-11ed-a91c-e66c924e887b; path=/; domain=.nabadashamal.com; expires=Fri, 16 Feb 2091 16:45:27 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4391
Expires: Sun, 29 Jan 2023 14:44:32 GMT
Date: Sun, 29 Jan 2023 13:31:21 GMT
Connection: keep-alive
orest-vlv.com/zcvisitor/3736a0c6-9fd9-11ed-a98d-125e1845214f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=727d67a0-9191-11ed-911d-0a918cbcbb97
200 1.1 kB URL HTTP/1.1 orest-vlv.com/zcvisitor/3736a0c6-9fd9-11ed-a98d-125e1845214f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=727d67a0-9191-11ed-911d-0a918cbcbb97
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f1d3a5466b16575a4d5678ec267975f0
a8e9e5dcdb1f4496d18e3d43c65257c0d73a7899
7020179ec9d2be27657f5ae75ddf0492084ea2321254370b907d1c87b9616e93
GET /zcvisitor/3736a0c6-9fd9-11ed-a98d-125e1845214f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=727d67a0-9191-11ed-911d-0a918cbcbb97 HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 29 Jan 2023 13:31:21 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: rgaRFeSO
orest-vlv.com/zcredirect?visitid=3736a0c6-9fd9-11ed-a98d-125e1845214f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
200 560 B URL HTTP/1.1 orest-vlv.com/zcredirect?visitid=3736a0c6-9fd9-11ed-a98d-125e1845214f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1fcecf0f7716c26ad91f304c5d2c9171
bc7d12dd0a89076309d38548c463b90f70855650
0bae9f13c537c6ac5206a33cce683202030f4d8bb1831311e86a8aeadc397295
GET /zcredirect?visitid=3736a0c6-9fd9-11ed-a98d-125e1845214f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/3736a0c6-9fd9-11ed-a98d-125e1845214f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=727d67a0-9191-11ed-911d-0a918cbcbb97
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 29 Jan 2023 13:31:21 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: WAghKsca
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UhUPhPO418+D5cxJcXqfJA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UyUZGCAx8tnwc2TNyX/exS37TMo=
orest-vlv.com/favicon.ico
404 653 B URL HTTP/1.1 orest-vlv.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcredirect?visitid=3736a0c6-9fd9-11ed-a98d-125e1845214f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Sun, 29 Jan 2023 13:31:21 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: hAwWnhWl
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a1353ed63cccf6862fe3d77e782957d6
a6c1a917704cc971ab67b2651bb1ef86082f5ff1
1bae368052e6e90f634e5e0fba2bd007e128df08577f7e20dab320079ea147cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAE368052E6E90F634E5E0FBA2BD007E128DF08577F7E20DAB320079EA147CF"
Last-Modified: Sat, 28 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 29 Jan 2023 19:31:21 GMT
Date: Sun, 29 Jan 2023 13:31:21 GMT
Connection: keep-alive
r.srvtrck.com/v1/redirect?url=bad.no&country=NO&api_key=924585d25f8897b10e857f1c77d1dee9&site_id=0b8fe166a52f41659a749a1dce7a6570&type=url&source=ew-verlag.de&yk_tag=zr3736a0c69fd911eda98d125e1845214f75cceacc0b1846ab81ea883f5404bbb1070813e637d2019a8f
301 Moved Permanently 0 B URL HTTP/1.1 r.srvtrck.com/v1/redirect?url=bad.no&country=NO&api_key=924585d25f8897b10e857f1c77d1dee9&site_id=0b8fe166a52f41659a749a1dce7a6570&type=url&source=ew-verlag.de&yk_tag=zr3736a0c69fd911eda98d125e1845214f75cceacc0b1846ab81ea883f5404bbb1070813e637d2019a8f
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/redirect?url=bad.no&country=NO&api_key=924585d25f8897b10e857f1c77d1dee9&site_id=0b8fe166a52f41659a749a1dce7a6570&type=url&source=ew-verlag.de&yk_tag=zr3736a0c69fd911eda98d125e1845214f75cceacc0b1846ab81ea883f5404bbb1070813e637d2019a8f HTTP/1.1
Host: r.srvtrck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 29 Jan 2023 13:31:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 29 Jan 2023 14:31:21 GMT
Location: https://r.srvtrck.com/v1/redirect?url=bad.no&country=NO&api_key=924585d25f8897b10e857f1c77d1dee9&site_id=0b8fe166a52f41659a749a1dce7a6570&type=url&source=ew-verlag.de&yk_tag=zr3736a0c69fd911eda98d125e1845214f75cceacc0b1846ab81ea883f5404bbb1070813e637d2019a8f
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791253e53f840b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.digicert.com/
200 OK 279 B IP
Hash 1d54dcfc79bc1d09df5cf4d28dac11f7
af281f6bb094405022141b7edb270959851d3a99
c471a51a1f5c118b0536a9f452fc7e64ed273fb9502808bed1d62809347ade18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4393
Cache-Control: max-age=125303
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:31:21 GMT
Etag: "63d5aa77-117"
Expires: Tue, 31 Jan 2023 00:19:44 GMT
Last-Modified: Sat, 28 Jan 2023 23:06:31 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
r.srvtrck.com/v1/redirect?url=bad.no&country=NO&api_key=924585d25f8897b10e857f1c77d1dee9&site_id=0b8fe166a52f41659a749a1dce7a6570&type=url&source=ew-verlag.de&yk_tag=zr3736a0c69fd911eda98d125e1845214f75cceacc0b1846ab81ea883f5404bbb1070813e637d2019a8f
302 Found 0 B URL HTTP/2 r.srvtrck.com/v1/redirect?url=bad.no&country=NO&api_key=924585d25f8897b10e857f1c77d1dee9&site_id=0b8fe166a52f41659a749a1dce7a6570&type=url&source=ew-verlag.de&yk_tag=zr3736a0c69fd911eda98d125e1845214f75cceacc0b1846ab81ea883f5404bbb1070813e637d2019a8f
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/redirect?url=bad.no&country=NO&api_key=924585d25f8897b10e857f1c77d1dee9&site_id=0b8fe166a52f41659a749a1dce7a6570&type=url&source=ew-verlag.de&yk_tag=zr3736a0c69fd911eda98d125e1845214f75cceacc0b1846ab81ea883f5404bbb1070813e637d2019a8f HTTP/1.1
Host: r.srvtrck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 13:31:22 GMT
content-length: 0
p3p: CP="CAO PSA OUR"
set-cookie: ykuid=ccd274b1b30344fb9e66bc03af323bbf; Domain=.srvtrck.com; Expires=Mon, 29-Jan-2024 13:31:21 GMT; Path=/
location: /v2/go?t=0t5pa%3Ae%2Fdra34.ae5%2F1%2Ffs5%3D6515f%26bi%3D1s7%260626w9%3D25b9383w9%3Da040401024c3a0c0f6c1f0e4b37v2s0%26972532eib%26d3b7w62%3D0l84e661ai2%3F4c6t9n75911fc%2F7s6t7h&e=1&ai=8778bb24c34c4ca0b6cd174a0dafc285&sct=0&ct=1674999082090&cu=0cafcc2f1e4b47a2903932b32e9b6d6b&ykuid=ccd274b1b30344fb9e66bc03af323bbf&sc=1&cs=babcf8f0b10f83409eda68da124b47e1
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 791253e58ec4b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 1d54dcfc79bc1d09df5cf4d28dac11f7
af281f6bb094405022141b7edb270959851d3a99
c471a51a1f5c118b0536a9f452fc7e64ed273fb9502808bed1d62809347ade18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4394
Cache-Control: max-age=125303
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:31:22 GMT
Etag: "63d5aa77-117"
Expires: Tue, 31 Jan 2023 00:19:45 GMT
Last-Modified: Sat, 28 Jan 2023 23:06:31 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
fr135.net/c/?si=15654&li=1677032&wi=255978&ws=v0304000146300cafcc2f1e4b47a2903932b32e9b6d6b&ws2=0b8fe166a52f41659a749a1dce7a6570
301 Moved Permanently 503 B URL HTTP/2 fr135.net/c/?si=15654&li=1677032&wi=255978&ws=v0304000146300cafcc2f1e4b47a2903932b32e9b6d6b&ws2=0b8fe166a52f41659a749a1dce7a6570
IP
Hash 7c1095068d982c9dc5b90efae06c7399
fc8a2d513e9ecfbd49785ec7f2ef537cb0e438c8
4ce10d3957586b4cf4ba4af3112576bc3d6ed4260dd6c05d48d0892236d10ed8
GET /c/?si=15654&li=1677032&wi=255978&ws=v0304000146300cafcc2f1e4b47a2903932b32e9b6d6b&ws2=0b8fe166a52f41659a749a1dce7a6570 HTTP/1.1
Host: fr135.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.srvtrck.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/html; charset=UTF-8
location: https://fr135.net/redirect/global.php?dai_url_domain=bad.no&dai_url_add=utm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_255978&dai_url=
set-cookie: dci=5JJ10mHrKHD6MeJ; expires=Tue, 30-Jan-2024 13:31:22 GMT; Max-Age=31622400; path=/; domain=.fr135.net; secure; HttpOnly; SameSite=None
pdc=5JJ10mHrKHD6MeJ; expires=Tue, 30-Jan-2024 13:31:22 GMT; Max-Age=31622400; path=/; domain=.fr135.net; secure; HttpOnly; SameSite=None
ci_15654=ZF4xNjc0OTk5MDgyLGRjaV41SkoxMG1IcktIRDZNZUo%3D; expires=Tue, 30-Jan-2024 13:31:22 GMT; Max-Age=31622400; path=/; domain=.fr135.net; secure; HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-expose-headers: P3p, Cache-Control, Expires, Content-Length, Content-Type
cache-control: no-store, no-cache, must-revalidate, max-age=14400
x-xss-protection: 0
expires: Sun, 29 Jan 2023 17:31:22 GMT
x-daisycon-cluster: ApacheContainer-6d14aa57cbb7-tracking.daisycon.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEQJZ8m9Yqp7dx6O%2BNUbffpLr2Vu1gFuwMcFIq8wRbrSpnkw6KVj68tjY3iXlaBRsly7oEhSWlXkW%2Fb1exuIAmfS7RdsGBA2MWttY2QW%2B49Ws4pjWDAkJCOnnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791253e7e8b6b524-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13705
Expires: Sun, 29 Jan 2023 17:19:47 GMT
Date: Sun, 29 Jan 2023 13:31:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13705
Expires: Sun, 29 Jan 2023 17:19:47 GMT
Date: Sun, 29 Jan 2023 13:31:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13705
Expires: Sun, 29 Jan 2023 17:19:47 GMT
Date: Sun, 29 Jan 2023 13:31:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13705
Expires: Sun, 29 Jan 2023 17:19:47 GMT
Date: Sun, 29 Jan 2023 13:31:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13705
Expires: Sun, 29 Jan 2023 17:19:47 GMT
Date: Sun, 29 Jan 2023 13:31:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:24:09 GMT
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
age: 29233
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:12:28 GMT
age: 51534
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57ff6665d99a17d06b75c8fe64c90ab3
05648eed6830a794aa7e30ba4da526ed4c45b0ca
728b809756a0faff1a55bb03f13f33e31518f321e50dd944a0267d585c09264c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5198
x-amzn-requestid: 8117f45b-926a-4cbe-b152-dae983bc3526
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOYdlG6XIAMF_vA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf3abd-7ce531f65f66ac3a73970841;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 01:56:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9qRYwsM8g7XZPY2E-9puCMAp7VKUvdIiK8jA0wr0XSpnMScoQYCwGw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:47 GMT
age: 56675
etag: "05648eed6830a794aa7e30ba4da526ed4c45b0ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D2ZAelkDgsd0wjoOSoPRwTzhozs84_aIcgwU-QmbDrTnHztVD0VL_A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 14:57:16 GMT
age: 81246
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 71726
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d5ed99a9aed6f367efc5c9498ce87ff1
3123eb6f550c51fe17fc62eff943b3739e239a9b
536f45bf2eb41f7056df8b34964538005d6a0a4c6157def3fbdd9487f8c79027
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10168
x-amzn-requestid: fe58fe3c-dd23-4614-b5a2-e91ef68c2ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFOD7H-NIAMFcxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb907f-687fc51741d7ff97182d1955;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:13:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GEghrk0LlbdfqVAHey-W84Zk9XHT2PD268Vfxf85HEvil0Ra27YgPA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:43:37 GMT
age: 35265
etag: "3123eb6f550c51fe17fc62eff943b3739e239a9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7c1095068d982c9dc5b90efae06c7399
fc8a2d513e9ecfbd49785ec7f2ef537cb0e438c8
4ce10d3957586b4cf4ba4af3112576bc3d6ed4260dd6c05d48d0892236d10ed8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CE10D3957586B4CF4BA4AF3112576BC3D6ED4260DD6C05D48D0892236D10ED8"
