pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?sid=888.jp.chrome.&k=bfb&url=t3.blowingwnd.com&xrw=&lid=638ff92d5aba2d545b5e5e89&fid=888
5.161.78.177307 Temporary Redirect 164 B URL HTTP/1.1 pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?sid=888.jp.chrome.&k=bfb&url=t3.blowingwnd.com&xrw=&lid=638ff92d5aba2d545b5e5e89&fid=888
IP 5.161.78.177:0
ASN #213230 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 813f9846b49c0ada805648edf1b2fdbd
caa24890460f73e6a72bb49426351e67e83b053d
8f03491247cbfa8a2e60e0f7ec62d63b5070659f60383a1c81abeb2b20221be3
GET /emw/v1/dt?sid=888.jp.chrome.&k=bfb&url=t3.blowingwnd.com&xrw=&lid=638ff92d5aba2d545b5e5e89&fid=888 HTTP/1.1
Host: pdxx-7fmavzpxk2xlm-4-2.lowsea.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 307 Temporary Redirect
Date: Wed, 07 Dec 2022 02:23:57 GMT
Content-Type: text/html
Content-Length: 164
Connection: keep-alive
Keep-Alive: timeout=10
Set-Cookie: emwxcid_4_1=7XK8eXroU78LQLaF4yeuuxS6Fmm1uPzGFs5FhvF1PNKdgo0F6C; expires=Thu, Dec 07 2023 02:23:57 GMT; Max-Age=31536000; path=/; domain=lowsea.fun; SameSite=Lax
Location: https://cola.trffclb.com/a.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=638ff92d5aba2d545b5e5e89&source=888.jp.chrome.
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Wed, 07 Dec 2022 04:10:03 GMT
Date: Wed, 07 Dec 2022 02:23:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3717
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:23:58 GMT
Last-Modified: Wed, 07 Dec 2022 01:22:01 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 02:18:44 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 314
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3058
Expires: Wed, 07 Dec 2022 03:14:56 GMT
Date: Wed, 07 Dec 2022 02:23:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xHmJNAaOMuSgStqAprDm0ZegbV/O2AOiiIDM8JQk66nDWoOHsafkrjlBL5+wTq76na65teJ4RWM=
x-amz-request-id: SRQWDRVSHX483DFN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 01:47:19 GMT
age: 2199
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 02:23:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bbd0588e0648671a26977f48152be07b
4144f005c6c4c7fdf7e0fb5b74756d6bf45c3090
daa15015e8d7875c775ae2d1f4766fda070cd996ddf0a1db7a76ae2ec89cbb09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAA15015E8D7875C775AE2D1F4766FDA070CD996DDF0A1DB7A76AE2EC89CBB09"
Last-Modified: Sun, 04 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11232
Expires: Wed, 07 Dec 2022 05:31:10 GMT
Date: Wed, 07 Dec 2022 02:23:58 GMT
Connection: keep-alive
cola.trffclb.com/a.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=638ff92d5aba2d545b5e5e89&source=888.jp.chrome.
51.83.143.92302 Found 0 B URL HTTP/1.1 cola.trffclb.com/a.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=638ff92d5aba2d545b5e5e89&source=888.jp.chrome.
IP 51.83.143.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /a.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=638ff92d5aba2d545b5e5e89&source=888.jp.chrome. HTTP/1.1
Host: cola.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Dec 2022 02:23:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 11hx4alk7e
Raund: 2is
Location: https://samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.jp.chrome.
samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.jp.chrome.
51.83.143.92200 OK 501 B URL HTTP/1.1 samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.jp.chrome.
IP 51.83.143.92:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (551)
Hash c8a608e30a46842e913505c53c408e16
562333d57db80bb15fbe722caa156c6930406c92
29584a552f567535cd926584c0be20a6645380abcad40cf586a183b8136e9108
Analyzer Verdict Alert quad9 Sinkholed
GET /l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.jp.chrome. HTTP/1.1
Host: samba.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 02:23:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=638ff93e5c254115fb093fbe; expires=Sat, 10-Dec-2022 02:23:58 GMT; Max-Age=259200; path=/; domain=samba.trffclb.com; HttpOnly
Content-Encoding: gzip
samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.jp.chrome.&bv=1
51.83.143.92302 Found 0 B URL HTTP/1.1 samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.jp.chrome.&bv=1
IP 51.83.143.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.jp.chrome.&bv=1 HTTP/1.1
Host: samba.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.jp.chrome.
Cookie: bt-603611c5b7eaf46891533240=638ff93e5c254115fb093fbe
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Dec 2022 02:23:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=samba.trffclb.com; HttpOnly
Round: 11kgq037yu
Raund: 2si
Location: https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 02:08:58 GMT
cache-control: public,max-age=3600
age: 900
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 68ef98619e517499e5ce7663c3b7225b
09adf2c7886e2816616728e30ab1aae3b1038bcd
dc7530b5c27d208d525b029ef6a12b6cd918d81413114a5a632e282f9fcdcc27
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4545
Cache-Control: max-age=107562
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:23:58 GMT
Etag: "638ee8a8-117"
Expires: Thu, 08 Dec 2022 08:16:40 GMT
Last-Modified: Tue, 06 Dec 2022 07:00:56 GMT
Server: ECS (amb/6BBB)
X-Cache: HIT
Content-Length: 279
samba.trffclb.com/favicon.ico
51.83.143.92200 OK 20 B URL HTTP/1.1 samba.trffclb.com/favicon.ico
IP 51.83.143.92:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: samba.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888.jp.chrome.
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 02:23:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3709
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:23:58 GMT
Last-Modified: Wed, 07 Dec 2022 01:22:09 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 68ef98619e517499e5ce7663c3b7225b
09adf2c7886e2816616728e30ab1aae3b1038bcd
dc7530b5c27d208d525b029ef6a12b6cd918d81413114a5a632e282f9fcdcc27
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4545
Cache-Control: max-age=107562
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:23:58 GMT
Etag: "638ee8a8-117"
Expires: Thu, 08 Dec 2022 08:16:40 GMT
Last-Modified: Tue, 06 Dec 2022 07:00:56 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cwqFoB1e/O3ewiIU9t59gA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DVSuenjOpqomadkoIkJUGjozf9k=
pritha-ner.com/0646614100?adTagId=20111650-aa5d-11e6-a4a9-0e855f2e0669&fallbackUrl=https://popmyads.com/return/30
3.212.50.125302 0 B URL HTTP/1.1 pritha-ner.com/0646614100?adTagId=20111650-aa5d-11e6-a4a9-0e855f2e0669&fallbackUrl=https://popmyads.com/return/30
IP 3.212.50.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0646614100?adTagId=20111650-aa5d-11e6-a4a9-0e855f2e0669&fallbackUrl=https://popmyads.com/return/30 HTTP/1.1
Host: pritha-ner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Wed, 07 Dec 2022 02:23:59 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Location: https://shopde.pricedeals.shop/go.php?market=no&dv350bcb9175d611edb3f0122ef00a64e357fe857450a94407b2291acc847973600695300c89e93ff677
Server: BgdfSISv
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1616d09175bdb49119cf3978f315f950
fb327e09778d28d03fe1943ff2eeb103490b3108
34267f91602df4959ff5e75f25b8cff2588b0fcba2acad10f30d57bb8925a4c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34267F91602DF4959FF5E75F25B8CFF2588B0FCBA2ACAD10F30D57BB8925A4C7"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8829
Expires: Wed, 07 Dec 2022 04:51:08 GMT
Date: Wed, 07 Dec 2022 02:23:59 GMT
Connection: keep-alive
shopde.pricedeals.shop/go.php?market=no&dv350bcb9175d611edb3f0122ef00a64e357fe857450a94407b2291acc847973600695300c89e93ff677
135.181.6.240200 OK 570 B URL HTTP/1.1 shopde.pricedeals.shop/go.php?market=no&dv350bcb9175d611edb3f0122ef00a64e357fe857450a94407b2291acc847973600695300c89e93ff677
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (450)
Hash c6dc1c6bdd59a0301217174698d3997a
1a0544048dcee0df14666d6a25ace70553aef7a7
ae0b67aefc86265c02ac74b7a459de21e9f17b292e71a1f5386dad7de1b8c4ee
GET /go.php?market=no&dv350bcb9175d611edb3f0122ef00a64e357fe857450a94407b2291acc847973600695300c89e93ff677 HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 02:23:59 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 570
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
shopde.pricedeals.shop/favicon.ico
135.181.6.240404 Not Found 285 B URL HTTP/1.1 shopde.pricedeals.shop/favicon.ico
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cd85cf7b8f9a014ae145681b1f5e73d
a574403ec64b443a802d0980e3bd368bafebe2d9
cb5d0086c43932c164cc6892b9f762fb4128c182d3dbdbf476036a2783f0023b
GET /favicon.ico HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&dv350bcb9175d611edb3f0122ef00a64e357fe857450a94407b2291acc847973600695300c89e93ff677
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 07 Dec 2022 02:23:59 GMT
Server: Apache/2.4.54 (Debian)
Content-Length: 285
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10290
Expires: Wed, 07 Dec 2022 05:15:30 GMT
Date: Wed, 07 Dec 2022 02:24:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10290
Expires: Wed, 07 Dec 2022 05:15:30 GMT
Date: Wed, 07 Dec 2022 02:24:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10290
Expires: Wed, 07 Dec 2022 05:15:30 GMT
Date: Wed, 07 Dec 2022 02:24:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10290
Expires: Wed, 07 Dec 2022 05:15:30 GMT
Date: Wed, 07 Dec 2022 02:24:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10290
Expires: Wed, 07 Dec 2022 05:15:30 GMT
Date: Wed, 07 Dec 2022 02:24:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d0219e6bee2a28f003f396f872eecf0