Last-Modified: Fri, 27 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5283
Expires: Sun, 29 Jan 2023 14:59:25 GMT
Date: Sun, 29 Jan 2023 13:31:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e36cdf53f8344e122029dec83c1c563
4bb2c27c3fd73ef71edd758900f32a8a2b2df6d4
d0fc4b3b83471b22ea646cccaf267aaaa75554d4e79b8d751aba43d30104b4e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D0FC4B3B83471B22EA646CCCAF267AAAA75554D4E79B8D751ABA43D30104B4E3"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4588
Expires: Sun, 29 Jan 2023 14:47:50 GMT
Date: Sun, 29 Jan 2023 13:31:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e36cdf53f8344e122029dec83c1c563
4bb2c27c3fd73ef71edd758900f32a8a2b2df6d4
d0fc4b3b83471b22ea646cccaf267aaaa75554d4e79b8d751aba43d30104b4e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D0FC4B3B83471B22EA646CCCAF267AAAA75554D4E79B8D751ABA43D30104B4E3"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4588
Expires: Sun, 29 Jan 2023 14:47:50 GMT
Date: Sun, 29 Jan 2023 13:31:22 GMT
Connection: keep-alive
cdn.shopify.com/s/files/1/0562/4260/2183/files/bad-no_colour_digital_150x.png?v=1621557801
200 OK 2.7 kB URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/files/bad-no_colour_digital_150x.png?v=1621557801
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ISO Media, AVIF Image\012- data
Hash 6f437e5cfd00d08cab109e365f689d28
61d47079b54bdfb1413aedc480ccbca231a77462
3aa20933d6e366b0157cb4900e46c2631737446b851df5cd0ebbaf4fa56704f1
GET /s/files/1/0562/4260/2183/files/bad-no_colour_digital_150x.png?v=1621557801 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: image/avif
content-length: 2716
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/files/bad-no_colour_digital_150x.png>; rel="canonical"
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: e24da76f-9234-4ac6-9e9c-bf014f4ac09f
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Mon, 26 Sep 2022 14:59:56 GMT
cf-cache-status: HIT
age: 10794686
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3pVDrEekck4C3TL67oqOW14DB84q44FE2y98It58j70DWEVLo9lWQhOx3NkXsmMTXBNKW%2FsE8ursuaTanflIfP6VqLkrGjUBu%2Bi9WBJXV97hIJcNOBkDMISaK2o%2FRJb0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=211.221, imageryFetch;dur=79.736, imageryProcess;dur=130.547;desc="image", cfRequestDuration;dur=13.000011
server: cloudflare
cf-ray: 791253eb0bb2fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/files/dansani-corona-rundt-speil-med-lys-o60-75-90cm-75cm-dansani-baderomsspeil-da-94270-33524841578695_1800x1800_56c17f59-cc5d-4107-98d0-ca1e3183b602_300x.webp?v=1665157244
200 OK 7.9 kB URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/files/dansani-corona-rundt-speil-med-lys-o60-75-90cm-75cm-dansani-baderomsspeil-da-94270-33524841578695_1800x1800_56c17f59-cc5d-4107-98d0-ca1e3183b602_300x.webp?v=1665157244
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ISO Media, AVIF Image\012- data
Hash 276403e6f0d17f89db4bc72de3049b54
afb7dcc8e615bb094c759ba3884258375a36588e
2dbc2467acb2a8d8e82737f73b96ff72ffe7448bcaf7e161e2b6147e5527b8b8
GET /s/files/1/0562/4260/2183/files/dansani-corona-rundt-speil-med-lys-o60-75-90cm-75cm-dansani-baderomsspeil-da-94270-33524841578695_1800x1800_56c17f59-cc5d-4107-98d0-ca1e3183b602_300x.webp?v=1665157244 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: image/avif
content-length: 7858
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/files/dansani-corona-rundt-speil-med-lys-o60-75-90cm-75cm-dansani-baderomsspeil-da-94270-33524841578695_1800x1800_56c17f59-cc5d-4107-98d0-ca1e3183b602_300x.webp>; rel="canonical"
source-length: 46484
source-type: image/webp
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: a2a4abaa-67ff-4c08-9826-acebac9d3d23
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Fri, 07 Oct 2022 15:40:46 GMT
cf-cache-status: HIT
age: 9841836
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiAZempbY50%2BN1RT28dzmddmv6LbVewBYykGdsFVJVbxw7rPAH3DpQpA9HUz9Dr1HojKj%2FrSyhnc%2BHtxI%2BimI%2B2jzz3aBp3e7o01xcbUx%2F88pOECWlktKWMA0wDq0qxShw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=872.547, imageryFetch;dur=67.652, imageryProcess;dur=801.985;desc="image", cfRequestDuration;dur=26.000023
server: cloudflare
cf-ray: 791253eb1bbbfac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/files/Hoiax-Connected-Varmtvannsbereder-1638x919-opt_300x.jpg?v=1649788794
200 OK 9.2 kB URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/files/Hoiax-Connected-Varmtvannsbereder-1638x919-opt_300x.jpg?v=1649788794
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ISO Media, AVIF Image\012- data
Hash 50c9d0a843890ed8898fec855c49d20c
238a36f8bc1c13be1f6a535177327bc3e3df6b4c
8d3b932cad5efa34422106560418f541b45aa3eef9801e3a88bf21281e76a543
GET /s/files/1/0562/4260/2183/files/Hoiax-Connected-Varmtvannsbereder-1638x919-opt_300x.jpg?v=1649788794 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: image/avif
content-length: 9238
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/files/Hoiax-Connected-Varmtvannsbereder-1638x919-opt_300x.jpg>; rel="canonical"
source-length: 120294
source-type: image/jpeg
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: d27e5c82-06e2-42d9-9ba7-a16d826d9d8d
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-east1
last-modified: Wed, 30 Nov 2022 22:29:44 GMT
cf-cache-status: HIT
age: 5151698
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVi83R5P4lnzxI%2FYmktXKHlK%2BMuyUkbSIKwW6HQBqZHflLq%2B8E0GB7cIuk36m8M2C6896uYjp6ad3BMlrfEO7XjxOSJ2P6iomqr2gjWC9mQFlddZcSW%2F0jnQFHM20YsxsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=533.224, imageryFetch;dur=46.363, imageryProcess;dur=485.979;desc="image", cfRequestDuration;dur=22.000074
server: cloudflare
cf-ray: 791253eb0bb8fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/files/alta1_1_300x.jpg?v=1665157434
200 OK 9.8 kB URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/files/alta1_1_300x.jpg?v=1665157434
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ISO Media, AVIF Image\012- data
Hash c8113be10b56b3a591abac3beb63a8dc
07c1f129badae465b78d875dc133c1ae4f83b973
728b16c9f85b9f17833e0ebf6ca51deef5b1171ef09abd1f4907644e6a6da1d2
GET /s/files/1/0562/4260/2183/files/alta1_1_300x.jpg?v=1665157434 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: image/avif
content-length: 9816
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/files/alta1_1_300x.jpg>; rel="canonical"
source-length: 216676
source-type: image/jpeg
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 5d6caef9-5e36-4397-9ea2-2e6ff6a1abe7
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Fri, 07 Oct 2022 15:43:55 GMT
cf-cache-status: HIT
age: 9841647
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgT16wLkhWr5EuCtTSipAJjn9qtUe4%2F3GtjUid5wGhu4caD6%2FtI%2B3zGiK9hB2LW%2BxyCdJTVgjokhjRHjNWdtH6qseWRH1yUZ0Q3DSqRDCb4TdhBBLWKrXYq4xpPZa3V%2BIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=722.884, imageryFetch;dur=38.667, imageryProcess;dur=683.538;desc="image", cfRequestDuration;dur=16.000032
server: cloudflare
cf-ray: 791253eb1bc6fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/files/Svedbergs-Alta-Miljobilde-kampanje_300x.jpg?v=1649248288
200 OK 8.1 kB URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/files/Svedbergs-Alta-Miljobilde-kampanje_300x.jpg?v=1649248288
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ISO Media, AVIF Image\012- data
Hash 0b9b039cc75cff1a723f8cc0a2b26a47
967c6887d034559b417a9d5538b33072738dd035
8ab2ea9ecd7220a09e7c08f8bd36e81734583085fca69664b164e6182c722835
GET /s/files/1/0562/4260/2183/files/Svedbergs-Alta-Miljobilde-kampanje_300x.jpg?v=1649248288 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: image/avif
content-length: 8127
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/files/Svedbergs-Alta-Miljobilde-kampanje_300x.jpg>; rel="canonical"
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 9a4f6ffc-6c7c-446f-a8bb-af7adefcce55
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Tue, 23 Aug 2022 22:38:56 GMT
cf-cache-status: HIT
age: 13509183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZrXZRqpkVwiWF1cfySBITnMhmNHk5Xf3fT1kNZqv%2F6FcB8DOBXfRPUjvIRRqEQ4MKQvd5c6Fs0g%2BTNC6Va2Nz6KLddGS14VoMvnmTjp1gRzdObdiQPcKZ%2BGsWrCU3GyBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=504.463, imageryFetch;dur=49.950, imageryProcess;dur=453.964;desc="image", cfRequestDuration;dur=15.000105
server: cloudflare
cf-ray: 791253eb2bd3fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1674999082.dop223.sk1.t,1674999082.cds219.sk1.hn,1674999082.cds210.sk1.c
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/files/bad-no_colour_digital_130x.png?v=1621557801
200 OK 2.4 kB URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/files/bad-no_colour_digital_130x.png?v=1621557801
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ISO Media, AVIF Image\012- data
Hash 78c9ace3b33f9ac81b34acf5e1f4b515
68fb1f2235a2a9977bc3a4abe6d6e27ca0dfe10e
569a3a4b6de7c0bc2b1ab8f7f8a496616cecf452d99ee32d0fffe7791f5d120d
GET /s/files/1/0562/4260/2183/files/bad-no_colour_digital_130x.png?v=1621557801 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: image/avif
content-length: 2395
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/files/bad-no_colour_digital_130x.png>; rel="canonical"
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: aa06ded8-da0e-42af-b0ee-915b9e101159
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Mon, 26 Sep 2022 14:59:57 GMT
cf-cache-status: HIT
age: 10794685
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0%2F0GXH2%2FQiH2wgGs0W1HDd7CtjvC5FuQL2RON9P3UndIy7V3enyTpIFQHnGCBV1duy0LT%2Fc2whGcjoQHr%2BH3U4C7OreDDMqz6FCktP%2F2Maz01O0oOC0VR6bwZP4F9RJAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=156.060, imageryFetch;dur=63.552, imageryProcess;dur=91.586;desc="image", cfRequestDuration;dur=26.000261
server: cloudflare
cf-ray: 791253eb0bb4fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e36cdf53f8344e122029dec83c1c563
4bb2c27c3fd73ef71edd758900f32a8a2b2df6d4
d0fc4b3b83471b22ea646cccaf267aaaa75554d4e79b8d751aba43d30104b4e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D0FC4B3B83471B22EA646CCCAF267AAAA75554D4E79B8D751ABA43D30104B4E3"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4588
Expires: Sun, 29 Jan 2023 14:47:50 GMT
Date: Sun, 29 Jan 2023 13:31:22 GMT
Connection: keep-alive
assets.findify.io/bad-no.myshopify.com.min.js
200 OK 3.0 kB URL HTTP/1.1 assets.findify.io/bad-no.myshopify.com.min.js
IP
File type ASCII text, with very long lines (6960), with no line terminators
Hash 0eb0cca07b027ec17e1ececadc01764a
7e4e431fec3ede47fcbcaa3b5ceaa98d7f26190d
366ce504a61c20e8580eb6e177fdea1ca037be2811b90411766fa70ee9f86e52
GET /bad-no.myshopify.com.min.js HTTP/1.1
Host: assets.findify.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 3023
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 14:02:45 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 29 Jan 2023 13:30:04 GMT
Cache-Control: max-age=180
ETag: "0eb0cca07b027ec17e1ececadc01764a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uRjSWLNOtbh0zUVvzw9ogqh-3cVKGVmnM0qDTJsGZuxpyeH069jLAA==
Age: 90
cdn.shopify.com/s/files/1/0562/4260/2183/files/dansani-moon-rammespeil-led-o75-90cm-dansani-baderomsspeil-33525587771591_1800x1800_906a2188-a15f-420f-a342-56b597457d07_300x.webp?v=1665157183