b3d22d146c6094cb539de40a72b9c5a140802ee5
41c1b037e8e654c19f36b74cceccd1fc841cc9fb7de39ac552ab5089dc3e82db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 02299a39-6804-49ae-b415-313b6e06b2ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfj24G39oAMF25Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63894cf8-5f578e3f211063bd125b645a;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 00:55:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uMTaiFjrcbJxWm4M7BuSHPu0BFUMp9UIpMvnvlLs_dajlM0_iObY2A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:52 GMT
age: 15968
etag: "b3d22d146c6094cb539de40a72b9c5a140802ee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb1ea0161d261518c99909aff49e6f58
c3b915cb579b651db25442fea0bbedd0d292c0fc
d877a21abfd883a368da0136c4e56d7f590fa9e9ea09dec3675823211fe56385
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6110
x-amzn-requestid: 2ebf542a-dacc-472a-81c0-0c69cb1ec143
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEQAH2doAMFljA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb3ff-7173ff7941b57fa163e3cc6b;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fxuPjC35VBDaymSCPY_iBxDnQY4CFHgolHSmnDhCRUjzw5UzY7ovA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 04:12:54 GMT
etag: "c3b915cb579b651db25442fea0bbedd0d292c0fc"
content-type: image/jpeg
age: 79866
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b079607b368263e3517dd30250f5f2af
a1b7863c70f1d501560a5b2fb4442f4835f94341
e7ed3ed2aca312d82fb017e06c6493fafffff9a603d1498c9c05355c08b444e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5913
x-amzn-requestid: 355ca338-7d8e-4a60-a491-0509d0ff32d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlirF3DIAMF-vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb610-5bff7b5b3984102e1ef0e737;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RlnA4SSUIbIVtGBxqBtabKw58aXWE-jGIKLZ4DnoTiGzvH5bzBOUbA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:54:15 GMT
age: 16185
etag: "a1b7863c70f1d501560a5b2fb4442f4835f94341"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b92721cbe24623f1713a5248d6a7c1b2
3628390c62642dcc375b28f58c9b48180c4abd73
37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9613
x-amzn-requestid: 3542fd4f-74e3-450b-b7fc-04034d680bf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cslIEEDtIAMFfuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e8233-40eaebed627d374d0910e456;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 23:43:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2aI7z8gOkQiNDlj2tbsoWibfupjl25ZjoO_QRbfmXQKwO-yF455yXg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 07:18:37 GMT
age: 68723
etag: "3628390c62642dcc375b28f58c9b48180c4abd73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 550ee57c325ce8d4892400deb24141d3
acece1761a7d4d3926500726c19d528bb204ef4c
7cc68e966362916947e7d6e24d3c001c64298fec2438a97538765d801fa7c92c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10362
x-amzn-requestid: 7fdd2011-e283-467e-9f04-741946a834ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpl_1EsooAMFhvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5065-0cddad1919d984065bd0b03e;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 01:59:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WtZWFmfVSXYRQlYwpBxj8JG_WC91ik_p68HjX7-wCfYb0624CvcBSA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:58:02 GMT
age: 71600
etag: "acece1761a7d4d3926500726c19d528bb204ef4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7ee62c5e846e8ad4808f4724f15146d
6d55b299f906908309f91eaf0a720ad65866db04
0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6846
x-amzn-requestid: 53452103-6559-460c-ac40-4685e6816aa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGx4E-mIAMFatg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a5-5327ec9a2f247cc91654df80;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Znjnq24wuXoi43Bfc9aPdcUHhMh-a00hSCXUHFpHq3sTtQQoUYe6Uw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 07:29:49 GMT
age: 68051
etag: "6d55b299f906908309f91eaf0a720ad65866db04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAzMDAzODU4NDgmLnNpZz1oY19SNEtNNE5pS2E4VUF1V0tmcUQwZ2tWRGMtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTAwNTM2MjcyJmNvdW50cnk9bm8mb2ZmZXJJZD03MDIyNmU0YTQ0Yjg0OTMyZThmMTA3MmI2NDY0Yjg2NyZzZXJ2aWNlPTM3JnRva2VuSWQ9MzJmMzQzMTItZjIwMy00MDcwLTg2ODUtNTQyZmIxMjdiMTEwJndhaXQ9dHJ1ZSZhZGRlZFBhcmFtcz10cnVlJmN1c3RvbTE9NTQm
135.181.6.240200 OK 468 B URL HTTP/1.1 shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAzMDAzODU4NDgmLnNpZz1oY19SNEtNNE5pS2E4VUF1V0tmcUQwZ2tWRGMtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTAwNTM2MjcyJmNvdW50cnk9bm8mb2ZmZXJJZD03MDIyNmU0YTQ0Yjg0OTMyZThmMTA3MmI2NDY0Yjg2NyZzZXJ2aWNlPTM3JnRva2VuSWQ9MzJmMzQzMTItZjIwMy00MDcwLTg2ODUtNTQyZmIxMjdiMTEwJndhaXQ9dHJ1ZSZhZGRlZFBhcmFtcz10cnVlJmN1c3RvbTE9NTQm
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (363)
Hash 2a596c84d3a6ba5226b1451a9fe918f7
f2c01a751244c139382391312d219d8269398418
34328b808e7230bc40d6ba75c4787be8c22b765f62e0affbb7e826081e553e1d
GET /redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAzMDAzODU4NDgmLnNpZz1oY19SNEtNNE5pS2E4VUF1V0tmcUQwZ2tWRGMtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTAwNTM2MjcyJmNvdW50cnk9bm8mb2ZmZXJJZD03MDIyNmU0YTQ0Yjg0OTMyZThmMTA3MmI2NDY0Yjg2NyZzZXJ2aWNlPTM3JnRva2VuSWQ9MzJmMzQzMTItZjIwMy00MDcwLTg2ODUtNTQyZmIxMjdiMTEwJndhaXQ9dHJ1ZSZhZGRlZFBhcmFtcz10cnVlJmN1c3RvbTE9NTQm HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&dv350bcb9175d611edb3f0122ef00a64e357fe857450a94407b2291acc847973600695300c89e93ff677
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 02:24:00 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 468
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 20f6192e4535e9cd0534fde901f8accf
6925717fe60389306d0f6b75465fd915b7df3c16
73b29633a00c3685251d2fb2741fa364e050320867040502f876187c8fe36b39
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5770
Cache-Control: max-age=146572
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:01 GMT
Etag: "638f7c43-1d7"
Expires: Thu, 08 Dec 2022 19:06:53 GMT
Last-Modified: Tue, 06 Dec 2022 17:30:43 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670300385848&.sig=hc_R4KM4NiKa8UAuWKfqD0gkVDc-&affiliationId=96979714&comId=100536272&country=no&offerId=70226e4a44b84932e8f1072b6464b867&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=54&
95.211.116.27200 OK 27 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670300385848&.sig=hc_R4KM4NiKa8UAuWKfqD0gkVDc-&affiliationId=96979714&comId=100536272&country=no&offerId=70226e4a44b84932e8f1072b6464b867&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=54&
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash 69f0dbb8bdf8ff1d12c8f10cabd7f284
c262558b0a795cb437398f12503a4f2a26075838
08ee258237298761217278ee8ad00f4874f46a3441a4bf6b3c8f81dbf336ecf6
GET /ctl/go/offersearchGo?.ts=1670300385848&.sig=hc_R4KM4NiKa8UAuWKfqD0gkVDc-&affiliationId=96979714&comId=100536272&country=no&offerId=70226e4a44b84932e8f1072b6464b867&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=54& HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 02:24:01 GMT
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670379841790_2798895
clickId: 107698149_1670379841785_1470634
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.016417S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 26663
Set-Cookie: datadome=4pvWj1jLj1kYTWS3V52kdkCW_EmX6XjKbYNEogRBkl2zzvxOqGxRJSgMmGj2~-8L_6zdGZtL4ksKvN_e-CJSoKO-Wk6uTW3iMCHwy2iz~~R2413nDQiiUv_bAnBLMHty; Max-Age=31536000; Expires=Thu, 07 Dec 2023 02:24:01 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c6295-184ea65a8f9-73e4b; Max-Age=31536000; Expires=Thu, 07 Dec 2023 02:24:01 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=100
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae29385a9f5adef0594e7021a4050c2389e1938be7c75793d1fdbfcf72da63195f3558e3ce05d2aa4750e9225f86d909b6841fa2bf26d9e5c87e98ebb53ed4ba9bd712373e0c5fb3e82fbf3e309a0bfdca68afd25ad9270b98f9b6d1bd7e7a0b38d89050dd1ed74d9eb166426f73e5a73a52c1d0c1de95b72909e7655b8975909ec1fc5b03f39ffedb3e9d0016968c2c2acdcdc7374bc561a8401eabc2b0741bff2&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670379841790_2798895&clickId=107698149_1670379841785_1470634
95.211.116.27200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae29385a9f5adef0594e7021a4050c2389e1938be7c75793d1fdbfcf72da63195f3558e3ce05d2aa4750e9225f86d909b6841fa2bf26d9e5c87e98ebb53ed4ba9bd712373e0c5fb3e82fbf3e309a0bfdca68afd25ad9270b98f9b6d1bd7e7a0b38d89050dd1ed74d9eb166426f73e5a73a52c1d0c1de95b72909e7655b8975909ec1fc5b03f39ffedb3e9d0016968c2c2acdcdc7374bc561a8401eabc2b0741bff2&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670379841790_2798895&clickId=107698149_1670379841785_1470634
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae29385a9f5adef0594e7021a4050c2389e1938be7c75793d1fdbfcf72da63195f3558e3ce05d2aa4750e9225f86d909b6841fa2bf26d9e5c87e98ebb53ed4ba9bd712373e0c5fb3e82fbf3e309a0bfdca68afd25ad9270b98f9b6d1bd7e7a0b38d89050dd1ed74d9eb166426f73e5a73a52c1d0c1de95b72909e7655b8975909ec1fc5b03f39ffedb3e9d0016968c2c2acdcdc7374bc561a8401eabc2b0741bff2&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670379841790_2798895&clickId=107698149_1670379841785_1470634 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670300385848&.sig=hc_R4KM4NiKa8UAuWKfqD0gkVDc-&affiliationId=96979714&comId=100536272&country=no&offerId=70226e4a44b84932e8f1072b6464b867&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=54&
Connection: keep-alive