200 OK 7.8 kB URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/files/dansani-moon-rammespeil-led-o75-90cm-dansani-baderomsspeil-33525587771591_1800x1800_906a2188-a15f-420f-a342-56b597457d07_300x.webp?v=1665157183
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ISO Media, AVIF Image\012- data
Hash 252cf17e1109de99bdbfd72bd8bd11dd
396a262a48fdc0620cd74378f4d35f13df2c69d9
b9a089aa85a07160b9a5ef1453e12587c50b6e3f01cb264104a1e769fc0f5e3a
GET /s/files/1/0562/4260/2183/files/dansani-moon-rammespeil-led-o75-90cm-dansani-baderomsspeil-33525587771591_1800x1800_906a2188-a15f-420f-a342-56b597457d07_300x.webp?v=1665157183 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: image/avif
content-length: 7764
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/files/dansani-moon-rammespeil-led-o75-90cm-dansani-baderomsspeil-33525587771591_1800x1800_906a2188-a15f-420f-a342-56b597457d07_300x.webp>; rel="canonical"
source-length: 48430
source-type: image/webp
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 94e7014f-fb55-4d91-89d5-788dde980a3c
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Fri, 07 Oct 2022 15:39:45 GMT
cf-cache-status: HIT
age: 9841897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMVL%2BkvVIWzUVnfgQUz6%2B832GV1f%2FBCvDcRFC4GUkXWhrK8ClLqgaZJEJAGMCEXSwPUEUIBrj%2BiDnu87erKYjkfmpBu6Q%2F0A%2FrZd6yRaJNNsA%2BLsl06izN6BoqgLk84Tew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=677.579, imageryFetch;dur=23.955, imageryProcess;dur=650.813;desc="image", cfRequestDuration;dur=40.999889
server: cloudflare
cf-ray: 791253eb1bbefac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/hs-script-loader.min.js?v=24912448706018637961668672592
200 OK 26 kB URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/hs-script-loader.min.js?v=24912448706018637961668672592
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (2315), with no line terminators
Hash 9c734ed9ad286a546b124490dff2488d
0b8e960532142d0d3c12622c3f328dd6b54b6b49
bfcc23d9dfd50aef7fa0f1133a48466d4e20d7673f1914aef823166036baaf56
GET /s/files/1/0562/4260/2183/t/129/assets/hs-script-loader.min.js?v=24912448706018637961668672592 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/hs-script-loader.min.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: bc14b7d9-1320-4c50-9a04-bc10279bf947
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Thu, 17 Nov 2022 08:10:00 GMT
cf-cache-status: HIT
age: 6315523
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uM2lnm7WDnjsN1p5InMFJ%2F2ZEvX4ifdkdAFBqHJMVEVXMZtlBTrcO9wB3DCnetCr8FQjz%2BrlZFhspwboQIdGsGvazquvzuDbo6Dg7d9FM8%2BezhPmtRWAM3sMA5arvsQFeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=52.463, imageryFetch;dur=52.280, cfRequestDuration;dur=19.999981
server: cloudflare
cf-ray: 791253eb2bd7fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/featherlight.min.js?v=89276217318062145391668672592
200 OK 4.0 kB URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/featherlight.min.js?v=89276217318062145391668672592
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (560)
Hash 2cd26ec6bff48153225348bbd1e3776d
5327900ce1c09f8bfe7ecdb27c18f2e8c29eaf92
a9826ac31cdcf1a06d03062db6e7b00348c6ebaf99abc4ccd801ba807ee8805f
GET /s/files/1/0562/4260/2183/t/129/assets/featherlight.min.js?v=89276217318062145391668672592 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/featherlight.min.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 0a00d4ff-5a0d-407c-a059-5f5d8b00f250
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Thu, 17 Nov 2022 08:10:00 GMT
cf-cache-status: HIT
age: 6315523
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dqz9HPlkUlauj8oFBnAtk7fyD02%2FUoRbqlXdhnzta%2F7Ja6wsuFY9bYrDfNT8bP%2BKg4q2gTzHKx5cnYVGO7zgnbb1v4IQZ6xXuciEwAeLCFJjEnn8OZOEjauvF%2FzX1rUXpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=70.960, imageryFetch;dur=70.789, cfRequestDuration;dur=19.999981
server: cloudflare
cf-ray: 791253eb0badfac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
consent.cookiebot.com/uc.js
200 OK 32 kB URL HTTP/2 consent.cookiebot.com/uc.js
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Hash ca644678e367fcf964fc01f3a24169aa
a526eb8a30c057085dafe6fa23933c27ec9d9a6d
4c88b848076a643a03a0ef09d8407497845b890c5cae1de62025e79248f2168e
GET /uc.js HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 10:39:43 GMT
accept-ranges: bytes
etag: "f51f6bffcd33d91:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 32026
cache-control: public, max-age=727
expires: Sun, 29 Jan 2023 13:43:29 GMT
date: Sun, 29 Jan 2023 13:31:22 GMT
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/theme.js?v=146810202513987840721668678588
200 OK 70 kB URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/theme.js?v=146810202513987840721668678588
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 985e0100526dd1d40c785e7ab443d266
05a8204f6b80bdc88f1571100fd3c23ed691dfb5
2f105a4fea1b9f27fdd4daffaccc0e318580e963878a508660c5cd63abca7505
GET /s/files/1/0562/4260/2183/t/129/assets/theme.js?v=146810202513987840721668678588 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/theme.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 29ff54d6-6644-486b-9450-460f85bf7aff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-central1
last-modified: Thu, 17 Nov 2022 09:49:59 GMT
cf-cache-status: HIT
age: 6315523
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVsey8azGjzCcQxCC6hDVtDxDdEM16Fpv0xjWfsDdGfDfxRMV2fm%2BXZ4aXdDmCkrEr9nIu%2FrBmrryE7s3f2yU1FoZsmWXZZiK6XQyM0o3mjWegGGsQ2I1T6S76nvlOhKvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=64.273, imageryFetch;dur=49.912, cfRequestDuration;dur=21.000147
server: cloudflare
cf-ray: 791253eb2bd4fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/klaviyo.js?company_id=TkYJiE
200 OK 918 B URL HTTP/2 static.klaviyo.com/onsite/js/klaviyo.js?company_id=TkYJiE
IP
File type ASCII text, with very long lines (2028)
Hash f7e531d2bca8376e53b7f7232cd9e135
52cffa4075170b281e6b5b5ab3cfd36c3cd81fcc
7e3c4dadea67eaebe02da391e94dffc55624a45b7641c5c13ade3843515630c4
GET /onsite/js/klaviyo.js?company_id=TkYJiE HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers:
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
allow: OPTIONS, GET
cache-control: max-age=1, stale-while-revalidate=10800
content-encoding: gzip
content-type: application/javascript
etag: W/"26f5d45fa956d6d69163f9375bdc789a"
server: nginx
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 13:31:22 GMT
age: 144037
x-served-by: cache-lga21939-LGA, cache-bma1630-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 5
x-timer: S1674999083.850743,VS0,VE0
vary: Accept-Encoding
content-length: 918
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash c3fa8c0d3d9045fff6a6da164946a6b2
3f49c2ca05a7a78f25950345231980b544a790e1
82258db78bc0594ae354753c0933d4defdd28c88d5f134635b888f3ca68d2f72
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6347
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:31:22 GMT
Last-Modified: Sun, 29 Jan 2023 11:45:35 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/hs-instantload.min.js?v=123053109237140306481668672592
200 OK 1.5 kB URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/hs-instantload.min.js?v=123053109237140306481668672592
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (516)
Hash 00b99ccd3681e529fee4ef6fc125b3f7
becd1bbd49f6b963077ef2e1c84bf9d1397d8bc7
9d7b6e2718e9f47d1b083bb71d7b4cea2f4afb18bb74f06c9d68bffa86402479
GET /s/files/1/0562/4260/2183/t/129/assets/hs-instantload.min.js?v=123053109237140306481668672592 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/hs-instantload.min.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 40530bd2-5393-4fd2-ad20-c29e495c0113
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Thu, 17 Nov 2022 08:10:00 GMT
cf-cache-status: HIT
age: 6315523
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbYvs4bpoC%2F4B9%2BQTn8P1zHolZkuR%2F8Fp0NwvjyQ3ibychP%2F6JG1a3tXGmqXOtMl%2BJ%2FXCGX7GzvbRbmfUOxs5F8WfE4JD1XVUSGhpPLECtEkAasCg2CTghi05Pis8uDKKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=79.951, imageryFetch;dur=79.742, cfRequestDuration;dur=16.999960
server: cloudflare
cf-ray: 791253ebac2cfac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/hyperspeed.css?v=157208600979694062561668672592
200 OK 24 kB URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/hyperspeed.css?v=157208600979694062561668672592
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 232ea4aa61282834943cddf407f2a3da
1eac9c780dd10ac15d162d49bb157e638a86eab1
488e1a854448751405522c145607bac2a59d018a3ac2dd5c394e5d7c02b0176b
GET /s/files/1/0562/4260/2183/t/129/assets/hyperspeed.css?v=157208600979694062561668672592 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/hyperspeed.css>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: d9323b95-25c9-468e-990e-43d06ad70f73
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-east1
last-modified: Thu, 17 Nov 2022 08:10:00 GMT
cf-cache-status: HIT
age: 6315523
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mo6o9tr%2Bc43zml9TrNdDie%2FcKQY1NVbmgixPA0WDRwujMmu%2BQzcm%2F2DyzEmHujmLPXptb1d1yl3aAD7iXaPVAPtuSZqalZlXDPbKKoTme5EmB8ac1nqAlXltNR41DS0vBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=104.323, imageryFetch;dur=103.531, cfRequestDuration;dur=14.999866
server: cloudflare
cf-ray: 791253eb0baffac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/hs-image-change.min.js?v=123996040035663695621668672592
200 OK 958 B URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/hs-image-change.min.js?v=123996040035663695621668672592
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (440)
Hash e4771cef8aa5098cc831a2e50eb601be
3d7902e56edf9c5f3792c5eab74be1718ae97c29
39ed281004fba7a2a594fe46acc58c4aeed3e833700fd00dc7a6234d3b913690
GET /s/files/1/0562/4260/2183/t/129/assets/hs-image-change.min.js?v=123996040035663695621668672592 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/hs-image-change.min.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 32dbdee3-325e-4c6d-8d91-3a0071ded4e9
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-central1
last-modified: Thu, 17 Nov 2022 08:10:00 GMT
cf-cache-status: HIT
age: 6315523
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5lkhNLevr2LJgS%2FB6TEkayH2OFlgG2CDXrShR3rlTxgf%2BxSs7suwcqSnvoALEDR%2BM%2FulbV8wpkgQBdYSXztI4LOTlMxxGn0FouwLrweTSzVbdYjOhALG8FkzLztWGeY4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=96.149, imageryFetch;dur=95.971, cfRequestDuration;dur=11.999846
server: cloudflare
cf-ray: 791253eb9c25fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/theme.css?v=91945453630679138731674757184
200 OK 50 kB URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/theme.css?v=91945453630679138731674757184
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (65456)
Hash 272db4d8b16e3e20fcc1d28e8b863cc3
545b5ffbf44f3ca9f4c00a910e314026cf319da2
aa49cd1f762baf592317687dfc48ca5fce54cf4423eb1e96e3916244cef74d5c
GET /s/files/1/0562/4260/2183/t/129/assets/theme.css?v=91945453630679138731674757184 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/css
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/theme.css>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: ffea3fcc-41c6-45ea-bb52-c9636a227a13
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
last-modified: Thu, 26 Jan 2023 18:19:49 GMT
cf-cache-status: HIT
age: 241893