Cookie: datadome=4pvWj1jLj1kYTWS3V52kdkCW_EmX6XjKbYNEogRBkl2zzvxOqGxRJSgMmGj2~-8L_6zdGZtL4ksKvN_e-CJSoKO-Wk6uTW3iMCHwy2iz~~R2413nDQiiUv_bAnBLMHty; kelkooID=a4c6295-184ea65a8f9-73e4b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 02:24:01 GMT
Request-Time: PT0.001342S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=99
Connection: Keep-Alive
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae29385a9f5adef0594e7021a4050c2389e1938be7c75793d1fdbfcf72da63195f3558e3ce05d2aa4750e9225f86d909b6841fa2bf26d9e5c87e98ebb53ed4ba9bd712373e0c5fb3e82fbf3e309a0bfdca68afd25ad9270b98f9b6d1bd7e7a0b38d89050dd1ed74d9eb166426f73e5a73a52c1d0c1de95b72909e7655b8975909ec1fc5b03f39ffedb3e9d0016968c2c2acdcdc7374bc561a8401eabc2b0741bff2&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670379841790_2798895&clickId=107698149_1670379841785_1470634
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae29385a9f5adef0594e7021a4050c2389e1938be7c75793d1fdbfcf72da63195f3558e3ce05d2aa4750e9225f86d909b6841fa2bf26d9e5c87e98ebb53ed4ba9bd712373e0c5fb3e82fbf3e309a0bfdca68afd25ad9270b98f9b6d1bd7e7a0b38d89050dd1ed74d9eb166426f73e5a73a52c1d0c1de95b72909e7655b8975909ec1fc5b03f39ffedb3e9d0016968c2c2acdcdc7374bc561a8401eabc2b0741bff2&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670379841790_2798895&clickId=107698149_1670379841785_1470634
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae29385a9f5adef0594e7021a4050c2389e1938be7c75793d1fdbfcf72da63195f3558e3ce05d2aa4750e9225f86d909b6841fa2bf26d9e5c87e98ebb53ed4ba9bd712373e0c5fb3e82fbf3e309a0bfdca68afd25ad9270b98f9b6d1bd7e7a0b38d89050dd1ed74d9eb166426f73e5a73a52c1d0c1de95b72909e7655b8975909ec1fc5b03f39ffedb3e9d0016968c2c2acdcdc7374bc561a8401eabc2b0741bff2&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670379841790_2798895&clickId=107698149_1670379841785_1470634 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670300385848&.sig=hc_R4KM4NiKa8UAuWKfqD0gkVDc-&affiliationId=96979714&comId=100536272&country=no&offerId=70226e4a44b84932e8f1072b6464b867&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=54&
Content-Type: text/plain;charset=utf-8
Content-Length: 548
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=4pvWj1jLj1kYTWS3V52kdkCW_EmX6XjKbYNEogRBkl2zzvxOqGxRJSgMmGj2~-8L_6zdGZtL4ksKvN_e-CJSoKO-Wk6uTW3iMCHwy2iz~~R2413nDQiiUv_bAnBLMHty; kelkooID=a4c6295-184ea65a8f9-73e4b; _ga=GA1.2.2001369142.1670379841; _gid=GA1.2.739843299.1670379841
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 02:24:01 GMT
Request-Time: PT0.002722S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=97
Connection: Keep-Alive
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae29385a9f5adef0594e7021a4050c2389e1938be7c75793d1fdbfcf72da63195f3558e3ce05d2aa4750e9225f86d909b6841fa2bf26d9e5c87e98ebb53ed4ba9bd712373e0c5fb3e82fbf3e309a0bfdca68afd25ad9270b98f9b6d1bd7e7a0b38d89050dd1ed74d9eb166426f73e5a73a52c1d0c1de95b72909e7655b8975909ec1fc5b03f39ffedb3e9d0016968c2c2acdcdc7374bc561a8401eabc2b0741bff2&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670379841790_2798895&clickId=107698149_1670379841785_1470634&url=https%3A%2F%2Fwww.youth.no%2Falle-produkter%2Fstyling%2Fvoks%2Fxl-hairwax-100ml%2F%3Futm_source%3Dkelkoo%26utm_medium%3Dcpc%26utm_campaign%3Dlinks&initiator=timeout
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae29385a9f5adef0594e7021a4050c2389e1938be7c75793d1fdbfcf72da63195f3558e3ce05d2aa4750e9225f86d909b6841fa2bf26d9e5c87e98ebb53ed4ba9bd712373e0c5fb3e82fbf3e309a0bfdca68afd25ad9270b98f9b6d1bd7e7a0b38d89050dd1ed74d9eb166426f73e5a73a52c1d0c1de95b72909e7655b8975909ec1fc5b03f39ffedb3e9d0016968c2c2acdcdc7374bc561a8401eabc2b0741bff2&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670379841790_2798895&clickId=107698149_1670379841785_1470634&url=https%3A%2F%2Fwww.youth.no%2Falle-produkter%2Fstyling%2Fvoks%2Fxl-hairwax-100ml%2F%3Futm_source%3Dkelkoo%26utm_medium%3Dcpc%26utm_campaign%3Dlinks&initiator=timeout
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae29385a9f5adef0594e7021a4050c2389e1938be7c75793d1fdbfcf72da63195f3558e3ce05d2aa4750e9225f86d909b6841fa2bf26d9e5c87e98ebb53ed4ba9bd712373e0c5fb3e82fbf3e309a0bfdca68afd25ad9270b98f9b6d1bd7e7a0b38d89050dd1ed74d9eb166426f73e5a73a52c1d0c1de95b72909e7655b8975909ec1fc5b03f39ffedb3e9d0016968c2c2acdcdc7374bc561a8401eabc2b0741bff2&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670379841790_2798895&clickId=107698149_1670379841785_1470634&url=https%3A%2F%2Fwww.youth.no%2Falle-produkter%2Fstyling%2Fvoks%2Fxl-hairwax-100ml%2F%3Futm_source%3Dkelkoo%26utm_medium%3Dcpc%26utm_campaign%3Dlinks&initiator=timeout HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670300385848&.sig=hc_R4KM4NiKa8UAuWKfqD0gkVDc-&affiliationId=96979714&comId=100536272&country=no&offerId=70226e4a44b84932e8f1072b6464b867&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=54&
Connection: keep-alive
Cookie: datadome=4pvWj1jLj1kYTWS3V52kdkCW_EmX6XjKbYNEogRBkl2zzvxOqGxRJSgMmGj2~-8L_6zdGZtL4ksKvN_e-CJSoKO-Wk6uTW3iMCHwy2iz~~R2413nDQiiUv_bAnBLMHty; kelkooID=a4c6295-184ea65a8f9-73e4b; _ga=GA1.2.2001369142.1670379841; _gid=GA1.2.739843299.1670379841
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Wed, 07 Dec 2022 02:24:02 GMT
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670379841790_2798895
clickId: 107698149_1670379841785_1470634
country: no
Location: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.017272S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=72pGWkPHuTA9JCTVCvmis~pcDqrSMxiv7ik8e0VaIbpdDK8W5_xuDGWw~m2goK4vHPnejOdASYsKz4mvVP43mog5UTSmvHq0ThWchsXrMlvhtVIX_7ZNMxXr-XSB0L65; Max-Age=31536000; Expires=Thu, 07 Dec 2023 02:24:02 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=97
Connection: Keep-Alive
Content-Type: text/plain
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670300385848%26.sig%3Dhc_R4KM4NiKa8UAuWKfqD0gkVDc-%26affiliationId%3D96979714%26comId%3D100536272%26country%3Dno%26offerId%3D70226e4a44b84932e8f1072b6464b867%26service%3D37%26tokenId%3D32f34312-f203-4070-8685-542fb127b110%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D54%26&dr=https%3A%2F%2Fshopde.pricedeals.shop%2F&dp=%2F96979714%7C100536272%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Youth.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=2001369142.1670379841&tid=UA-168544891-6&_gid=739843299.1670379841&_r=1&cd1=96979714&cd2=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670379841790_2798895&cd3=100536272&cd4=a4c6295-184ea65a8f9-73e4b&cd5=&cd6=96979714%7C100536272%7C&z=971663039
142.250.74.110200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670300385848%26.sig%3Dhc_R4KM4NiKa8UAuWKfqD0gkVDc-%26affiliationId%3D96979714%26comId%3D100536272%26country%3Dno%26offerId%3D70226e4a44b84932e8f1072b6464b867%26service%3D37%26tokenId%3D32f34312-f203-4070-8685-542fb127b110%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D54%26&dr=https%3A%2F%2Fshopde.pricedeals.shop%2F&dp=%2F96979714%7C100536272%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Youth.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=2001369142.1670379841&tid=UA-168544891-6&_gid=739843299.1670379841&_r=1&cd1=96979714&cd2=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670379841790_2798895&cd3=100536272&cd4=a4c6295-184ea65a8f9-73e4b&cd5=&cd6=96979714%7C100536272%7C&z=971663039
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670300385848%26.sig%3Dhc_R4KM4NiKa8UAuWKfqD0gkVDc-%26affiliationId%3D96979714%26comId%3D100536272%26country%3Dno%26offerId%3D70226e4a44b84932e8f1072b6464b867%26service%3D37%26tokenId%3D32f34312-f203-4070-8685-542fb127b110%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D54%26&dr=https%3A%2F%2Fshopde.pricedeals.shop%2F&dp=%2F96979714%7C100536272%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Youth.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=2001369142.1670379841&tid=UA-168544891-6&_gid=739843299.1670379841&_r=1&cd1=96979714&cd2=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670379841790_2798895&cd3=100536272&cd4=a4c6295-184ea65a8f9-73e4b&cd5=&cd6=96979714%7C100536272%7C&z=971663039 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Wed, 07 Dec 2022 02:24:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
52.178.90.230200 OK 18 kB URL HTTP/2 www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Generic INItialization configuration []\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (953), with CRLF, LF line terminators
Hash 47b0fa3d54571b748e549cab13ae77f7
ccb679ac96c824ce15044fa0ba1b3b05d8d55905
4105938575322c65f669cb1e854b824617177205e3566b782528354185768ccd
GET /alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Wed, 07 Dec 2022 02:24:02 GMT
cache-control: private
content-encoding: gzip
set-cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e-cfo=; expires=Wed, 07-Dec-2022 02:14:02 GMT; path=/; secure; HttpOnly
vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; expires=Thu, 07-Dec-2023 02:24:02 GMT; path=/; secure; HttpOnly
vary: Accept-Encoding
content-length: 17887
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/DependencyHandler.axd?s=L2Nzcy92YXJpYWJsZXMuY3NzOy9hc3NldHMvcGx1Z2lucy9mb250LWF3ZXNvbWUvY3NzL2ZvbnRhd2Vzb21lLm1pbi5jc3M7L2Fzc2V0cy9wbHVnaW5zL2ZvbnQtYXdlc29tZS9jc3MvYnJhbmRzLm1pbi5jc3M7&t=Css&cdv=1661344224
52.178.90.230200 OK 19 kB URL HTTP/2 www.youth.no/DependencyHandler.axd?s=L2Nzcy92YXJpYWJsZXMuY3NzOy9hc3NldHMvcGx1Z2lucy9mb250LWF3ZXNvbWUvY3NzL2ZvbnRhd2Vzb21lLm1pbi5jc3M7L2Fzc2V0cy9wbHVnaW5zL2ZvbnQtYXdlc29tZS9jc3MvYnJhbmRzLm1pbi5jc3M7&t=Css&cdv=1661344224
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (63521), with CRLF line terminators
Hash e4537becc1b2656b597b72ffd07cfb2e
f9338cb3af24b7dd8dd54b007c0e1d535bfd0053