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2Bf9Dy96CXTtRYYy4s118ZDMdTrVc1%2FtMKRf4B5bkJldm1al1R2p8fuwiXXdBEB2UMNhYVQDyhnu6CnjwDkI9cUy6jdLXWerVK21fqGvucR6ChPP9tFuHCAvJ%2FjzRNz03A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=418.562, imageryFetch;dur=405.505, cfRequestDuration;dur=105.000019
server: cloudflare
cf-ray: 791253eb0b9dfac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 60e07f7e53adcff2a5edf0266d4e14c8
cfb493bfa5804b0067cbeed75adfb84ed5f20984
bac418edcfe3d7055938e3583cd0ae9c769025d4bdb51493a97d20aaae239a99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BAC418EDCFE3D7055938E3583CD0AE9C769025D4BDB51493A97D20AAAE239A99"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12477
Expires: Sun, 29 Jan 2023 16:59:20 GMT
Date: Sun, 29 Jan 2023 13:31:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 60e07f7e53adcff2a5edf0266d4e14c8
cfb493bfa5804b0067cbeed75adfb84ed5f20984
bac418edcfe3d7055938e3583cd0ae9c769025d4bdb51493a97d20aaae239a99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BAC418EDCFE3D7055938E3583CD0AE9C769025D4BDB51493A97D20AAAE239A99"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12477
Expires: Sun, 29 Jan 2023 16:59:20 GMT
Date: Sun, 29 Jan 2023 13:31:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 60e07f7e53adcff2a5edf0266d4e14c8
cfb493bfa5804b0067cbeed75adfb84ed5f20984
bac418edcfe3d7055938e3583cd0ae9c769025d4bdb51493a97d20aaae239a99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BAC418EDCFE3D7055938E3583CD0AE9C769025D4BDB51493A97D20AAAE239A99"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12477
Expires: Sun, 29 Jan 2023 16:59:20 GMT
Date: Sun, 29 Jan 2023 13:31:23 GMT
Connection: keep-alive
fonts.shopifycdn.com/lato/lato_n4.c86cddcf8b15d564761aaa71b6201ea326f3648b.woff2?h1=YmFkLm5v&h2=YmFkLW5vLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=cd715afe19dbff900f77627057a518e4a5838d510f26de8fee5a24c851aa540c
200 OK 42 kB URL HTTP/2 fonts.shopifycdn.com/lato/lato_n4.c86cddcf8b15d564761aaa71b6201ea326f3648b.woff2?h1=YmFkLm5v&h2=YmFkLW5vLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=cd715afe19dbff900f77627057a518e4a5838d510f26de8fee5a24c851aa540c
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 42156, version 2.983\012- data
Hash 13a15a60521ed0a8a9b2dac5ec2f79dd
c86cddcf8b15d564761aaa71b6201ea326f3648b
575c97668d79c41ce6dbc1bf6d1c7fa0c5920725a1cd691aa5e11410f892f18b
GET /lato/lato_n4.c86cddcf8b15d564761aaa71b6201ea326f3648b.woff2?h1=YmFkLm5v&h2=YmFkLW5vLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=cd715afe19dbff900f77627057a518e4a5838d510f26de8fee5a24c851aa540c HTTP/1.1
Host: fonts.shopifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:23 GMT
content-type: font/woff2
content-length: 42156
cf-ray: 791253ed1940b529-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 499893
cache-control: max-age=2629800, immutable
last-modified: Mon, 23 Jan 2023 18:39:45 GMT
link: <https://imagery4-fonts.shopifysvc.com/premium-fonts/lato/lato_n4.c86cddcf8b15d564761aaa71b6201ea326f3648b.woff2>; rel="canonical"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
timing-allow-origin: *
x-content-type-options: nosniff
x-dc: gcp-us-east1,gcp-us-east1
x-request-id: def7c5c9-671b-45cb-8bc0-7e916616ba92
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7Xz5VvCLhuB5Pmt0karObKvwv3kBtSc2fbjP3hZt%2FwwxL0n4HVJvQS6ofzN41PtC%2FMnQLsVyolhn%2BG%2BrtuYOxrsDRNmdVuyvpY6NdB4r6lSN4NSYO2%2BU9n3LeIVaAf1k2Slv%2FOB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=68.531, imageryFetch;dur=68.159, cfRequestDuration;dur=13.000011, cfRequestDuration;dur=27.000189
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.shopifycdn.com/merriweather_sans/merriweathersans_n4.cc01d4aa464d6f29e336ecf474c9a9ea829e3c5d.woff2?h1=YmFkLm5v&h2=YmFkLW5vLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=c3b0aaaa98208006751ff2d51452c445f373f255fb0befb625a5af2534367a20
200 OK 22 kB URL HTTP/2 fonts.shopifycdn.com/merriweather_sans/merriweathersans_n4.cc01d4aa464d6f29e336ecf474c9a9ea829e3c5d.woff2?h1=YmFkLm5v&h2=YmFkLW5vLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=c3b0aaaa98208006751ff2d51452c445f373f255fb0befb625a5af2534367a20
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 21836, version 1.393\012- data
Hash 6b63666ef406476cb43a969d3dc52e9e
cc01d4aa464d6f29e336ecf474c9a9ea829e3c5d
0945403936602a4e6185d6dbee1d775cab168399ed7f767eb1a817cfbc644f99
GET /merriweather_sans/merriweathersans_n4.cc01d4aa464d6f29e336ecf474c9a9ea829e3c5d.woff2?h1=YmFkLm5v&h2=YmFkLW5vLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=c3b0aaaa98208006751ff2d51452c445f373f255fb0befb625a5af2534367a20 HTTP/1.1
Host: fonts.shopifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:23 GMT
content-type: font/woff2
content-length: 21836
cf-ray: 791253ed294ab529-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 499861
cache-control: max-age=2629800, immutable
last-modified: Mon, 23 Jan 2023 18:39:54 GMT
link: <https://imagery4-fonts.shopifysvc.com/premium-fonts/merriweather_sans/merriweathersans_n4.cc01d4aa464d6f29e336ecf474c9a9ea829e3c5d.woff2>; rel="canonical"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
timing-allow-origin: *
x-content-type-options: nosniff
x-dc: gcp-us-east1,gcp-us-central1
x-request-id: b420868c-1752-414d-82c8-877f6df896d1
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJI5TUiaF1aPFZr9xCT%2F9FCmMtK87A%2FPNkPDYGtjzAqU7kPXOfOdzBFOG9yHRAvkU1XEm6Wt%2F8IznXitpzswWq65q6vvMDVz5LfWG0xLvoY1G%2BzSxieDZktvu0uivIuGL2rKWYv%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=79.759, imageryFetch;dur=79.324, cfRequestDuration;dur=14.000177, cfRequestDuration;dur=23.999929
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.shopifycdn.com/lato/lato_n6.8f129fde40f203553b1c63523c8c34e59550404e.woff2?h1=YmFkLm5v&h2=YmFkLW5vLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=29f19a8ae3d6a4eed3a27d5211bd461bcd7efc43f316af662801d99e5be1ad72
200 OK 42 kB URL HTTP/2 fonts.shopifycdn.com/lato/lato_n6.8f129fde40f203553b1c63523c8c34e59550404e.woff2?h1=YmFkLm5v&h2=YmFkLW5vLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=29f19a8ae3d6a4eed3a27d5211bd461bcd7efc43f316af662801d99e5be1ad72
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 42472, version 2.983\012- data
Hash 23c590149893be890341ca3b493a8199
8f129fde40f203553b1c63523c8c34e59550404e
7377f22fc16de5a4b202a5c3ce05693f4f35e665e846d9e258e23a57a5637497
GET /lato/lato_n6.8f129fde40f203553b1c63523c8c34e59550404e.woff2?h1=YmFkLm5v&h2=YmFkLW5vLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=29f19a8ae3d6a4eed3a27d5211bd461bcd7efc43f316af662801d99e5be1ad72 HTTP/1.1
Host: fonts.shopifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:23 GMT
content-type: font/woff2
content-length: 42472
cf-ray: 791253ed193cb529-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 499863
cache-control: max-age=2629800, immutable
last-modified: Mon, 23 Jan 2023 18:39:51 GMT
link: <https://imagery4-fonts.shopifysvc.com/premium-fonts/lato/lato_n6.8f129fde40f203553b1c63523c8c34e59550404e.woff2>; rel="canonical"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
timing-allow-origin: *
x-content-type-options: nosniff
x-dc: gcp-us-east1,gcp-us-east1
x-request-id: 69f76169-001e-4987-9ab8-8c0449e547cd
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1jSXbq5yy%2Bh8Guj2pJiEnthXkmy0xnNGQUg4lxr18gpmupWoffLq8wgHA13Elto2cdz%2B2aQ8c0KDhRbaesDaZeTarEa0uGkrUP6PdWEgnYcgNbtocVDcGnLH8vM5P4iIQYOGWpJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=252.070, imageryFetch;dur=110.279, cfRequestDuration;dur=18.000126, cfRequestDuration;dur=69.000244
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap
200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap
IP
Hash 2e66860ec40f560131db2d0e9bbc2a8c
196c696af5798e761082a7016f63145905f2212d
7feb7d6fa3b80ce2d2799b5c2aac6c97696310404499e48a41ec5090f6986b35
GET /css?family=Open+Sans:400,600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 13:31:23 GMT
date: Sun, 29 Jan 2023 13:31:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn1.stamped.io/files/widget.min.css
200 OK 18 kB URL HTTP/2 cdn1.stamped.io/files/widget.min.css
IP
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 90f1f3b3ed37660bff524e1e466383c0
25f1e6af687f8bc44f97da392543de2bb3d5f0fe
8c882d175b02e3c5d6bf1a0d78a4439044829782a8fddc83d5a6244c2534cdf8
GET /files/widget.min.css HTTP/1.1
Host: cdn1.stamped.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Sun, 29 Jan 2023 08:36:03 GMT
last-modified: Fri, 04 Nov 2022 20:16:27 GMT
etag: W/"0fdeea644ebb2ea2925ccd832a012781"
x-amz-version-id: b4zwcVZRKVuoR6xqStufAj8XKFq7TrBk
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N1UX7nss-vNLUyZRTZdFjPVeZMWlqRe8FF4lY58ElcsF1fIZabUeTQ==
age: 17721
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ss.bad.no/gtm.js?id=GTM-T3ZKGNN
200 OK 108 kB URL HTTP/2 ss.bad.no/gtm.js?id=GTM-T3ZKGNN
IP
File type ASCII text, with very long lines (36276)
Size 108 kB (107954 bytes)
Hash fbdb31dc0e05fc310193d8195200f5c2
8cbb114e34746c10a84119035758ca2e95eea69d
9c596e872bfac965ae34aabfea3de5eb7b51d4c31d59eac566803adb06902d51
GET /gtm.js?id=GTM-T3ZKGNN HTTP/1.1
Host: ss.bad.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22NO%22%2C%22sale_of_data_region%22%3Afalse%7D; _tracking_consent=%7B%22lim%22%3A%5B%22GDPR_BLOCK_ALL%22%5D%2C%22region%22%3A%22NO%22%2C%22reg%22%3A%22GDPR%22%2C%22con%22%3A%7B%22CMP%22%3A%7B%22m%22%3A%22%22%2C%22a%22%3A%22%22%2C%22s%22%3A%22%22%2C%22p%22%3A%22%22%7D%7D%2C%22v%22%3A%222.1%22%7D; _orig_referrer=https%3A%2F%2Fr.srvtrck.com%2F; _landing_page=%2F%3Futm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_255978; _y=c0cf9a97-cbd8-4343-bea9-4036cc04ada4; _s=badd8535-9d94-4e10-b685-0972058bf0d2; _shopify_y=c0cf9a97-cbd8-4343-bea9-4036cc04ada4; _shopify_s=badd8535-9d94-4e10-b685-0972058bf0d2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=900
expires: Sun, 29 Jan 2023 13:46:00 GMT
last-modified: Sun, 29 Jan 2023 12:00:00 GMT
content-encoding: gzip
x-cloud-trace-context: 577da716db1503edd23dfc740f2b2c4e;o=1
date: Sun, 29 Jan 2023 13:31:23 GMT
server: Google Frontend
content-length: 107954
X-Firefox-Spdy: h2
fonts.shopifycdn.com/merriweather_sans/merriweathersans_n4.5ee6904e9c6d28696a9f52c4880d425da0229a95.woff?h1=YmFkLm5v&h2=YmFkLW5vLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=cf19a29d75f8facf884a22d0faee5c2b5150932889d3487f58e10fd126352110
200 OK 22 kB URL HTTP/2 fonts.shopifycdn.com/merriweather_sans/merriweathersans_n4.5ee6904e9c6d28696a9f52c4880d425da0229a95.woff?h1=YmFkLm5v&h2=YmFkLW5vLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=cf19a29d75f8facf884a22d0faee5c2b5150932889d3487f58e10fd126352110
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 21912, version 1.0\012- data
Hash 5aaeb9a49567aaf57b49d5332c0465ef
f33251ae6e437332509e0c3f42258fe64e58b638
281c90b29264d18dd646776a2a591bad918ba3b3a84d473448fb89c420d23656
GET /merriweather_sans/merriweathersans_n4.5ee6904e9c6d28696a9f52c4880d425da0229a95.woff?h1=YmFkLm5v&h2=YmFkLW5vLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=cf19a29d75f8facf884a22d0faee5c2b5150932889d3487f58e10fd126352110 HTTP/1.1
Host: fonts.shopifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:23 GMT
content-type: font/woff2
content-length: 21912
cf-ray: 791253f01d0ab529-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 485537
cache-control: max-age=2629800, immutable
last-modified: Mon, 23 Jan 2023 19:23:15 GMT
link: <https://imagery4-fonts.shopifysvc.com/premium-fonts/merriweather_sans/merriweathersans_n4.5ee6904e9c6d28696a9f52c4880d425da0229a95.woff>; rel="canonical"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
timing-allow-origin: *
x-content-type-options: nosniff
x-dc: gcp-us-east1,gcp-us-central1
x-request-id: 24e4a32c-610d-4ded-b97e-8b2da6f1e364
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dm%2FWwALcIdNZmOHeMEDrRvaWj8aKkyGiCxjvzCTiyyUuiBjzjVmPz7yMLAnIZoibKVhc9PRB%2Fi7dbmCffW0You0cE4ma2JlAcMoWFYxfMzqnAfC1R0dox36nyYh%2BvwC65BcGxn6r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=225.751, imageryFetch;dur=59.195, imageryProcess;dur=166.215;desc="font", cfRequestDuration;dur=7.999897, cfRequestDuration;dur=19.000053
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.findify.io/v4/6d54af32-6d89-4fbe-ad31-c38cc6337bba/feedback
200 OK 0 B URL HTTP/2 api.findify.io/v4/6d54af32-6d89-4fbe-ad31-c38cc6337bba/feedback
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v4/6d54af32-6d89-4fbe-ad31-c38cc6337bba/feedback HTTP/1.1
Host: api.findify.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 167
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-headers: Content-type,Accept,x-key
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
date: Sun, 29 Jan 2023 13:31:23 GMT
expires: 0
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IApqbq1xX4PAPLwNoRNBvAXcXHz1VmU-K51TZofGQvzQGwvqbXor0A==
X-Firefox-Spdy: h2
api.findify.io/v4/6d54af32-6d89-4fbe-ad31-c38cc6337bba/feedback
200 OK 0 B URL HTTP/2 api.findify.io/v4/6d54af32-6d89-4fbe-ad31-c38cc6337bba/feedback
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v4/6d54af32-6d89-4fbe-ad31-c38cc6337bba/feedback HTTP/1.1
Host: api.findify.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 301
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-headers: Content-type,Accept,x-key
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
date: Sun, 29 Jan 2023 13:31:23 GMT
expires: 0
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Yop2fCZd-a-w7PhapXtyRTSxtXJn99Zfm7FEFHB5lSNpVMvesn9-wQ==
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/vendor-scripts-v2.js
200 OK 54 kB URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/vendor-scripts-v2.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (20229)
Hash 5378d9d635e3b92b7af6d55e46c38350
fef6f280bff3c12519cdae896ad3cbdb6285706b
19f43f2852ae8a736e08e63241ac97127a79134b92decc7ee8a138664f978310
GET /s/files/1/0562/4260/2183/t/129/assets/vendor-scripts-v2.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/vendor-scripts-v2.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: bc147ba3-5f42-41f1-990a-d3547812bb7a
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-central1
last-modified: Thu, 17 Nov 2022 08:10:00 GMT
cf-cache-status: HIT
age: 6315523
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZE8WWVAjAT06JX18CNooPa3tO4wKyimzYytaCbz7uWM%2FIlj%2FKb7vZ58BebggnCgg307pZ8bNy1bTuEdgG4F7dAgk3KCZGsuAZzmZaTZWPetFKOZFl0vjm%2F4T2ZsKLTFBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=83.639, imageryFetch;dur=61.700, cfRequestDuration;dur=15.000105
server: cloudflare
cf-ray: 791253eb0ba4fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
200 OK 27 kB URL HTTP/2 sc-static.net/scevent.min.js
IP
Hash cd88b1ed1c5d65303ecbf1f14432ec87
ff33451238a30b4e4a0b2ca2b9b8b1f771640e2a
3b81a2153d919d22925ed09aeb33dc8c97b16aa4be0bf1b356054900d01896c4
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13270
server: CloudFront
date: Sun, 29 Jan 2023 13:31:24 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Mon, 30 Jan 2023 12:48:47 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SC2i_pZrMSRhrZXt4ZQA9TW75rCL-NQbDTyQCar7Xsy3PcFO5WlOxw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 90fc19b6c12c9395d1e55846673de4cd
97acdf5d3bf0979191f219986f9779e27a1c57f2
e2e4e3c21e21820afde95ca46571f18fe065b4fca5c28e76279be60eefd39f61
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5671
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:31:24 GMT
Last-Modified: Sun, 29 Jan 2023 11:56:53 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 90fc19b6c12c9395d1e55846673de4cd
97acdf5d3bf0979191f219986f9779e27a1c57f2
e2e4e3c21e21820afde95ca46571f18fe065b4fca5c28e76279be60eefd39f61
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5671
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:31:24 GMT
Last-Modified: Sun, 29 Jan 2023 11:56:53 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
tr.snapchat.com/p
200 OK 68 B IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 442
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:24 GMT
access-control-allow-origin: https://bad.no
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIRAls55gFr+B427uRES7T6bIAZNBrU9FxU5vdM54VJBdi1gesuCHbMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 6
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.findify.io/v4/6d54af32-6d89-4fbe-ad31-c38cc6337bba/autocomplete
200 OK 0 B URL HTTP/2 api.findify.io/v4/6d54af32-6d89-4fbe-ad31-c38cc6337bba/autocomplete
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v4/6d54af32-6d89-4fbe-ad31-c38cc6337bba/autocomplete HTTP/1.1
Host: api.findify.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://bad.no/
Origin: https://bad.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-headers: Content-type,Accept,x-key
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
date: Sun, 29 Jan 2023 13:31:24 GMT
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Xfft9wKVu_saUGwsElKPRoZcQiqIpEHBSjbLNkXhfGoia9lmVokrMA==
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCOTH4RC77U1U965D7T0&lib=ttq
200 OK 1.2 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCOTH4RC77U1U965D7T0&lib=ttq
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2333)
Hash 198c187688b4ab66465240ed1b4b1bbf
b422161dfa05c37ed9f9c2200379f1968d0be98f
48e905632a651648aade3070f991d6b32716e57bb5fc6652cf50751bd47b80e5
GET /i18n/pixel/events.js?sdkid=CCOTH4RC77U1U965D7T0&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202301291331241A7D88B3CD090B3EE83D
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60787dee798e7afc9c5500f386c65d6ca16458a24033907edfae8dffe320fe2ad54601ec0aa0e63684cf0418b3f23079ddb4f19e24bf8621d98f0d45b61439cea8ff9baccf7dba0001a2208457439fca0d
content-encoding: gzip
expires: Sun, 29 Jan 2023 13:31:24 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 29 Jan 2023 13:31:24 GMT
content-length: 1153
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2L0DPkMr2EXVodz43yvBwWzMLpi; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=100
x-origin-response-time: 100,23.36.79.28
x-akamai-request-id: 505d202c
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMg.js
200 OK 69 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMg.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 74c3f327c4b3002fde5ef788129d6245
f99cd82f3208a2750f5be61301719411d3456ea0
c56110fcf0f726745765a3708a795b832279b24811675e6d757a8d84c3a4b144
GET /i18n/pixel/static/main.MWE2YWY2YTgzMg.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Cookie: _ttp=2L0DPkMr2EXVodz43yvBwWzMLpi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825CE9047AAB28A1A92E1C9
x-tt-trace-host: 012b38305f60bfa8a9f04bdd846fde846b507e69fff233d9a114d447ebe9f93c0f0d03b7468ad8b1cb3b9a087e8ba0c9271348d0471c1aab4c6b5f4ed91206a643c3d77d2de7d14e7830204a6ea5a19be4f4e8a330ae4e711c3e2cbdf6ca25d12c
content-encoding: gzip
date: Sun, 29 Jan 2023 13:31:24 GMT
content-length: 68835
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 505d210a
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 85bd96a56a6a7f09e3e7dadc7980152e
37590c595abeb315046a293a9e53632ae2128ac4
c27be18eef006f48310fb2b0c456d6bcb1f3b0298dcb6e580724923323cb48a7
GET /i18n/pixel/static/identify_c4832.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Cookie: _ttp=2L0DPkMr2EXVodz43yvBwWzMLpi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825D19F86481431D6BBCCFF
x-tt-trace-host: 012b38305f60bfa8a9f04bdd846fde846b507e69fff233d9a114d447ebe9f93c0f827e6bc0806bd5a24cf0439744099e1e4bba0637571d8edb56c6009f69fe5018b8e38bd5b93708ee64c377fa97874d18ceefbea8a477a7fa2bec40c3b56c69b1
content-encoding: gzip
date: Sun, 29 Jan 2023 13:31:24 GMT
content-length: 30917
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 505d21aa
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 904
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Cookie: _ttp=2L0DPkMr2EXVodz43yvBwWzMLpi
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202301291331242A1FACE8AA7507591BED
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebd8b3f0fccf145bbb0d905d2f37963d110bb168d705e438c7a991230a004054f1f7529deb19844ca93f28986fb0f9a27e93df57d73c3a145d83850b47d6477516e0cf3ed45b7776063acf50ff50656014
x-origin-response-time: 27,23.218.223.22
x-akamai-request-id: 12d386.505d21bc
expires: Sun, 29 Jan 2023 13:31:24 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 29 Jan 2023 13:31:24 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-218-223-22.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=27, inner; dur=24
x-parent-response-time: 125,23.36.79.28
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 59249fdc4af703d04da1a32985e61165
0c1ce0297f5118bafe0a8645476c29bd2412aa84
2b991f44e6a7be668fef44c6dff206ed2de53367da3bf86175b491b525bde93c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=89657
Date: Sun, 29 Jan 2023 13:31:24 GMT
Etag: "63d51c73-1d7"
Expires: Mon, 30 Jan 2023 14:25:41 GMT
Last-Modified: Sat, 28 Jan 2023 13:00:35 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FH91tDb8OvR8nCCZej1wktQbvbRO5o_pCcM8A9vddxr7HghwSk2GOQ==
Age: 5106
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 59249fdc4af703d04da1a32985e61165
0c1ce0297f5118bafe0a8645476c29bd2412aa84
2b991f44e6a7be668fef44c6dff206ed2de53367da3bf86175b491b525bde93c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 29 Jan 2023 13:31:24 GMT
Last-Modified: Sun, 29 Jan 2023 11:42:42 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MIYAHE0kUf1i1vrWurjd0WdxMaPKxEJWE_02CcifN2l5x77z635-qQ==
Age: 6522
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 59249fdc4af703d04da1a32985e61165
0c1ce0297f5118bafe0a8645476c29bd2412aa84
2b991f44e6a7be668fef44c6dff206ed2de53367da3bf86175b491b525bde93c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90138
Date: Sun, 29 Jan 2023 13:31:24 GMT
Etag: "63d51c73-1d7"
Expires: Mon, 30 Jan 2023 14:33:42 GMT
Last-Modified: Sat, 28 Jan 2023 13:00:35 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0fydaYGrPDITr7FZmU_mnnIGyWqNPGtb-uhXyzhROELE840YVsZnFw==
Age: 5587
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 59249fdc4af703d04da1a32985e61165
0c1ce0297f5118bafe0a8645476c29bd2412aa84
2b991f44e6a7be668fef44c6dff206ed2de53367da3bf86175b491b525bde93c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=89947
Date: Sun, 29 Jan 2023 13:31:24 GMT
Etag: "63d51c73-1d7"
Expires: Mon, 30 Jan 2023 14:30:31 GMT
Last-Modified: Sat, 28 Jan 2023 13:00:35 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kUVbRNx6jW5c096Jvgj7cxY64ypvOn3kvN8YaH56kymBUhvigh3G5Q==
Age: 5396
d.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 671
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://bad.no
access-control-allow-credentials: true
date: Sun, 29 Jan 2023 13:31:24 GMT
X-Firefox-Spdy: h2
stamped.io/api/widget/reviews/batch
200 OK 0 B URL HTTP/2 stamped.io/api/widget/reviews/batch