25ccea70f1b23b3269541cd3a1916b431d898c5091d16a9e4fea0df45cf0c47e
GET /DependencyHandler.axd?s=L2Nzcy92YXJpYWJsZXMuY3NzOy9hc3NldHMvcGx1Z2lucy9mb250LWF3ZXNvbWUvY3NzL2ZvbnRhd2Vzb21lLm1pbi5jc3M7L2Fzc2V0cy9wbHVnaW5zL2ZvbnQtYXdlc29tZS9jc3MvYnJhbmRzLm1pbi5jc3M7&t=Css&cdv=1661344224 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Wed, 07 Dec 2022 02:24:02 GMT
server: Microsoft-IIS/10.0
cache-control: public, must-revalidate, proxy-revalidate, max-age=164840, s-maxage=164840
content-encoding: gzip
etag: "2f5a6a292810ab3774d0e5c473167d37"
expires: Fri, 09 Dec 2022 00:11:23 GMT
last-modified: Tue, 29 Nov 2022 00:11:23 GMT
vary: Accept-Encoding
content-length: 19246
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/DependencyHandler.axd?s=L2Fzc2V0cy9wbHVnaW5zL2Jvb3RzdHJhcC9ib290c3RyYXAubWluLmNzczsvY3NzL2Jhc2UuY3NzOy9jc3MvdGVtcGxhdGUuY3NzOy9jc3Mvd2lkZ2V0cy5jc3M7L2Nzcy9wbHVnaW5zL3NsaWRlb3V0LW1lbnUuY3NzOy9jc3MvY29tcG9uZW50cy9uYXZiYXIuY3NzOy9jc3MvY29tcG9uZW50cy9mb290ZXIuY3NzOy9jc3MvY29tcG9uZW50cy9jb29raWUtbm90aWNlLmNzczsvY3NzL3Nob3AvcHJvZHVjdC1kZXRhaWxzLmNzczsvYXNzZXRzL3BsdWdpbnMvZmFuY3lib3gvanF1ZXJ5LmZhbmN5Ym94Lm1pbi5jc3M7&t=Css&cdv=1661344224
52.178.90.230200 OK 33 kB URL HTTP/2 www.youth.no/DependencyHandler.axd?s=L2Fzc2V0cy9wbHVnaW5zL2Jvb3RzdHJhcC9ib290c3RyYXAubWluLmNzczsvY3NzL2Jhc2UuY3NzOy9jc3MvdGVtcGxhdGUuY3NzOy9jc3Mvd2lkZ2V0cy5jc3M7L2Nzcy9wbHVnaW5zL3NsaWRlb3V0LW1lbnUuY3NzOy9jc3MvY29tcG9uZW50cy9uYXZiYXIuY3NzOy9jc3MvY29tcG9uZW50cy9mb290ZXIuY3NzOy9jc3MvY29tcG9uZW50cy9jb29raWUtbm90aWNlLmNzczsvY3NzL3Nob3AvcHJvZHVjdC1kZXRhaWxzLmNzczsvYXNzZXRzL3BsdWdpbnMvZmFuY3lib3gvanF1ZXJ5LmZhbmN5Ym94Lm1pbi5jc3M7&t=Css&cdv=1661344224
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65314), with CRLF line terminators
Hash ddd641084616e9784cbad349bdd9d642
0ee5a8cc0c4182e5b9f96daf8b336c82bc12c5fe
b5198704729f0a764b0688de2b285b126430bc190a67f9d4186fe3c66bfbd5f1
GET /DependencyHandler.axd?s=L2Fzc2V0cy9wbHVnaW5zL2Jvb3RzdHJhcC9ib290c3RyYXAubWluLmNzczsvY3NzL2Jhc2UuY3NzOy9jc3MvdGVtcGxhdGUuY3NzOy9jc3Mvd2lkZ2V0cy5jc3M7L2Nzcy9wbHVnaW5zL3NsaWRlb3V0LW1lbnUuY3NzOy9jc3MvY29tcG9uZW50cy9uYXZiYXIuY3NzOy9jc3MvY29tcG9uZW50cy9mb290ZXIuY3NzOy9jc3MvY29tcG9uZW50cy9jb29raWUtbm90aWNlLmNzczsvY3NzL3Nob3AvcHJvZHVjdC1kZXRhaWxzLmNzczsvYXNzZXRzL3BsdWdpbnMvZmFuY3lib3gvanF1ZXJ5LmZhbmN5Ym94Lm1pbi5jc3M7&t=Css&cdv=1661344224 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Wed, 07 Dec 2022 02:24:02 GMT
server: Microsoft-IIS/10.0
cache-control: public, must-revalidate, proxy-revalidate, max-age=164886, s-maxage=164886
content-encoding: gzip
etag: "6288c3af095f02b11f97b8609ec5b12a"
expires: Fri, 09 Dec 2022 00:12:09 GMT
last-modified: Tue, 29 Nov 2022 00:12:09 GMT
vary: Accept-Encoding
content-length: 32591
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/?altTemplate=themeCss
52.178.90.230200 OK 620 B URL HTTP/2 www.youth.no/?altTemplate=themeCss
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 97f246e28614a5134caabc1077edb1eb
6dd81097dbeaa1a31edee5ea1c32da6061f9b133
b2361a1d58c8544a3d295fd1c0d42622843218a9a2330460adfc6fa968a6f7a2
GET /?altTemplate=themeCss HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
date: Wed, 07 Dec 2022 02:24:02 GMT
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
content-length: 620
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/q30dmrv0/youth-logo.png
52.178.90.230200 OK 2.8 kB URL HTTP/2 www.youth.no/media/q30dmrv0/youth-logo.png
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 129 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 1a479cba9075eaca3f190d7c82331e38
f19c41e45c7a210ef7dd44272e410b8a3daa0baf
ed11789adeec8ac2b4f73e907a69dff8ba71c286d5b0537629e7c1d54303823e
GET /media/q30dmrv0/youth-logo.png HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Wed, 07 Dec 2022 02:24:02 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=31142854
expires: Sat, 02 Dec 2023 13:11:37 GMT
vary: Accept-Encoding
content-length: 2762
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/assets/img/fallback-square-medium.png
52.178.90.230200 OK 3.5 kB URL HTTP/2 www.youth.no/assets/img/fallback-square-medium.png
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 720 x 720, 8-bit colormap, non-interlaced\012- data
Hash 4d38982b44ee1844dbff908f5c9da37c
99cbeee6c764e40b86f06fab9855cc567883a4ae
d81b197b597d1d2900f370c02999cc70065673411e2758250a7a07234253e57e
GET /assets/img/fallback-square-medium.png HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Wed, 07 Dec 2022 02:24:02 GMT
accept-ranges: bytes
etag: "83879e60506ed71:0"
last-modified: Thu, 01 Jul 2021 08:09:12 GMT
content-length: 3480
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/DependencyHandler.axd?s=L2Fzc2V0cy9wbHVnaW5zL2pxdWVyeS9qcXVlcnktMy40LjEubWluLmpzOw&t=Javascript&cdv=1661344224
52.178.90.230200 OK 31 kB URL HTTP/2 www.youth.no/DependencyHandler.axd?s=L2Fzc2V0cy9wbHVnaW5zL2pxdWVyeS9qcXVlcnktMy40LjEubWluLmpzOw&t=Javascript&cdv=1661344224
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65447), with CRLF line terminators
Hash 810a347c7e7d131c304faea32236e4c7
1cd7e0929d5402df9eff298d4bb163747590c218
7a00ebff44d99d80985baf84de3c183d2ccc3c5c967993c98e8cde54014fda90
GET /DependencyHandler.axd?s=L2Fzc2V0cy9wbHVnaW5zL2pxdWVyeS9qcXVlcnktMy40LjEubWluLmpzOw&t=Javascript&cdv=1661344224 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 07 Dec 2022 02:24:02 GMT
server: Microsoft-IIS/10.0
cache-control: public, must-revalidate, proxy-revalidate, max-age=164841, s-maxage=164841
content-encoding: gzip
etag: "150eff1a78e6b433e2c520f5d9f338a5"
expires: Fri, 09 Dec 2022 00:11:24 GMT
last-modified: Tue, 29 Nov 2022 00:11:24 GMT
vary: Accept-Encoding
content-length: 30743
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/DependencyHandler.axd?s=L2Fzc2V0cy9wbHVnaW5zL3NsaWRlb3V0L3NsaWRlb3V0Lm1pbi5qczsvYXNzZXRzL3BsdWdpbnMvZmFuY3lib3gvanF1ZXJ5LmZhbmN5Ym94Lm1pbi5qczs&t=Javascript&cdv=1661344224
52.178.90.230200 OK 24 kB URL HTTP/2 www.youth.no/DependencyHandler.axd?s=L2Fzc2V0cy9wbHVnaW5zL3NsaWRlb3V0L3NsaWRlb3V0Lm1pbi5qczsvYXNzZXRzL3BsdWdpbnMvZmFuY3lib3gvanF1ZXJ5LmZhbmN5Ym94Lm1pbi5qczs&t=Javascript&cdv=1661344224
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (31972), with CRLF line terminators
Hash 1a322359100203f26edb22869cea3e94
f51887fb69211a368f750c6713bb2ba001bbeab0
c5e7a68b997e88e30c3346db5ae8a84180a8fbd65de5b01b2eebb61e48d8f3a9
GET /DependencyHandler.axd?s=L2Fzc2V0cy9wbHVnaW5zL3NsaWRlb3V0L3NsaWRlb3V0Lm1pbi5qczsvYXNzZXRzL3BsdWdpbnMvZmFuY3lib3gvanF1ZXJ5LmZhbmN5Ym94Lm1pbi5qczs&t=Javascript&cdv=1661344224 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 07 Dec 2022 02:24:02 GMT
server: Microsoft-IIS/10.0
cache-control: public, must-revalidate, proxy-revalidate, max-age=164887, s-maxage=164887
content-encoding: gzip
etag: "6376fb9460ebc4ba2d8853bef7bdd4c4"
expires: Fri, 09 Dec 2022 00:12:09 GMT
last-modified: Tue, 29 Nov 2022 00:12:09 GMT
vary: Accept-Encoding
content-length: 24119
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6e08456d224a611c1636a8594e05c34b
7d55c0b1a6c622a0ed9209e230ffa162c8d6167e
a6bb132c6104ce69f1888d090dc470a869a9c551eb5543de527fc134bfd070b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3486
Cache-Control: max-age=144285
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:02 GMT
Etag: "638f7c41-117"
Expires: Thu, 08 Dec 2022 18:28:47 GMT
Last-Modified: Tue, 06 Dec 2022 17:30:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
www.youth.no/DependencyHandler.axd?s=L2Fzc2V0cy9wbHVnaW5zL2Jvb3RzdHJhcC9ib290c3RyYXAuYnVuZGxlLm1pbi5qczsvc2NyaXB0cy9zY3JpcHRzLmpzOy9zY3JpcHRzL2Nvb2tpZWhlbHBlci5qczs&t=Javascript&cdv=1661344224
52.178.90.230200 OK 24 kB URL HTTP/2 www.youth.no/DependencyHandler.axd?s=L2Fzc2V0cy9wbHVnaW5zL2Jvb3RzdHJhcC9ib290c3RyYXAuYnVuZGxlLm1pbi5qczsvc2NyaXB0cy9zY3JpcHRzLmpzOy9zY3JpcHRzL2Nvb2tpZWhlbHBlci5qczs&t=Javascript&cdv=1661344224
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65289), with CRLF line terminators
Hash 6bacc25d4275e276e4db4f9722265549
ed56b19a894200f6b824ff20eab416a57d00a261
a2738c65e366d49e2def0974b5acfb69b6600f1fe5c917db062740a0958bcc89
GET /DependencyHandler.axd?s=L2Fzc2V0cy9wbHVnaW5zL2Jvb3RzdHJhcC9ib290c3RyYXAuYnVuZGxlLm1pbi5qczsvc2NyaXB0cy9zY3JpcHRzLmpzOy9zY3JpcHRzL2Nvb2tpZWhlbHBlci5qczs&t=Javascript&cdv=1661344224 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 07 Dec 2022 02:24:02 GMT
server: Microsoft-IIS/10.0
cache-control: public, must-revalidate, proxy-revalidate, max-age=164841, s-maxage=164841
content-encoding: gzip
etag: "716d4275869f935530a3f52e4c4248d2"
expires: Fri, 09 Dec 2022 00:11:24 GMT
last-modified: Tue, 29 Nov 2022 00:11:24 GMT
vary: Accept-Encoding
content-length: 24549
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6e08456d224a611c1636a8594e05c34b
7d55c0b1a6c622a0ed9209e230ffa162c8d6167e
a6bb132c6104ce69f1888d090dc470a869a9c551eb5543de527fc134bfd070b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3486
Cache-Control: max-age=144285
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:02 GMT
Etag: "638f7c41-117"
Expires: Thu, 08 Dec 2022 18:28:47 GMT
Last-Modified: Tue, 06 Dec 2022 17:30:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
www.youth.no/assets/plugins/font-awesome/css/light.min.css
52.178.90.230200 OK 366 B URL HTTP/2 www.youth.no/assets/plugins/font-awesome/css/light.min.css
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (421), with CRLF line terminators
Hash df4ed21964d6558d5505e6d831c5de54
257926eb16470f89f2113995e76ca6239370d6ee
13736285c48c3edb50378a39ba05ac4117ae846c918e58c0595c81953f2ac4bd
GET /assets/plugins/font-awesome/css/light.min.css HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/?altTemplate=themeCss