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/widget/reviews/batch HTTP/1.1
Host: stamped.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://bad.no/
Origin: https://bad.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:25 GMT
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://bad.no
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-max-age: 300
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
stamped: S2
X-Firefox-Spdy: h2
stamped.io/api/widget/badges
200 OK 0 B URL HTTP/2 stamped.io/api/widget/badges
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/widget/badges HTTP/1.1
Host: stamped.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://bad.no/
Origin: https://bad.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:25 GMT
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-allow-headers: content-type
access-control-max-age: 7300
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
stamped: S2
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3974
Cache-Control: max-age=105492
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:31:25 GMT
Etag: "63d55ebb-1d7"
Expires: Mon, 30 Jan 2023 18:49:37 GMT
Last-Modified: Sat, 28 Jan 2023 17:43:23 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
s.pinimg.com/ct/core.js
200 OK 1.1 kB IP
File type ASCII text, with very long lines (1146), with no line terminators
Hash 91c4ea42bc7f1df938d8cd8de8d598db
ccecbe4405d83510ca1a6291c374ea8ab1da33d9
aacfea800a59766fdd3672fad8e5eba13abae2dab105014fc9214cb0c1409925
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "91c4ea42bc7f1df938d8cd8de8d598db"
content-type: application/javascript
fastly-restarts: 1
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
date: Sun, 29 Jan 2023 13:31:25 GMT
content-length: 1146
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 154c9f0e30e7743aa6f89f71a1b02088
0618a550b4b87a90dae6df8e7152fa3769ce8493
85e4649e4fde355a37963f1226444281121b7a05bae8c254dc3e2a83febd96a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6242
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:31:25 GMT
Last-Modified: Sun, 29 Jan 2023 11:47:23 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: hc7fFYVBO3iktc8aaamHM7VIiAmcD33IPlrAGunG1b0wYIMKI6BWaHUNKCJ/egIQsA1ZrZfMjihI6yug8YkLVg==
content-length: 27815
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 13:31:25 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3974
Cache-Control: max-age=105492
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:31:25 GMT
Etag: "63d55ebb-1d7"
Expires: Mon, 30 Jan 2023 18:49:37 GMT
Last-Modified: Sat, 28 Jan 2023 17:43:23 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
stamped.io/api/widget/badges
200 OK 918 B URL HTTP/2 stamped.io/api/widget/badges
IP
File type JSON data\012- , ASCII text, with very long lines (12964), with no line terminators
Hash 4bfeb921add37b49f2fbadd56843e241
d4fc04df09cfd182225ed399e348fa110d1cedc1
6156e543f76e2a25399f7124b25d3070a9f0a7b8661ff3308a137cc20775f542
POST /api/widget/badges HTTP/1.1
Host: stamped.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1941
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:25 GMT
content-type: application/json; charset=utf-8
content-length: 918
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
stamped: S2
X-Firefox-Spdy: h2
stamped.io/api/widget/reviews/batch
200 OK 16 kB URL HTTP/2 stamped.io/api/widget/reviews/batch
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65284), with no line terminators
Hash df3382a6fbecabb33fd9d39da6b5e5a5
ab4f568000e6300fea10cbda7169cad211ae05fe
581eec636687dc3fa0562b3ed85b9f6775f1bb7401dd25f0af4f8cb5e3a4de8f
POST /api/widget/reviews/batch HTTP/1.1
Host: stamped.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 211
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:25 GMT
content-type: application/json; charset=utf-8
content-length: 16264
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://bad.no
access-control-allow-credentials: true
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
stamped: S2
X-Firefox-Spdy: h2
cdn1.stamped.io/fonts/stamped-font.ttf?rkevfi
200 OK 9.5 kB URL HTTP/2 cdn1.stamped.io/fonts/stamped-font.ttf?rkevfi
IP
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, stamped-font\012- data
Hash 65f2d065c065a7b14fc738aefae5e847
036673de674703b1bccd6565ecfcc3b823f054de
b2f365310c35cf84e0ab011e82072fe91bb97f1e7a159fb7806e4f79172bec33
GET /fonts/stamped-font.ttf?rkevfi HTTP/1.1
Host: cdn1.stamped.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 9536
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Tue, 02 Aug 2022 18:16:43 GMT
x-amz-version-id: _V6WBlqz0lmBWtouLz.12uaxh7Ni128J
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Jan 2023 08:28:06 GMT
etag: "65f2d065c065a7b14fc738aefae5e847"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NQYNcgOFk7jLhY8mhYhnDIL7PfHrBvBxUSfS_e23pA_qg-UxlE6EVA==
age: 18200
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2613722543904&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1674999093063&dep=2%2CPAGE_LOAD
200 OK 372 B URL HTTP/2 ct.pinterest.com/user/?tid=2613722543904&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1674999093063&dep=2%2CPAGE_LOAD
IP
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash cb60b4bb9f692e0eccd37330432c3c88
0f850c1d37f97ea20375d7b0b3f56f80f46f7a83
68ef92e043c30a34094e4359ce99370aef1153692f0bd6fe82e0e65120978043
GET /user/?tid=2613722543904&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1674999093063&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU9XTTBPR1V5TldVdE1qTXdNQzAwTnpNMkxXSXhPVEV0TmpFd05tRXdPRFZtTnpjNQ
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://bad.no
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 372
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 2529047751971986
date: Sun, 29 Jan 2023 13:31:25 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1674999085.bb6a8d6d
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/user/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22fdb9dc5c-A157-4F2A-FFAD-9076E710E56C%22%7D&tid=2613722543904&cb=1674999093065&dep=5%2CEVENT_TAGS_ABSENT
200 OK 372 B URL HTTP/2 ct.pinterest.com/user/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22fdb9dc5c-A157-4F2A-FFAD-9076E710E56C%22%7D&tid=2613722543904&cb=1674999093065&dep=5%2CEVENT_TAGS_ABSENT
IP
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash cb60b4bb9f692e0eccd37330432c3c88
0f850c1d37f97ea20375d7b0b3f56f80f46f7a83
68ef92e043c30a34094e4359ce99370aef1153692f0bd6fe82e0e65120978043
GET /user/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22fdb9dc5c-A157-4F2A-FFAD-9076E710E56C%22%7D&tid=2613722543904&cb=1674999093065&dep=5%2CEVENT_TAGS_ABSENT HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU5XWTJOMlJsTkdJdFl6SmxOeTAwWlRreExXRmhNemt0TXpkbFlXVTNZell3TWpWag
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://bad.no
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 372
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 5665607302331395
date: Sun, 29 Jan 2023 13:31:25 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1674999085.bb6a8d75
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2613722543904&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%22c0cf9a97-cbd8-4343-bea9-4036cc04ada4%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fbad.no%2F%3Futm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_255978%22%2C%22ref%22%3A%22https%3A%2F%2Fr.srvtrck.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1674999093065
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2613722543904&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%22c0cf9a97-cbd8-4343-bea9-4036cc04ada4%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fbad.no%2F%3Futm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_255978%22%2C%22ref%22%3A%22https%3A%2F%2Fr.srvtrck.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1674999093065
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2613722543904&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%22c0cf9a97-cbd8-4343-bea9-4036cc04ada4%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fbad.no%2F%3Futm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_255978%22%2C%22ref%22%3A%22https%3A%2F%2Fr.srvtrck.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1674999093065 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 2225159175957225
date: Sun, 29 Jan 2023 13:31:25 GMT
akamai-grn: 0.274f2417.1674999085.bb6a8e23
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=353580508132580&ev=PageView&dl=https%3A%2F%2Fbad.no%2F%3Futm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_255978&rl=https%3A%2F%2Fr.srvtrck.com%2F&if=false&ts=1674999093292&sw=1280&sh=1024&v=2.9.92&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1674999093291.386137029&it=1674999092840&coo=false&dpo=LDU&dpoco=1&dpost=1000&eid=fdb9dc5c-A157-4F2A-FFAD-9076E710E56C&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=353580508132580&ev=PageView&dl=https%3A%2F%2Fbad.no%2F%3Futm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_255978&rl=https%3A%2F%2Fr.srvtrck.com%2F&if=false&ts=1674999093292&sw=1280&sh=1024&v=2.9.92&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1674999093291.386137029&it=1674999092840&coo=false&dpo=LDU&dpoco=1&dpost=1000&eid=fdb9dc5c-A157-4F2A-FFAD-9076E710E56C&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=353580508132580&ev=PageView&dl=https%3A%2F%2Fbad.no%2F%3Futm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_255978&rl=https%3A%2F%2Fr.srvtrck.com%2F&if=false&ts=1674999093292&sw=1280&sh=1024&v=2.9.92&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1674999093291.386137029&it=1674999092840&coo=false&dpo=LDU&dpoco=1&dpost=1000&eid=fdb9dc5c-A157-4F2A-FFAD-9076E710E56C&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 29 Jan 2023 13:31:25 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bad.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 499124
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ct.pinterest.com/ct.html
200 OK 323 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 6493314820081876
date: Sun, 29 Jan 2023 13:31:26 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1674999086.bb6a92a3
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 51776825f50ea2620c17313ff0b4a41a
e0c01780cb7125b56d26d36dfe3df1cfaca3d82d
83690a5df023ac80d40d43f013e8e9f7a6a92f73f7bda199e13d6d1b1ac9eb06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83690A5DF023AC80D40D43F013E8E9F7A6A92F73F7BDA199E13D6D1B1AC9EB06"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2273
Expires: Sun, 29 Jan 2023 14:09:19 GMT
Date: Sun, 29 Jan 2023 13:31:26 GMT
Connection: keep-alive
cloud.onetreeplanted.org/script.js?shop=bad-no.myshopify.com
200 OK 4.5 kB URL HTTP/1.1 cloud.onetreeplanted.org/script.js?shop=bad-no.myshopify.com
IP
File type ASCII text, with very long lines (12422)
Hash ad4c7f0968af81e4425829b04160f30f
875a53de59cac4048890cff71f519b804c2704e7
2979720d29a050b200cb420170e68da8655cb69a259005cce7c036fca50ff7c4
GET /script.js?shop=bad-no.myshopify.com HTTP/1.1
Host: cloud.onetreeplanted.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: max-age=0, must-revalidate, private
date: Sun, 29 Jan 2023 13:31:26 GMT
expires: Sun, 29 Jan 2023 13:31:26 GMT
access-control-allow-origin: *
content-encoding: gzip
connection: close
intg.snapchat.com/shopify/shopify-scevent-init.js?id=2de51f97-a9bd-4808-9c94-b9de4626e66d&shop=bad-no.myshopify.com
200 OK 4.1 kB URL HTTP/2 intg.snapchat.com/shopify/shopify-scevent-init.js?id=2de51f97-a9bd-4808-9c94-b9de4626e66d&shop=bad-no.myshopify.com
IP
File type ASCII text, with very long lines (10679), with no line terminators
Hash 34b39a421492e3f82e3acbeef2423e12
e9a7ab8a15289caae8739bcb9922fad78525371a
3cd5ec017928652c82f45bba9d1fa152965612c290c92415814207afa49fefb7
GET /shopify/shopify-scevent-init.js?id=2de51f97-a9bd-4808-9c94-b9de4626e66d&shop=bad-no.myshopify.com HTTP/1.1
Host: intg.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 15 Jul 2022 18:48:06 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 08:30:15 GMT
etag: W/"a65742ae31227369fe79296540c138fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GljRzAQGdEfqR6ibQgQtus-3yzy92OViQuulzv27mRxL5Z0XdlUkgQ==
age: 18072
X-Firefox-Spdy: h2
sc-static.net/js-sha256-v1.min.js
200 OK 15 kB URL HTTP/2 sc-static.net/js-sha256-v1.min.js
IP
Hash 8150967325500206286fc60db3ae6a27
99bc252ffef73cdaea32c17dc15878110c8d1788
9986251828a8afb806f92da4b44e7dd4cc0b00ac1eb7f9da5543e357a0be75b3
GET /js-sha256-v1.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 29 Jan 2023 03:17:45 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: Content-Type
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
cache-control: public, s-maxage=86400, max-age=600
server: AmazonS3
content-encoding: gzip
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VUOyZSrek5BXddBfBI6RsV0tlDqD8NSasbHKAIAlqONMn3J5gHBaEQ==
age: 36822
X-Firefox-Spdy: h2
cdn1.stamped.io/files/widget.min.js?shop=bad-no.myshopify.com
200 OK 62 kB URL HTTP/2 cdn1.stamped.io/files/widget.min.js?shop=bad-no.myshopify.com
IP
Hash 4228b9af094cd8c8081e0773b3aaf276
81bb61355d1222d2ab7708ca0ec5ff005939a91f
7054af25ea1e3d8ea36cb45ee7564c5438caa094009d14e4e0bd3bee58fd4894
GET /files/widget.min.js?shop=bad-no.myshopify.com HTTP/1.1
Host: cdn1.stamped.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 05 Dec 2022 22:04:40 GMT
x-amz-version-id: WpOGtTr0eXAW0fGuVlqbR7NiXIwL8K6x
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 01:56:25 GMT
etag: W/"a68875a9af7d2fbdc47d8df37affd561"
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GERaORw32hiVluuEGPAXYrE6E8feo-PBED4juloG8A4-3Ws1Nka59Q==
age: 78825
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 0efdfb9a0f8de2dd3ee8f36da2fd1000
72332157ef36c41ffbb9159e291e107ad32d791c
9dda74e94e43eb456fcd57b9d7fcf1e6f84bb73f003bd1a400f0d2cc323bb915
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 29 Jan 2023 13:31:26 GMT
Last-Modified: Sun, 29 Jan 2023 12:44:45 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: A059sDBFseTqifdPqVgUORKOpIAukVeQVAkopPeCqnVoewgeRISRAw==
Age: 2801
ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22fdb9dc5c-A157-4F2A-FFAD-9076E710E56C%22%7D&tid=2613722543904&cb=1674999093487&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%22c0cf9a97-cbd8-4343-bea9-4036cc04ada4%22%2C%22pin_unauth%22%3A%22dWlkPU9XTTBPR1V5TldVdE1qTXdNQzAwTnpNMkxXSXhPVEV0TmpFd05tRXdPRFZtTnpjNQ%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fbad.no%2F%3Futm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_255978%22%2C%22ref%22%3A%22https%3A%2F%2Fr.srvtrck.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22fdb9dc5c-A157-4F2A-FFAD-9076E710E56C%22%7D&tid=2613722543904&cb=1674999093487&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%22c0cf9a97-cbd8-4343-bea9-4036cc04ada4%22%2C%22pin_unauth%22%3A%22dWlkPU9XTTBPR1V5TldVdE1qTXdNQzAwTnpNMkxXSXhPVEV0TmpFd05tRXdPRFZtTnpjNQ%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fbad.no%2F%3Futm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_255978%22%2C%22ref%22%3A%22https%3A%2F%2Fr.srvtrck.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22fdb9dc5c-A157-4F2A-FFAD-9076E710E56C%22%7D&tid=2613722543904&cb=1674999093487&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%22c0cf9a97-cbd8-4343-bea9-4036cc04ada4%22%2C%22pin_unauth%22%3A%22dWlkPU9XTTBPR1V5TldVdE1qTXdNQzAwTnpNMkxXSXhPVEV0TmpFd05tRXdPRFZtTnpjNQ%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fbad.no%2F%3Futm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_255978%22%2C%22ref%22%3A%22https%3A%2F%2Fr.srvtrck.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 1304790045175822
date: Sun, 29 Jan 2023 13:31:26 GMT
set-cookie: _pinterest_ct_ua="TWc9PSZWK2kvbXMxME1lMmRhTDlocXlmamJrNFp1L0lQNGplUTNnMTlFdzZsNjd0cWJreVZmeHVLaDdOY3B2bnpnQnR3TFdKLzlYQkEra2Z3bGdITFlGNGt5OG5FU1JjMlY4L0tQb1B6QUgzVjlUYz0malByYXBaSGo1alROTWdVVjAzQm9SYVRPZVNBPQ=="; Expires=Mon, 29 Jan 2024 13:31:26 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.274f2417.1674999086.bb6a9bb7
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
302 Found 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=6A6765E972644D72A1D8383149CB7E8A&RedC=c.clarity.ms&MXFR=0278159E39AC6FCC2D8707363DAC618B
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=0278159E39AC6FCC2D8707363DAC618B; domain=.clarity.ms; expires=Fri, 23-Feb-2024 13:31:26 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sun, 29 Jan 2023 13:31:26 GMT
content-length: 0
X-Firefox-Spdy: h2
d.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 925
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://bad.no
access-control-allow-credentials: true
date: Sun, 29 Jan 2023 13:31:26 GMT
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=6A6765E972644D72A1D8383149CB7E8A&RedC=c.clarity.ms&MXFR=0278159E39AC6FCC2D8707363DAC618B
302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=6A6765E972644D72A1D8383149CB7E8A&RedC=c.clarity.ms&MXFR=0278159E39AC6FCC2D8707363DAC618B
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=6A6765E972644D72A1D8383149CB7E8A&RedC=c.clarity.ms&MXFR=0278159E39AC6FCC2D8707363DAC618B HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bad.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=6A6765E972644D72A1D8383149CB7E8A&MUID=0765A3546EBF618328A8B1FC6FE86000
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=0765A3546EBF618328A8B1FC6FE86000; domain=c.bing.com; expires=Fri, 23-Feb-2024 13:31:26 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 04AC39A8E4A743B0836F0DD0D04214DF Ref B: OSL30EDGE0411 Ref C: 2023-01-29T13:31:26Z
date: Sun, 29 Jan 2023 13:31:26 GMT
content-length: 0
X-Firefox-Spdy: h2
schemaplusfiles.s3.amazonaws.com/loader.min.js?shop=bad-no.myshopify.com
200 OK 23 kB URL HTTP/1.1 schemaplusfiles.s3.amazonaws.com/loader.min.js?shop=bad-no.myshopify.com
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash c4d6211f70586e5566a2f94f98986921
ee29cf4d5507ce8bacc5d501705c1d83bacf80ae
0e98a8c88968b6a1579bd860dae5e85c841db25c9b76c36ab3930e0de0dc13bd
GET /loader.min.js?shop=bad-no.myshopify.com HTTP/1.1
Host: schemaplusfiles.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 4jpDDb2/VYTxINkOiRnpxZPcemrM8msNDsh3W+BBbbUX2M1JaoXb6JI8s8dtjp9b22cEN5FY3dc=
x-amz-request-id: 179NH8HB1BSNC6EV
Date: Sun, 29 Jan 2023 13:31:27 GMT
Last-Modified: Fri, 02 Sep 2022 23:07:09 GMT
ETag: "c4d6211f70586e5566a2f94f98986921"
x-amz-server-side-encryption: AES256
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 23323
c.clarity.ms/c.gif?CtsSyncId=6A6765E972644D72A1D8383149CB7E8A&MUID=0765A3546EBF618328A8B1FC6FE86000
200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=6A6765E972644D72A1D8383149CB7E8A&MUID=0765A3546EBF618328A8B1FC6FE86000
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=6A6765E972644D72A1D8383149CB7E8A&MUID=0765A3546EBF618328A8B1FC6FE86000 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bad.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
accept-ranges: bytes
etag: "b1c8df6cb32ad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sun, 29-Jan-2023 13:41:26 GMT; path=/; SameSite=None; Secure;
date: Sun, 29 Jan 2023 13:31:26 GMT
content-length: 42
X-Firefox-Spdy: h2
config.gorgias.chat/gorgias-chat-bundle-loader.js?applicationId=11226
304 Not Modified 0 B URL HTTP/2 config.gorgias.chat/gorgias-chat-bundle-loader.js?applicationId=11226
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gorgias-chat-bundle-loader.js?applicationId=11226 HTTP/1.1
Host: config.gorgias.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"5bf-fDkDPlgtbKRyeeoX2X3xTLDMdyQ"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 29 Jan 2023 13:31:29 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
cache-control: no-cache
etag: W/"5bf-fDkDPlgtbKRyeeoX2X3xTLDMdyQ"
via: 1.1 google
cf-cache-status: HIT
age: 129372
vary: Accept-Encoding
server: cloudflare
cf-ray: 79125412de75b4ed-OSL
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/hs-lazysizes.min.js?v=134268693772723030181668672592
200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/hs-lazysizes.min.js?v=134268693772723030181668672592
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /s/files/1/0562/4260/2183/t/129/assets/hs-lazysizes.min.js?v=134268693772723030181668672592 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/hs-lazysizes.min.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: d94f54bd-9e9c-4da0-a8cf-33d63a977c7a
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Thu, 17 Nov 2022 08:10:00 GMT
cf-cache-status: HIT
age: 6315523
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mA1Iygmn8mqzE0NDDkf93uFgPeT6DCOppisKOnfe7ILn0f6nHLHsFTs5%2Fj3aqavtzvPhGNzuWBlXgQNzJJiKAznGeuf69tdpKOC4RtcL8QgKVKn4d7FnWm7J3dRR65EF9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=21.514, imageryFetch;dur=21.305, cfRequestDuration;dur=13.999939
server: cloudflare
cf-ray: 791253ebbc3efac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js
200 OK 0 B URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: cb696c04-dba8-425c-bd3a-b3495b20e674
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Thu, 12 May 2022 01:46:30 GMT
cf-cache-status: HIT
age: 13512959
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZezRLzetgA%2F7QCr8LVzD0iGfOpbRIhvgRK%2FOmnMGfLAkQsN52FXQAWamOxODN65sDzBCv4GiTKiCUFvfObe8ropkf1Gs70TaCbUucLmwaNyprKYN%2F4DTEduX2Dy46Xvlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=19.432, imageryFetch;dur=19.276, cfRequestDuration;dur=48.999786
server: cloudflare
cf-ray: 791253eb182fb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.clarity.ms/tag/abf3ld5jzh
200 OK 0 B URL HTTP/2 www.clarity.ms/tag/abf3ld5jzh
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/abf3ld5jzh HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=c649b13433b54a0c8864bc45e0554088.20230129.20240129; expires=Mon, 29 Jan 2024 13:31:23 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
x-cache: CONFIG_NOCACHE
x-azure-ref: 0K3XWYwAAAAB4YdpVleAvRKrXcV5w+QTiQ1BIMzBFREdFMDQxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 29 Jan 2023 13:31:23 GMT
X-Firefox-Spdy: h2
www.clarity.ms/eus/s/0.7.1/clarity.js
200 OK 0 B URL HTTP/2 www.clarity.ms/eus/s/0.7.1/clarity.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d928dd7500799e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-azure-ref-originshield: 0gW3VYwAAAABr+MpdSwlST73dcu6iGuA0RlJBMjMxMDUwNDE3MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-azure-ref: 0LHXWYwAAAACWWYnQVtYFSqAwS48HO44vQ1BIMzBFREdFMDQxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 29 Jan 2023 13:31:23 GMT
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/jquery-3.2.1.min.js?v=9503732020592794151668672592
200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/jquery-3.2.1.min.js?v=9503732020592794151668672592