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Wed, 07 Dec 2022 02:24:02 GMT
accept-ranges: bytes
content-encoding: gzip
etag: "ace3ba60506ed71:0"
last-modified: Thu, 01 Jul 2021 08:09:13 GMT
vary: Accept-Encoding
content-length: 366
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/ujhmzhho/nets-payment.png?width=192&height=25&mode=max
52.178.90.230200 OK 3.6 kB URL HTTP/2 www.youth.no/media/ujhmzhho/nets-payment.png?width=192&height=25&mode=max
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 192 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash dd0658d687e3cf16403df9cf9c3ea376
853a4cb07ae283cca3bf1fed1abd7890e6cdefb1
14cba50666477be5e471412996bab6b959b354fcf015b5cf571b3f0e32b44831
GET /media/ujhmzhho/nets-payment.png?width=192&height=25&mode=max HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Wed, 07 Dec 2022 02:24:02 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "a6e994bc50d91:0"
expires: Wed, 14 Dec 2022 02:24:02 GMT
last-modified: Fri, 25 Nov 2022 11:58:55 GMT
vary: Accept-Encoding
content-length: 3579
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2bc511c9263f58412b3ce8074cf5a439
a44993ecf9b5c714e536824ebfc18db7c36af32c
737b3ef63ee1f2167b27eec1a514d394ba55d0509bbc310ca8f59a6547e6db3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "737B3EF63EE1F2167B27EEC1A514D394BA55D0509BBC310CA8F59A6547E6DB3A"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4918
Expires: Wed, 07 Dec 2022 03:46:00 GMT
Date: Wed, 07 Dec 2022 02:24:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6e08456d224a611c1636a8594e05c34b
7d55c0b1a6c622a0ed9209e230ffa162c8d6167e
a6bb132c6104ce69f1888d090dc470a869a9c551eb5543de527fc134bfd070b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3486
Cache-Control: max-age=144285
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:02 GMT
Etag: "638f7c41-117"
Expires: Thu, 08 Dec 2022 18:28:47 GMT
Last-Modified: Tue, 06 Dec 2022 17:30:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PQ6PRV3
142.250.74.168200 OK 52 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PQ6PRV3
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (3536)
Hash 548a874f8e2118917d7dc68754d5cbb9
c6fb12a9ddc269fdd886c62d9dc7e8f79cdbdd9a
2074ef5c41a496cfcbf67dd2c883ceecf84dc7fe2f879024b7ccd112c69bddf4
GET /gtm.js?id=GTM-PQ6PRV3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 02:24:02 GMT
expires: Wed, 07 Dec 2022 02:24:02 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youth.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:08:51 GMT
expires: Tue, 05 Dec 2023 21:08:51 GMT
cache-control: public, max-age=31536000
age: 105312
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youth.no/assets/plugins/font-awesome/webfonts/fa-light-300.woff2
52.178.90.230200 OK 190 kB URL HTTP/2 www.youth.no/assets/plugins/font-awesome/webfonts/fa-light-300.woff2
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 190440, version 331.524\012- data
Size 190 kB (190440 bytes)
Hash 68c2f74f76d4236722607d6eeb8b105d
0f2c00f00ee101d7a976241f41c2472fcd373b19
9a8ed4a9ae2e4bf2af86d128b59c0c65e4992b3181e73851ff7d9cdca3833586
GET /assets/plugins/font-awesome/webfonts/fa-light-300.woff2 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.youth.no/assets/plugins/font-awesome/css/light.min.css
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
date: Wed, 07 Dec 2022 02:24:03 GMT
accept-ranges: bytes
etag: "9fc3fb60506ed71:0"
last-modified: Thu, 01 Jul 2021 08:09:13 GMT
content-length: 190440
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFq.woff2
216.58.207.227200 OK 49 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFq.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 48620, version 1.0\012- data
Hash 8b3f45fbebe40f151e3bdadf9062f2c6
d4b9145fb8346c6442cc946bc25da699dd035e0e
4defd36147167542db6c6ac44452d3784f51bf7f124128fe5f4581bbdb8d2ccc
GET /s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFq.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youth.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:30:17 GMT
expires: Tue, 05 Dec 2023 21:30:17 GMT
cache-control: public, max-age=31536000
age: 104026
last-modified: Mon, 18 Jul 2022 19:45:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youth.no/assets/plugins/font-awesome/webfonts/fa-brands-400.woff2
52.178.90.230200 OK 77 kB URL HTTP/2 www.youth.no/assets/plugins/font-awesome/webfonts/fa-brands-400.woff2
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 76636, version 331.524\012- data
Hash a0f6b35c2b55babc93cb9b15791a1d4c
bd5cea4fa49feb29a336ee8623b46f8eb5c235b3
80c7d8d88a91688aa18a1ce39ec33e15ac5e1cad7c7be1c5fa3c403f34f1b53c
GET /assets/plugins/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.youth.no/DependencyHandler.axd?s=L2Nzcy92YXJpYWJsZXMuY3NzOy9hc3NldHMvcGx1Z2lucy9mb250LWF3ZXNvbWUvY3NzL2ZvbnRhd2Vzb21lLm1pbi5jc3M7L2Fzc2V0cy9wbHVnaW5zL2ZvbnQtYXdlc29tZS9jc3MvYnJhbmRzLm1pbi5jc3M7&t=Css&cdv=1661344224
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
date: Wed, 07 Dec 2022 02:24:03 GMT
accept-ranges: bytes
etag: "18d4d460506ed71:0"
last-modified: Thu, 01 Jul 2021 08:09:13 GMT
content-length: 76636
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
188.114.97.1200 OK 1.0 kB URL HTTP/2 popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 252694059c5833001ce4416f790abef7
ef634fb5300ce05c6039c1de901b67c5f8830e08
268c6e00d1cedb2ddbd649511692d9a7e6a1a2e6ea24adf4558000b6d4939f02
GET /serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20= HTTP/1.1
Host: popmyads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://samba.trffclb.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:23:58 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vx%2B3wGzswxsn4WWwggN06NiceZpaRgCg9CjR4LlJICvck0qEwfAWbiDt2Qi6O326ckqMIWLzT0NoWempHg3rDWS0th9P08VWKpsU6du6zHP8RoZyQcTL1g%2FBlzJHMVo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7759cd683a80b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 292f7a7e27623e52527eb0572cda277d
7971975470f4618fa8daac5b9018be0ae1659352
1b7132106a2d027e8dec3cf0f925c824a9c43e5d9b130fa5b715b4650e6c6d63
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Dec 2022 02:24:03 GMT
Etag: "638f6ce3-1d7"
Last-Modified: Wed, 07 Dec 2022 01:07:37 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Mx-U_BIfOm_4smVOEKp_0MDTEWhLe0NT4i1p0Sju87vjVFyG3riVUw==
Age: 4586
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 789c9623402d98db3de4fb01c5ac37f8
e329feb777ee5d3663b25b108a26e83c24ee3d88
fdc1c238f088ff8289b5a6a5e5784bab7bc5b16492485f8295c5343d52425179
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167222
Date: Wed, 07 Dec 2022 02:24:03 GMT
Etag: "638fd20f-1d7"
Expires: Fri, 09 Dec 2022 00:51:05 GMT
Last-Modified: Tue, 06 Dec 2022 23:36:47 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 44TQqUotyYAjmloxVZZbhWGUplqnWcoIFPLDtvHld_2xdWMGmCHr3w==
Age: 4458
www.youth.no/media/41ybgiuj/0001029_xl-hairwax-100ml.jpeg?mode=pad&width=720&height=720&bgcolor=fff&rnd=132503512180500000
52.178.90.230200 OK 71 kB URL HTTP/2 www.youth.no/media/41ybgiuj/0001029_xl-hairwax-100ml.jpeg?mode=pad&width=720&height=720&bgcolor=fff&rnd=132503512180500000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash 369893d530af63dda8be0b0d2ad7a58d
86ea3fc4f79649ba2763d0c2225d7ebcaff64830
49202fc3591fc4c974183183312cefdefb55ca72155cb4c32b988739c4013dc3
GET /media/41ybgiuj/0001029_xl-hairwax-100ml.jpeg?mode=pad&width=720&height=720&bgcolor=fff&rnd=132503512180500000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:03 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "4f818bc747ad81:0"
expires: Wed, 14 Dec 2022 02:24:03 GMT
last-modified: Tue, 07 Jun 2022 13:39:45 GMT
vary: Accept-Encoding
content-length: 71415
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
app.convertbox.com/embed/user?uuid=fa9c157c-3900-46a7-b58b-f715f259272f
54.225.101.94200 OK 20 B URL HTTP/1.1 app.convertbox.com/embed/user?uuid=fa9c157c-3900-46a7-b58b-f715f259272f
IP 54.225.101.94:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /embed/user?uuid=fa9c157c-3900-46a7-b58b-f715f259272f HTTP/1.1
Host: app.convertbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youth.no
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Dec 2022 02:24:03 GMT
Server: nginx/1.20.0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 20
Connection: keep-alive
www.clkmc.com/api/?vid=3769201762&uid=149215&hid=4054389439&cmc_project=youth.no&version=2.36.6&utm_source=kelkoo&utm_medium=cpc&utm_campaign=links&disabled=0&page_url=https%3A%2F%2Fwww.youth.no%2Falle-produkter%2Fstyling%2Fvoks%2Fxl-hairwax-100ml%2F
50.23.124.154200 OK 30 B URL HTTP/1.1 www.clkmc.com/api/?vid=3769201762&uid=149215&hid=4054389439&cmc_project=youth.no&version=2.36.6&utm_source=kelkoo&utm_medium=cpc&utm_campaign=links&disabled=0&page_url=https%3A%2F%2Fwww.youth.no%2Falle-produkter%2Fstyling%2Fvoks%2Fxl-hairwax-100ml%2F
IP 50.23.124.154:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4f8f1363999a27917680fd724a80dfdc
646ddd4890d4c45388f81848fc0fdd655c087d96
e3cac961d76894f2374acd96de4968b1cc161a3a2a50343ce2d653fb169314d7
GET /api/?vid=3769201762&uid=149215&hid=4054389439&cmc_project=youth.no&version=2.36.6&utm_source=kelkoo&utm_medium=cpc&utm_campaign=links&disabled=0&page_url=https%3A%2F%2Fwww.youth.no%2Falle-produkter%2Fstyling%2Fvoks%2Fxl-hairwax-100ml%2F HTTP/1.1
Host: www.clkmc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youth.no
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 02:24:03 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With
P3P: CP="This is not a P3P policy! See http://www.clkmc.com for more info."
Server: nginx
X-Permitted-Cross-Domain-Policies: none
X-CM-FE: httpfe-01.clickmagick.com
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
api.clerk.io/v2/format/list?payload=%7B%22key%22%3A%22Z9nD5ldu4abdwwVfFLgiXdXFWuJToRZ8%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1670379843%7D&callback=__clerk_cb_2
54.93.114.245200 OK 344 B URL HTTP/2 api.clerk.io/v2/format/list?payload=%7B%22key%22%3A%22Z9nD5ldu4abdwwVfFLgiXdXFWuJToRZ8%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1670379843%7D&callback=__clerk_cb_2
IP 54.93.114.245:0
Hash b45b53f0ec9453de343f04ff4c21ecc4
0152e84a3d3af41faa011ab4d7c4bfa55c62c68c
2fae5c763ae9ed4b91e0aba21574746d137437351d01a3103c4801d69b22db36
GET /v2/format/list?payload=%7B%22key%22%3A%22Z9nD5ldu4abdwwVfFLgiXdXFWuJToRZ8%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1670379843%7D&callback=__clerk_cb_2 HTTP/1.1
Host: api.clerk.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:03 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
prism.app-us1.com/?a=610567046&u=https%3A%2F%2Fwww.youth.no%2Falle-produkter%2Fstyling%2Fvoks%2Fxl-hairwax-100ml%2F%3Futm_source%3Dkelkoo%26utm_medium%3Dcpc%26utm_campaign%3Dlinks&r=https%3A%2F%2Fno-go.kelkoogroup.net%2F
104.17.145.91200 OK 1.2 kB URL HTTP/2 prism.app-us1.com/?a=610567046&u=https%3A%2F%2Fwww.youth.no%2Falle-produkter%2Fstyling%2Fvoks%2Fxl-hairwax-100ml%2F%3Futm_source%3Dkelkoo%26utm_medium%3Dcpc%26utm_campaign%3Dlinks&r=https%3A%2F%2Fno-go.kelkoogroup.net%2F
IP 104.17.145.91:0
Hash d2bf15ebe7c9843919c29eaf99ab02ac
35f721b4b479f5da562fe99ca858f3023eeeea0e
ded0706202a28365017d4d9149ad4557460f93e3733560f8d9bac4725145b958
GET /?a=610567046&u=https%3A%2F%2Fwww.youth.no%2Falle-produkter%2Fstyling%2Fvoks%2Fxl-hairwax-100ml%2F%3Futm_source%3Dkelkoo%26utm_medium%3Dcpc%26utm_campaign%3Dlinks&r=https%3A%2F%2Fno-go.kelkoogroup.net%2F HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:03 GMT
content-type: application/javascript
cache-control: no-cache, private
set-cookie: prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa; expires=Fri, 06-Jan-2023 02:24:03 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 54
x-powered-by: PHP/7.4.32
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7759cd85a9a0b4ff-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
polyfill.io/v3/polyfill.min.js?flags=gated%7Calways&rum=true&features=Array.prototype.entries%2CArray.prototype.forEach%2CArray.prototype.includes%2CNodeList.prototype.forEach%2CObject.values%2CPromise%2CString.prototype.includes%2CSymbol%2CSymbol.iterator%2CObject.assign%2CArray.from%2CArray.isArray%2CArray.of%2CArray.prototype.findIndex%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.values%2CString.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2CArray.prototype.find%2CArray.prototype.filter%2CObject.defineProperty%2CObject.defineProperties%2CObject.entries%2CObject.keys
151.101.193.26200 OK 94 B URL HTTP/2 polyfill.io/v3/polyfill.min.js?flags=gated%7Calways&rum=true&features=Array.prototype.entries%2CArray.prototype.forEach%2CArray.prototype.includes%2CNodeList.prototype.forEach%2CObject.values%2CPromise%2CString.prototype.includes%2CSymbol%2CSymbol.iterator%2CObject.assign%2CArray.from%2CArray.isArray%2CArray.of%2CArray.prototype.findIndex%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.values%2CString.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2CArray.prototype.find%2CArray.prototype.filter%2CObject.defineProperty%2CObject.defineProperties%2CObject.entries%2CObject.keys
IP 151.101.193.26:0
Hash eb8b0ba88b3acfb11ea81d5c02be9108
4b7f14cc2db25abdbe25472934b7469b2488f9d4
7237f15a97fe102c6ed13eadc0f7980da03cd06a20dfb7c7b8050e60dada617d
GET /v3/polyfill.min.js?flags=gated%7Calways&rum=true&features=Array.prototype.entries%2CArray.prototype.forEach%2CArray.prototype.includes%2CNodeList.prototype.forEach%2CObject.values%2CPromise%2CString.prototype.includes%2CSymbol%2CSymbol.iterator%2CObject.assign%2CArray.from%2CArray.isArray%2CArray.of%2CArray.prototype.findIndex%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.values%2CString.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2CArray.prototype.find%2CArray.prototype.filter%2CObject.defineProperty%2CObject.defineProperties%2CObject.entries%2CObject.keys HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=utf-8
last-modified: Thu, 01 Dec 2022 17:21:01 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/105.0.0
date: Wed, 07 Dec 2022 02:24:03 GMT
vary: User-Agent, Accept-Encoding
server-timing: cache-bma1680, PASS, fastly;desc="Edge time";dur=11
content-length: 94
X-Firefox-Spdy: h2
cdn.convertbox.com//convertbox/js/embed-core.js?id=51cd32bcecc7671a860a
194.242.11.186200 OK 140 kB URL HTTP/2 cdn.convertbox.com//convertbox/js/embed-core.js?id=51cd32bcecc7671a860a
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (65509), with no line terminators
Size 140 kB (140502 bytes)
Hash cd7104a6d7e06f2c506f8fccf2d691ba
9447ff78396793c1430bfb9eba13fad21bd19353
cd32f454cdbb0002634bcee46f80e995ccb131558bbf84564031af658715255b
GET //convertbox/js/embed-core.js?id=51cd32bcecc7671a860a HTTP/1.1
Host: cdn.convertbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:03 GMT
content-type: application/javascript; charset=utf-8
server: BunnyCDN-NO1-830
cdn-pullzone: 53020
cdn-uid: 0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"62d48ac0-81cb8"
last-modified: Sun, 17 Jul 2022 22:18:40 GMT
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/14/2022 14:32:23
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 3731514c47acb9177476c18687ebc4d3
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
trackcmp.net/t_prism_sitemessages.php?trackid=610567046&prismid=667e4a34-60f2-4080-8581-f2877586e3fa&url=https%3A%2F%2Fwww.youth.no%2Falle-produkter%2Fstyling%2Fvoks%2Fxl-hairwax-100ml%2F%3Futm_source%3Dkelkoo%26utm_medium%3Dcpc%26utm_campaign%3Dlinks
104.18.42.105200 OK 0 B URL HTTP/2 trackcmp.net/t_prism_sitemessages.php?trackid=610567046&prismid=667e4a34-60f2-4080-8581-f2877586e3fa&url=https%3A%2F%2Fwww.youth.no%2Falle-produkter%2Fstyling%2Fvoks%2Fxl-hairwax-100ml%2F%3Futm_source%3Dkelkoo%26utm_medium%3Dcpc%26utm_campaign%3Dlinks
IP 104.18.42.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t_prism_sitemessages.php?trackid=610567046&prismid=667e4a34-60f2-4080-8581-f2877586e3fa&url=https%3A%2F%2Fwww.youth.no%2Falle-produkter%2Fstyling%2Fvoks%2Fxl-hairwax-100ml%2F%3Futm_source%3Dkelkoo%26utm_medium%3Dcpc%26utm_campaign%3Dlinks HTTP/1.1
Host: trackcmp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:04 GMT
content-type: text/javascript;charset=UTF-8
content-length: 0
x-powered-by: PHP/7.1.33
cache-control: no-cache, private
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7759cd871adf0b02-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1e181f9ed09fb72bf80535f26ad7b91a
df966a15abb5b870e71527d73592f7d977011eb2
741e73d12b0fa5e76d9b4a78e8e70dbe307e059a0018aca245da0db44c5a5958
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-JB001ERLBJ&cid=2007763247.1670379843>m=2oebu0&aip=1
108.177.14.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-JB001ERLBJ&cid=2007763247.1670379843>m=2oebu0&aip=1
IP 108.177.14.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-JB001ERLBJ&cid=2007763247.1670379843>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youth.no
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.youth.no
date: Wed, 07 Dec 2022 02:24:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youth.no/media/tw0cp1tt/0001590_neccin-deo-sensitive-75ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503465797130000
52.178.90.230200 OK 17 kB URL HTTP/2 www.youth.no/media/tw0cp1tt/0001590_neccin-deo-sensitive-75ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503465797130000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash b205ff75a0ad7f21164bc8cdb7a27f10
5fa128b8114b9e7dce841e69a854e6fa75b693a9
0a1480699ca986754a72e67bed25ab0ab15ce71ea26c5829b0ef8497eb572d03
GET /media/tw0cp1tt/0001590_neccin-deo-sensitive-75ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503465797130000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "aca691e3253dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 13:16:34 GMT
vary: Accept-Encoding
content-length: 17268
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/3cdjvpaq/0001047_xl-volumshampoo-400ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503514080670000
52.178.90.230200 OK 16 kB URL HTTP/2 www.youth.no/media/3cdjvpaq/0001047_xl-volumshampoo-400ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503514080670000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 3fb6bcddec70699ca724fd83a03d6d5a
1a09ec5e647a77dd18bac27dc804ea8d9e802937
994fc5776786fb4609786f26f22c0491c82bfaef37723d194832585902dafdca
GET /media/3cdjvpaq/0001047_xl-volumshampoo-400ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503514080670000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "e6b925e23a3dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 15:46:51 GMT
vary: Accept-Encoding
content-length: 15953
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/nyadalqu/0001054_xl-creative-stone-wax.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503511180300000
52.178.90.230200 OK 35 kB URL HTTP/2 www.youth.no/media/nyadalqu/0001054_xl-creative-stone-wax.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503511180300000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 4792b0dedce7e008737df33902c289db
6b5e28a90c99ba52910e25bb1fd0b32d09e71737
1608e63943a52c66fdd4526e1158c46653557cb9cd92f77f0f4dff9b255c6c16
GET /media/nyadalqu/0001054_xl-creative-stone-wax.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503511180300000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:03 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "7c6313bd253dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 13:15:30 GMT
vary: Accept-Encoding
content-length: 35228
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/q1xl3thu/0000268_crush-gum-flex-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132505952382070000
52.178.90.230200 OK 32 kB URL HTTP/2 www.youth.no/media/q1xl3thu/0000268_crush-gum-flex-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132505952382070000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 31a39faa714fdd6200718330e904665c
5dfa9eb7b2fb2a7b8fadc881206d2a66d586ecd4
19c505fa1ffb8ad8912ebab2352290211d7d677c48e956742b0dd558d7183c95
GET /media/q1xl3thu/0000268_crush-gum-flex-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132505952382070000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "3ca434ca383dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 15:31:52 GMT
vary: Accept-Encoding
content-length: 32494
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/czoldobe/0001567_baruffaldi-wax-ultra-shine-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503430047030000
52.178.90.230200 OK 29 kB URL HTTP/2 www.youth.no/media/czoldobe/0001567_baruffaldi-wax-ultra-shine-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503430047030000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 3de358292e41c6d4c83f8fe9592d4ca0
397b20d85e7b9176d89a2b699f53dc69978d34c0
bea74ce939d1099fb12148feaffc96158792c0e1cfb5e23b7980c46443ea6a8c
GET /media/czoldobe/0001567_baruffaldi-wax-ultra-shine-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503430047030000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "17cdc42140d81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Fri, 25 Mar 2022 08:19:16 GMT
vary: Accept-Encoding
content-length: 29273
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/zg4iyxy0/0000290_crush-sand-texture-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503438922530000
52.178.90.230200 OK 34 kB URL HTTP/2 www.youth.no/media/zg4iyxy0/0000290_crush-sand-texture-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503438922530000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 3fe6b327192ad6dceab7c2e53863e208
eadcb6215fd0318a84aaee0505d72f0569bb79bc
312eb0e023f4072b810dbd013c88222555656a673826849896d54615265e9977
GET /media/zg4iyxy0/0000290_crush-sand-texture-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503438922530000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "a7ccacca383dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 15:31:53 GMT
vary: Accept-Encoding
content-length: 33652
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/fooe1hh1/0001032_xl-megaskum-300ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503512530000000
52.178.90.230200 OK 14 kB URL HTTP/2 www.youth.no/media/fooe1hh1/0001032_xl-megaskum-300ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503512530000000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash b9f65320bd4c2b96e9e64a6dd00a7b00
e59d09a21c9dbe102130321c0d189a208c754a7e
483ce30b753c1469a21aff544ec80257d283bde53286f5df80b65def7bbe60e5
GET /media/fooe1hh1/0001032_xl-megaskum-300ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503512530000000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "70731fb9253dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 13:15:23 GMT
vary: Accept-Encoding
content-length: 14511
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/ajrftbef/0001048_xl-volumskum-300ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503514189530000
52.178.90.230200 OK 14 kB URL HTTP/2 www.youth.no/media/ajrftbef/0001048_xl-volumskum-300ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503514189530000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash bdb0877f12dd66e42e94725541efffae
1b65109db61dcd83cae27ff11812745d3502cf78
1beb1573ab47b45833696b8ddcaf3ceb4618955b94ed644ffd809da750afa97d
GET /media/ajrftbef/0001048_xl-volumskum-300ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503514189530000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "7a789986ec3dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Tue, 22 Mar 2022 12:58:28 GMT