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /s/files/1/0562/4260/2183/t/129/assets/jquery-3.2.1.min.js?v=9503732020592794151668672592 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/jquery-3.2.1.min.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 09cf1e43-7f22-4aef-867a-6db8e3906fe0
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Thu, 17 Nov 2022 08:10:00 GMT
cf-cache-status: HIT
age: 6315523
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQ65JytySQyD2HhhIlI%2FE05bvyNPrNiswoc%2Fg%2BSQkIH%2FlfdcjGF2Ty9k2Qen5%2FbtlNW9R5tMKeSgLJln23aCGs%2B9tj%2F6lCNLnpz5AAU2RWPPbkUApPLEcCJ9lmBJ%2FTPPZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=84.739, imageryFetch;dur=84.548, cfRequestDuration;dur=15.999794
server: cloudflare
cf-ray: 791253eb0ba9fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js
200 OK 0 B URL HTTP/2 cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:29 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
link: <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: c1bf1649-2940-4409-b269-8e1755e911ee
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-central1
last-modified: Sun, 29 Jan 2023 12:56:46 GMT
cf-cache-status: HIT
age: 282
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqzBYX16I%2FCe%2Fv2iNRT4sz%2FycMTeXGyZyDA3Fuws1mUcPp%2Fwh%2FHiE5OM6vvIRhg3Q%2B19gypeGlmkYj6MzPejzw%2BMnCw%2BDgXEps36uc6zRF2d2I4L%2Fsj1l%2BGQJZHuPheomQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=26.488, imageryFetch;dur=26.253, cfRequestDuration;dur=13.000011
server: cloudflare
cf-ray: 7912541348f5b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@findify/bundle@7.1.56/dist/439.js
200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/@findify/bundle@7.1.56/dist/439.js
IP
GET /npm/@findify/bundle@7.1.56/dist/439.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 7.1.56
x-jsd-version-type: version
etag: W/"1e271-WcLZb+SFF89iCigzuiqeUEgq5fI"
x-served-by: cache-fra19139-FRA, cache-iad-kiad7000141-IAD
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 13234941
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pl9gc9eZrtwyDhSWvD8cjTt9RetFNsTIvLOil58skQcEuwsDXHVV93TAG8z9a6IuaCl4RAJT%2FveWXf5f3aoiNTzoYdwdWEbNfmc7CDqPug7Z6gwvTeqKo0Qyxcx640zzSSE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791253ec1a370b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
fr135.net/redirect/global.php?dai_url_domain=bad.no&dai_url_add=utm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_255978&dai_url=
301 Moved Permanently 0 B URL HTTP/2 fr135.net/redirect/global.php?dai_url_domain=bad.no&dai_url_add=utm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_255978&dai_url=
IP
GET /redirect/global.php?dai_url_domain=bad.no&dai_url_add=utm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_campaign%3Ddaisycon_255978&dai_url= HTTP/1.1
Host: fr135.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.srvtrck.com/
Connection: keep-alive
Cookie: dci=5JJ10mHrKHD6MeJ; pdc=5JJ10mHrKHD6MeJ; ci_15654=ZF4xNjc0OTk5MDgyLGRjaV41SkoxMG1IcktIRDZNZUo%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/html; charset=UTF-8
location: https://bad.no/?utm_source=daisycon&utm_medium=affiliate&utm_campaign=daisycon_255978
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-expose-headers: P3p, Cache-Control, Expires, Content-Length, Content-Type
cache-control: no-store, no-cache, must-revalidate, max-age=14400
x-xss-protection: 0
expires: Sun, 29 Jan 2023 17:31:22 GMT
x-daisycon-cluster: ApacheContainer-6d14aa57cbb7-tracking.daisycon.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iq%2Fc6ZtNNzpftj2wVRDaz0UR8CBFbZ8Xk%2FI5SG%2BrI8BxwrW9aAqIbWRbtTsz%2B7EkCwzhWwlBl6jVze3WKrmTGHK%2F6RNJSSrDkwpFbp6Fhd80vUlKXrHmHyD43Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791253e8d9e4b524-OSL
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-e154599399e6b8b29dcb1102cc76eb199fa33a09af4fa78d15e8f8544ee64fcd.js
200 OK 0 B URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-e154599399e6b8b29dcb1102cc76eb199fa33a09af4fa78d15e8f8544ee64fcd.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /shopifycloud/shopify/assets/storefront/load_feature-e154599399e6b8b29dcb1102cc76eb199fa33a09af4fa78d15e8f8544ee64fcd.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-e154599399e6b8b29dcb1102cc76eb199fa33a09af4fa78d15e8f8544ee64fcd.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 307c7ed2-99b2-43ae-904b-2900c92679de
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Wed, 04 Jan 2023 20:06:49 GMT
cf-cache-status: HIT
age: 2136273
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5uV7WQk6iQ3FYlNL7j0HoXSKx8yHDdIyILTd%2BTST75cFO3d7CkcU1Z5xhk%2FzENJ9kMM8vA1KmkWOQP9NFrdKe%2B6fT1mzx%2BaKY9xv%2FWoFGGS0re6IHX2JG%2BxujnYp5c9mA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=27.550, imageryFetch;dur=27.330, cfRequestDuration;dur=9.999990
server: cloudflare
cf-ray: 791253eb1833b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.findify.io/v4/6d54af32-6d89-4fbe-ad31-c38cc6337bba/autocomplete
200 OK 0 B URL HTTP/2 api.findify.io/v4/6d54af32-6d89-4fbe-ad31-c38cc6337bba/autocomplete
IP
POST /v4/6d54af32-6d89-4fbe-ad31-c38cc6337bba/autocomplete HTTP/1.1
Host: api.findify.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 267
Origin: https://bad.no
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-type,Accept,x-key
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
date: Sun, 29 Jan 2023 13:31:24 GMT
etag: W/"22be-ZmNoejGIZWWxGEU1we5KprupjgE"
expires: 0
pragma: no-cache
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i01Z2Z093QWsJQPrMGLGMxnRLHKJrS9VQ2MFS9gPK9Fe3YWXYsKuBA==
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/base.min.js?v=69626653641423721861668672592
200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/base.min.js?v=69626653641423721861668672592
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /s/files/1/0562/4260/2183/t/129/assets/base.min.js?v=69626653641423721861668672592 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/base.min.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: f80d1589-1629-464d-886b-a2585f4b1994
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Thu, 17 Nov 2022 08:10:00 GMT
cf-cache-status: HIT
age: 6315523
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcNFOwr9cYjVD%2B%2F96DVl66AtonwB0kKUyjt04JpTlMlEB0zJg4KDY5LnpHkFsCWR1vebzvAwPH4KkIGN4EycrY7rNIeM3jbit7%2BjWSufZaFk0%2Ff2nJ8jnjW3u%2FOkBjmOdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=34.013, imageryFetch;dur=33.833, cfRequestDuration;dur=16.000032
server: cloudflare
cf-ray: 791253eb0ba6fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r.srvtrck.com/v2/go?t=0t5pa%3Ae%2Fdra34.ae5%2F1%2Ffs5%3D6515f%26bi%3D1s7%260626w9%3D25b9383w9%3Da040401024c3a0c0f6c1f0e4b37v2s0%26972532eib%26d3b7w62%3D0l84e661ai2%3F4c6t9n75911fc%2F7s6t7h&e=1&ai=8778bb24c34c4ca0b6cd174a0dafc285&sct=0&ct=1674999082090&cu=0cafcc2f1e4b47a2903932b32e9b6d6b&ykuid=ccd274b1b30344fb9e66bc03af323bbf&sc=1&cs=babcf8f0b10f83409eda68da124b47e1
200 OK 0 B URL HTTP/2 r.srvtrck.com/v2/go?t=0t5pa%3Ae%2Fdra34.ae5%2F1%2Ffs5%3D6515f%26bi%3D1s7%260626w9%3D25b9383w9%3Da040401024c3a0c0f6c1f0e4b37v2s0%26972532eib%26d3b7w62%3D0l84e661ai2%3F4c6t9n75911fc%2F7s6t7h&e=1&ai=8778bb24c34c4ca0b6cd174a0dafc285&sct=0&ct=1674999082090&cu=0cafcc2f1e4b47a2903932b32e9b6d6b&ykuid=ccd274b1b30344fb9e66bc03af323bbf&sc=1&cs=babcf8f0b10f83409eda68da124b47e1
IP
GET /v2/go?t=0t5pa%3Ae%2Fdra34.ae5%2F1%2Ffs5%3D6515f%26bi%3D1s7%260626w9%3D25b9383w9%3Da040401024c3a0c0f6c1f0e4b37v2s0%26972532eib%26d3b7w62%3D0l84e661ai2%3F4c6t9n75911fc%2F7s6t7h&e=1&ai=8778bb24c34c4ca0b6cd174a0dafc285&sct=0&ct=1674999082090&cu=0cafcc2f1e4b47a2903932b32e9b6d6b&ykuid=ccd274b1b30344fb9e66bc03af323bbf&sc=1&cs=babcf8f0b10f83409eda68da124b47e1 HTTP/1.1
Host: r.srvtrck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ykuid=ccd274b1b30344fb9e66bc03af323bbf
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/html;charset=UTF-8
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 791253e72956b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn1.stamped.io/files/widget.min.js
200 OK 0 B URL HTTP/2 cdn1.stamped.io/files/widget.min.js
IP
GET /files/widget.min.js HTTP/1.1
Host: cdn1.stamped.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 05 Dec 2022 22:04:40 GMT
x-amz-version-id: WpOGtTr0eXAW0fGuVlqbR7NiXIwL8K6x
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 01:56:25 GMT
etag: W/"a68875a9af7d2fbdc47d8df37affd561"
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LqvWTbarSSvgLwvHwCLEsBVZJx5wlpaCS_yHF1zKzVYfbzDrjZ1k1w==
age: 78822
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/owl.carousel.min.js?v=85409151260971167841668672592
200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/owl.carousel.min.js?v=85409151260971167841668672592
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /s/files/1/0562/4260/2183/t/129/assets/owl.carousel.min.js?v=85409151260971167841668672592 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0562/4260/2183/t/129/assets/owl.carousel.min.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 63ab89ef-b429-4a05-8deb-f2146fe711e0
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Thu, 12 Jan 2023 20:10:06 GMT
cf-cache-status: HIT
age: 924856
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BxSYelU6Onzomu2f2lg3YaVTT4aeX0UsS7VUmkFNGXRgVLWuK3UXTN1WHhrF9WIDmtP2XtHyKqXMRcOhFrdlC9J8yh1tmV922KmYeix5sFNeGTXkCUfiOxZivWYG9%2B%2B8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=54.341, imageryFetch;dur=54.144, cfRequestDuration;dur=20.999908
server: cloudflare
cf-ray: 791253eb0babfac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mediabuying-cpa.adtracker360.com/scripts/redirect/redirect2.php?domain=bad.no&country=NO&clickid=zr3736a0c69fd911eda98d125e1845214f75cceacc0b1846ab81ea883f5404bbb1070813e637d2019a8f
200 OK 0 B URL HTTP/2 mediabuying-cpa.adtracker360.com/scripts/redirect/redirect2.php?domain=bad.no&country=NO&clickid=zr3736a0c69fd911eda98d125e1845214f75cceacc0b1846ab81ea883f5404bbb1070813e637d2019a8f
IP
ASN #34788 Neue Medien Muennich GmbH
GET /scripts/redirect/redirect2.php?domain=bad.no&country=NO&clickid=zr3736a0c69fd911eda98d125e1845214f75cceacc0b1846ab81ea883f5404bbb1070813e637d2019a8f HTTP/1.1
Host: mediabuying-cpa.adtracker360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://orest-vlv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=600000
vary: Accept-Encoding,User-Agent
content-encoding: br
content-type: text/html
date: Sun, 29 Jan 2023 13:31:21 GMT
server: Apache
X-Firefox-Spdy: h2
config.gorgias.chat/gorgias-chat-bundle-loader.js?applicationId=11226
200 OK 0 B URL HTTP/2 config.gorgias.chat/gorgias-chat-bundle-loader.js?applicationId=11226
IP
GET /gorgias-chat-bundle-loader.js?applicationId=11226 HTTP/1.1
Host: config.gorgias.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bad.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:31:22 GMT
content-type: application/javascript; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
cache-control: no-cache
etag: W/"5bf-fDkDPlgtbKRyeeoX2X3xTLDMdyQ"
via: 1.1 google
cf-cache-status: HIT
age: 129365
vary: Accept-Encoding
server: cloudflare
cf-ray: 791253ebbe45b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
37.48.65.154
23.36.76.226
34.160.144.191
185.3.92.199
23.72.139.51
151.101.244.84
104.19.168.96
85.13.147.76
23.227.60.200