vary: Accept-Encoding
content-length: 13733
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/5fqlvhqo/0001124_baruffaldi-bio-shower-shampoo-400ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503427222270000
52.178.90.230200 OK 29 kB URL HTTP/2 www.youth.no/media/5fqlvhqo/0001124_baruffaldi-bio-shower-shampoo-400ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503427222270000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d4091fa049b9f8331d1812d83a5cdd20
cea234d07170677369340f79defd5d9c7486e0e1
ebffa0ecb107c070228510069b4754147ae7d88aa40a0abc6ded61d9a3428ad2
GET /media/5fqlvhqo/0001124_baruffaldi-bio-shower-shampoo-400ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503427222270000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "20a0a846343dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 14:59:34 GMT
vary: Accept-Encoding
content-length: 29349
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/qmob1tli/0000436_falengreen-hair-spray-17-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503443401570000
52.178.90.230200 OK 13 kB URL HTTP/2 www.youth.no/media/qmob1tli/0000436_falengreen-hair-spray-17-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503443401570000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash eb0f3057818a71fb6e0d8024ef009ab2
3302173fcc8df62387cbfa92ae45f2220bca4283
a7a381c727d6b8ad7502a4689eb9525ff0bcd62bbaccfd2189e953c89312fe17
GET /media/qmob1tli/0000436_falengreen-hair-spray-17-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503443401570000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "5e73d0baca3dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Tue, 22 Mar 2022 08:56:33 GMT
vary: Accept-Encoding
content-length: 13097
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/s4gfmbcm/0000283_crush-paste-matte-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503438252130000
52.178.90.230200 OK 32 kB URL HTTP/2 www.youth.no/media/s4gfmbcm/0000283_crush-paste-matte-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503438252130000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 1fdf03a29298ec978b2fe74757e2b38f
2aa360fc64a5ce37280da56612c34b4af75930a7
3c51db7d69768edd6e43973514219f5b189db52f73b30deebf110f042830c599
GET /media/s4gfmbcm/0000283_crush-paste-matte-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503438252130000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "de38ebbb253dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 13:15:28 GMT
vary: Accept-Encoding
content-length: 32034
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/dmdmgole/0001033_xl-power-paste-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503512646870000
52.178.90.230200 OK 42 kB URL HTTP/2 www.youth.no/media/dmdmgole/0001033_xl-power-paste-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503512646870000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c9f6d67279a93cad4c2fb1518da53448
8a6941f4e56fa5bac3ecd25263de793252ef8fed
c3181d729d89a3e61cea7471210b163b0bb9ac9476e4231552741842a4455e51
GET /media/dmdmgole/0001033_xl-power-paste-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503512646870000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "eaf8ea30ed3dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Tue, 22 Mar 2022 13:03:14 GMT
vary: Accept-Encoding
content-length: 42499
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1e181f9ed09fb72bf80535f26ad7b91a
df966a15abb5b870e71527d73592f7d977011eb2
741e73d12b0fa5e76d9b4a78e8e70dbe307e059a0018aca245da0db44c5a5958
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youth.no/media/fismxn4z/ind_texture_fibermold_85ml__highres_rgb.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132781581296800000
52.178.90.230200 OK 24 kB URL HTTP/2 www.youth.no/media/fismxn4z/ind_texture_fibermold_85ml__highres_rgb.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132781581296800000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 7e117b4460bb2a97c9ca11132bbe762e
ba13f38b221ba5f0b0527dc13a1719a8bcf86ac9
f3031d525922e2ccec17368c38fd83592312ae146d247bdf7061ef8d2b095436
GET /media/fismxn4z/ind_texture_fibermold_85ml__highres_rgb.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132781581296800000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "d81f8db9253dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 13:15:24 GMT
vary: Accept-Encoding
content-length: 23699
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/lfmf2ozs/7331162504208.jpg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132569236909830000
52.178.90.230200 OK 18 kB URL HTTP/2 www.youth.no/media/lfmf2ozs/7331162504208.jpg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132569236909830000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 01402a25c2d32b35f6584dd19541942a
7258bd3e74acb4cc646e556c9db483b9bd871c21
65cac3603d2412c9a5374dbf8958eca2277df07d305b3334099f04956d4ae32c
GET /media/lfmf2ozs/7331162504208.jpg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132569236909830000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "ab7881c7383dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 15:31:48 GMT
vary: Accept-Encoding
content-length: 17768
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/fchoosxg/0001024_xl-hairgel-200ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503511615200000
52.178.90.230200 OK 19 kB URL HTTP/2 www.youth.no/media/fchoosxg/0001024_xl-hairgel-200ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503511615200000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash e4f317fc004c3c12b366ace7eaa8adb9
bd63c0f224e2db915ebebfc11d569d086b3b0ca1
1ac33bb862154be4bfb13883a9ca21371f7e00b36c8c2d428f51bf010d814d5e
GET /media/fchoosxg/0001024_xl-hairgel-200ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503511615200000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "883a24b9253dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 13:15:23 GMT
vary: Accept-Encoding
content-length: 18909
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/t2zk4a4j/0001551_falengreen-wax-no15-75ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503444937300000
52.178.90.230200 OK 46 kB URL HTTP/2 www.youth.no/media/t2zk4a4j/0001551_falengreen-wax-no15-75ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503444937300000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash cdc5a15286b6cd2e08cf464246c2a77c
52ecbac5dc8700e7533ab9a888fcf98b161fa4e9
b3f9ee78a8b804531ea12a444774217201079a3108acf4442d8a65eb9ee6366f
GET /media/t2zk4a4j/0001551_falengreen-wax-no15-75ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503444937300000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "ea1db8b9253dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 13:15:24 GMT
vary: Accept-Encoding
content-length: 45794
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/cjhmlbed/0000197_baruffaldi-ultra-matt-wax-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503429740070000
52.178.90.230200 OK 47 kB URL HTTP/2 www.youth.no/media/cjhmlbed/0000197_baruffaldi-ultra-matt-wax-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503429740070000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash e0b341cef8537fde1d62a77d9522497c
c8a20f2a9eeb3b4a536033935596990fc4fed91b
1c1dc85325f29b0c8863ae6ad9f1f30007459acb39b2b08099914e26545a484e
GET /media/cjhmlbed/0000197_baruffaldi-ultra-matt-wax-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503429740070000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "7670b0ba253dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 13:15:26 GMT
vary: Accept-Encoding
content-length: 47420
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
cdn.convertbox.com//static/css/bars-preview.css?id=6789be6de4d3502c1bae
194.242.11.186200 OK 18 kB URL HTTP/2 cdn.convertbox.com//static/css/bars-preview.css?id=6789be6de4d3502c1bae
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (65536), with no line terminators
Hash 36707e3c91c3918ae96ef3aa1843a118
0eff865d80d6c90866c7c33d642b901751f9fff7
34293dd187f9eb33ec40c109c96051e3c06db83073d498b8e2e4b5dd798b3933
GET //static/css/bars-preview.css?id=6789be6de4d3502c1bae HTTP/1.1
Host: cdn.convertbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:04 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 53020
cdn-uid: 0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"6388404b-1c694"
last-modified: Thu, 01 Dec 2022 05:48:59 GMT
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/07/2022 00:35:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ba593280711f8d5e1e229e0dd50fef26
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.youth.no/media/vwyjoczg/0001523_act-now-matte-wax-85ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503416847330000
52.178.90.230200 OK 20 kB URL HTTP/2 www.youth.no/media/vwyjoczg/0001523_act-now-matte-wax-85ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503416847330000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 5f4c40d4e00f3bc22458da24c50ac081
9ba5649617b2c96a63155c3470f5b961285a7074
5a7a9f6e16255675c34fee848b703c28e1d23f07e134cf647f1de0e43e5555f1
GET /media/vwyjoczg/0001523_act-now-matte-wax-85ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503416847330000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "aa1fe0ba253dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 13:15:26 GMT
vary: Accept-Encoding
content-length: 19542
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/wljphaxm/0001046_xl-volumshampoo-1000ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503513968700000
52.178.90.230200 OK 14 kB URL HTTP/2 www.youth.no/media/wljphaxm/0001046_xl-volumshampoo-1000ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503513968700000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c22621f779b67839e8221141e2846050
11af1208c7d2353b7f704aca2473aef5e01af7e4
8c370af905c6c248f595b8f1f75eac0c9f3772f66976b8a17005c37c2e93ec9d
GET /media/wljphaxm/0001046_xl-volumshampoo-1000ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503513968700000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "56f3cb9253dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 13:15:23 GMT
vary: Accept-Encoding
content-length: 14312
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b2d3425e62499774aafdd87da687365
e0083196d57c32237e3c0c18522042400556ae10
3734806d69df854a7c6ddfda3374c1c484411a937fcd3904e988e0b9932e946b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3734806D69DF854A7C6DDFDA3374C1C484411A937FCD3904E988E0B9932E946B"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4887
Expires: Wed, 07 Dec 2022 03:45:31 GMT
Date: Wed, 07 Dec 2022 02:24:04 GMT
Connection: keep-alive
www.youth.no/media/cm0avmv3/0000291_crush-wax-shape-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503439214900000
52.178.90.230200 OK 30 kB URL HTTP/2 www.youth.no/media/cm0avmv3/0000291_crush-wax-shape-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503439214900000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash b42faeb295220c8f4b478b3006fab4f9
47c5725e201b857c4c71253677881b443d0265bc
40b8448b08ee28399831cef3aa96cf072c3e0cca6530dab3df3dbda62113001d
GET /media/cm0avmv3/0000291_crush-wax-shape-100ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503439214900000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "bac013bc253dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 13:15:28 GMT
vary: Accept-Encoding
content-length: 29475
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youth.no/media/oifbnt1g/0000740_neccin-2-dandruff-protector-shampoo-250ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503465099200000
52.178.90.230200 OK 14 kB URL HTTP/2 www.youth.no/media/oifbnt1g/0000740_neccin-2-dandruff-protector-shampoo-250ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503465099200000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 9c56c03310b8df73255bae363ea691d6
e5ef2344dc201c7e34ea3f627187c7daa61d2163
4a5ad1526c52c8e2a5caa1dbab49929f95ac5e71d41919d687f3b55d02c52985
GET /media/oifbnt1g/0000740_neccin-2-dandruff-protector-shampoo-250ml.jpeg?mode=pad&width=500&height=500&bgcolor=fff&rnd=132503465099200000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "3b797c5253dd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Mon, 21 Mar 2022 13:15:43 GMT
vary: Accept-Encoding
content-length: 14116
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 07 Dec 2022 00:41:08 GMT
expires: Wed, 07 Dec 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 6176
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youth.no/media/fxcl0e51/favicon-32x32.png?anchor=center&mode=crop&width=16&height=16&rnd=132497285881070000
52.178.90.230200 OK 574 B URL HTTP/2 www.youth.no/media/fxcl0e51/favicon-32x32.png?anchor=center&mode=crop&width=16&height=16&rnd=132497285881070000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 115efea0ad7a51e3690cf795710c405c
9d6b95035e9010c514d8dc1887ef7e297ad33a35
a9031e14d5ea007473246a67b64c68a04643216855eae1fa1728c5d4519aba99
GET /media/fxcl0e51/favicon-32x32.png?anchor=center&mode=crop&width=16&height=16&rnd=132497285881070000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "c3c7c14411fdd81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Sun, 20 Nov 2022 18:52:41 GMT
vary: Accept-Encoding
content-length: 574
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5753
Cache-Control: max-age=129663
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:04 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 14:25:07 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
fonts.bunny.net/raleway/files/raleway-latin-400-normal.woff2
194.242.11.186200 OK 21 kB URL HTTP/2 fonts.bunny.net/raleway/files/raleway-latin-400-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 21264, version 1.0\012- data
Hash 65fd804f91c799cc26b01c5cc338aa07
08917d8f018ed77b0a42f18d7ccf044d46d5b670
8b70efc57dd27f773ed2d4ea3bac776caf346124c36fd73cba96176de33d7ec3
GET /raleway/files/raleway-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youth.no
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:04 GMT
content-type: font/woff2
content-length: 21264
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "62a3dda5-5310"
last-modified: Sat, 11 Jun 2022 00:11:17 GMT
cdn-storageserver: SE-318
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/24/2022 19:29:15
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a3b1c167de5be94d16fb494ac29deabf
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JB001ERLBJ&cid=2007763247.1670379843>m=2oebu0&aip=1&z=2123049063
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JB001ERLBJ&cid=2007763247.1670379843>m=2oebu0&aip=1&z=2123049063
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JB001ERLBJ&cid=2007763247.1670379843>m=2oebu0&aip=1&z=2123049063 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 02:24:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youth.no/media/fxcl0e51/favicon-32x32.png?anchor=center&mode=crop&width=180&height=180&rnd=132497285881070000
52.178.90.230200 OK 24 kB URL HTTP/2 www.youth.no/media/fxcl0e51/favicon-32x32.png?anchor=center&mode=crop&width=180&height=180&rnd=132497285881070000
IP 52.178.90.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d69bfa1a7769a5f050b3fc8ff809dac
095cc8f4d2c7c546d2473f626017dfde27a1553b
522bfa7d4f16eaccd20162c8110229130d415884982785ab6396490a58fbeb80
GET /media/fxcl0e51/favicon-32x32.png?anchor=center&mode=crop&width=180&height=180&rnd=132497285881070000 HTTP/1.1
Host: www.youth.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/alle-produkter/styling/voks/xl-hairwax-100ml/?utm_source=kelkoo&utm_medium=cpc&utm_campaign=links
Cookie: vendr-4448408b-3bd1-4e48-9050-65bff7f1d53e=; cmc_vid=cmc3769201762; _gcl_au=1.1.1626620859.1670379843; shopPriceFormat=0; _ga_JB001ERLBJ=GS1.1.1670379843.1.0.1670379843.60.0.0; _ga=GA1.1.2007763247.1670379843; prism_610567046=667e4a34-60f2-4080-8581-f2877586e3fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Wed, 07 Dec 2022 02:24:04 GMT
accept-ranges: bytes
cache-control: public, immutable, max-age=604800
etag: "4fcd79d2797ad81:0"
expires: Wed, 14 Dec 2022 02:24:04 GMT
last-modified: Tue, 07 Jun 2022 14:21:04 GMT
vary: Accept-Encoding
content-length: 24268
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: a49LdrdE0ZypWo1VqCn+U0mpTkGZykurQ8MV9RJhay1R4T4AfWvxkkax1uGsU4qUholyFhfz/OGATnGQZ/kT1w==
content-length: 27340
x-fb-trip-id: 1679558926
date: Wed, 07 Dec 2022 02:24:04 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5753
Cache-Control: max-age=129663
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:04 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 14:25:07 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-78245679-5&cid=2007763247.1670379843&jid=687534223&_u=YADAAEAAAAAAACAAI~&z=393725430
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-78245679-5&cid=2007763247.1670379843&jid=687534223&_u=YADAAEAAAAAAACAAI~&z=393725430
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-78245679-5&cid=2007763247.1670379843&jid=687534223&_u=YADAAEAAAAAAACAAI~&z=393725430 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 02:24:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.clerk.io/v2/log/pageview?payload=%7B%22key%22%3A%22Z9nD5ldu4abdwwVfFLgiXdXFWuJToRZ8%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1670379844%7D&callback=__clerk_cb_3
54.93.114.245200 OK 50 B URL HTTP/2 api.clerk.io/v2/log/pageview?payload=%7B%22key%22%3A%22Z9nD5ldu4abdwwVfFLgiXdXFWuJToRZ8%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1670379844%7D&callback=__clerk_cb_3
IP 54.93.114.245:0
File type ASCII text, with no line terminators
Hash 28d292f388b6e88487431a2afa5dc9af
881ddbe4eb65df4725d5007aa709ccacad33c3ba
d3214f36967051007d6ab88290b842266ef48bd66c9d08343cab326b3566a111
GET /v2/log/pageview?payload=%7B%22key%22%3A%22Z9nD5ldu4abdwwVfFLgiXdXFWuJToRZ8%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1670379844%7D&callback=__clerk_cb_3 HTTP/1.1
Host: api.clerk.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:04 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=1A9B6E0FC84B402E89BF802831BB6422&RedC=c.clarity.ms&MXFR=0E015E5E4A4D610314444C2D4E4D6FBF
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=1A9B6E0FC84B402E89BF802831BB6422&RedC=c.clarity.ms&MXFR=0E015E5E4A4D610314444C2D4E4D6FBF
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=1A9B6E0FC84B402E89BF802831BB6422&RedC=c.clarity.ms&MXFR=0E015E5E4A4D610314444C2D4E4D6FBF HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youth.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=1A9B6E0FC84B402E89BF802831BB6422&MUID=2ED8EB84E89366983A0DF9F7E9C4672D
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=2ED8EB84E89366983A0DF9F7E9C4672D; domain=c.bing.com; expires=Mon, 01-Jan-2024 02:24:05 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D33B10E648284BFCB2BE90988112B8C4 Ref B: OSL30EDGE0406 Ref C: 2022-12-07T02:24:05Z
date: Wed, 07 Dec 2022 02:24:04 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=1A9B6E0FC84B402E89BF802831BB6422&MUID=2ED8EB84E89366983A0DF9F7E9C4672D
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=1A9B6E0FC84B402E89BF802831BB6422&MUID=2ED8EB84E89366983A0DF9F7E9C4672D
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=1A9B6E0FC84B402E89BF802831BB6422&MUID=2ED8EB84E89366983A0DF9F7E9C4672D HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youth.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 07-Dec-2022 02:34:05 GMT; path=/; SameSite=None; Secure;
date: Wed, 07 Dec 2022 02:24:04 GMT
content-length: 42
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.213.53200 OK 105 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (55029)
Size 105 kB (105092 bytes)
Hash 63315463ea3fb8a81098263126d1b596
beb210eea02b34a8a5937d86c5ac083890de3948
9c83b1253273f30953dce8cac01b937d7753292fef70bf1e2606d15c9f6d8ce3
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9082948124e4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0C2yPYwAAAADbDkcRdvRjSJJE8S+F2lXyQU1TMDRFREdFMTkwNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0RPmPYwAAAABmP1GmMRXgQJTRCQrYLvtzU1ZHMjBFREdFMDUwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 07 Dec 2022 02:24:04 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/
157.240.200.35200 OK 0 B IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /tr/ HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------16215807412330691098337193576
Content-Length: 5674
Origin: https://www.youth.no
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: https://www.youth.no
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 07 Dec 2022 02:24:05 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 189826
Origin: https://www.youth.no
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.youth.no
access-control-allow-credentials: true
date: Wed, 07 Dec 2022 02:24:04 GMT
X-Firefox-Spdy: h2
diffuser-cdn.app-us1.com/diffuser/diffuser.js
104.17.145.91200 OK 0 B URL HTTP/2 diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP 104.17.145.91:0
GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:03 GMT
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
etag: W/"4d482a43613d3966f353ec9d97452e0c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: LYgb7O-05A19YisedsHdW7Gqa3Bw46pjlPKvIkZSVBpaULKohYEzzQ==
cf-cache-status: HIT
age: 88
server: cloudflare
cf-ray: 7759cd84a8fcb4ff-OSL
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/toastify-js
104.16.87.20200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/toastify-js
IP 104.16.87.20:0
GET /npm/toastify-js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:02 GMT
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.12.0
x-jsd-version-type: version
etag: W/"1a78-gnILcfEIGOTS9BOxr62w14J/AJM"
x-served-by: cache-fra19154-FRA, cache-itm18844-ITM
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 23427
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p75vnqhiPcTWhnhsCmsuTH1cP3%2F%2BZ9ki%2BHplEl5Mdi5YCIgkSvp%2Bx1uixxh23GiRYRbubYk90t00Iejpanv5SoxJL%2FxvYbnjbw4%2F8W6dxXcctF7mep3ZfQfGzqP6vdPe7rg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7759cd825cd5b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.clerk.io/v2/?payload=%7B%22products%22%3A%5B%222b3945f8-f484-420d-9e1e-7f410a8de8c1%22%5D%2C%22clerk-content-id%22%3A3%2C%22template%22%3A%22product-page-alternatives%22%2C%22key%22%3A%22Z9nD5ldu4abdwwVfFLgiXdXFWuJToRZ8%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1670379843%7D&callback=__clerk_cb_0
54.93.114.245200 OK 0 B URL HTTP/2 api.clerk.io/v2/?payload=%7B%22products%22%3A%5B%222b3945f8-f484-420d-9e1e-7f410a8de8c1%22%5D%2C%22clerk-content-id%22%3A3%2C%22template%22%3A%22product-page-alternatives%22%2C%22key%22%3A%22Z9nD5ldu4abdwwVfFLgiXdXFWuJToRZ8%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1670379843%7D&callback=__clerk_cb_0
IP 54.93.114.245:0
GET /v2/?payload=%7B%22products%22%3A%5B%222b3945f8-f484-420d-9e1e-7f410a8de8c1%22%5D%2C%22clerk-content-id%22%3A3%2C%22template%22%3A%22product-page-alternatives%22%2C%22key%22%3A%22Z9nD5ldu4abdwwVfFLgiXdXFWuJToRZ8%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1670379843%7D&callback=__clerk_cb_0 HTTP/1.1
Host: api.clerk.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:03 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
www.clarity.ms/tag/eo0g001zw3?ref=gtm2
13.107.213.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/eo0g001zw3?ref=gtm2
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/eo0g001zw3?ref=gtm2 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=a52a6f0d70724edb8bec336e822f4ffe.20221207.20231207; expires=Thu, 07 Dec 2023 02:24:04 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
x-cache: CONFIG_NOCACHE
x-azure-ref: 0RPmPYwAAAAC5qu+fXyPcQ7xAsDqzf4APU1ZHMjBFREdFMDUwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 07 Dec 2022 02:24:04 GMT
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/toastify-js/src/toastify.min.css
104.16.87.20200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/toastify-js/src/toastify.min.css
IP 104.16.87.20:0
GET /npm/toastify-js/src/toastify.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:02 GMT
content-type: text/css; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.12.0
x-jsd-version-type: version
etag: W/"5f3-Gduk9jjIOe//5URKHgjXkQF9pPA"
x-served-by: cache-fra19168-FRA, cache-iad-kiad7000034-IAD
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 19065
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cx8hP1iY8aDHlW7kK00O10fyyzPHpCY3dSLMCtOODsLvQxcCoMm4EHHJNL%2Fu1IiZm5cglfJ3ijx4rX2uN7bHZVAaindX4XWJc4cCok23jA%2BIwZ4N8ztDAYFnYuLClXJWDUk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7759cd827cdeb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.convertbox.com/convertbox/js/embed.js
194.242.11.186200 OK 0 B URL HTTP/2 cdn.convertbox.com/convertbox/js/embed.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /convertbox/js/embed.js HTTP/1.1
Host: cdn.convertbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:02 GMT
content-type: application/javascript; charset=utf-8
server: BunnyCDN-NO1-830
cdn-pullzone: 53020
cdn-uid: 0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"638838fe-bff"
last-modified: Thu, 01 Dec 2022 05:17:50 GMT
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2022 05:32:17
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 431153c002f5cc64cd6a7c02ac5f7baa
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.clerk.io/clerk.js
52.29.221.108200 OK 0 B IP 52.29.221.108:0
GET /clerk.js HTTP/1.1
Host: cdn.clerk.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:03 GMT
content-type: application/javascript
server: nginx
last-modified: Tue, 06 Dec 2022 11:47:51 GMT
vary: Accept-Encoding
etag: W/"638f2be7-16375"
expires: Wed, 07 Dec 2022 03:24:03 GMT
cache-control: max-age=3600
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu
194.242.11.186200 OK 0 B URL HTTP/2 fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.convertbox.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Wed, 07 Dec 2022 00:35:08 GMT
x-do-app-origin: 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/07/2022 00:35:08
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 62139270f466511131e5be981b4012fb
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/jquery.validate.min.js
104.17.25.14200 OK 0 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/jquery.validate.min.js
IP 104.17.25.14:0
GET /ajax/libs/jquery-validate/1.19.1/jquery.validate.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youth.no
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 6929
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-5f38"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 465425
expires: Mon, 27 Nov 2023 02:24:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGiPD80YJ6HcN8zARqi5aLqlU0CMDFZkwArrRK5WPpFcHMhKuhesAGs6voLl7J32C0vEsCoWp4LE6l1L5ZoIdxnc5FWjcZxK2v48SxtnrI87YoVjix7C8BFW77J5HVlKy9%2BWappX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7759cd81fd82b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:500,500i,600,600i&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway:500,500i,600,600i&display=swap
IP 142.250.74.106:0
GET /css?family=Raleway:500,500i,600,600i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 02:24:03 GMT
date: Wed, 07 Dec 2022 02:24:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.clerk.io/v2/?payload=%7B%22products%22%3A%5B%222b3945f8-f484-420d-9e1e-7f410a8de8c1%22%5D%2C%22clerk-content-id%22%3A4%2C%22template%22%3A%22product-page-others-also-bought%22%2C%22key%22%3A%22Z9nD5ldu4abdwwVfFLgiXdXFWuJToRZ8%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1670379843%7D&callback=__clerk_cb_1
54.93.114.245200 OK 0 B URL HTTP/2 api.clerk.io/v2/?payload=%7B%22products%22%3A%5B%222b3945f8-f484-420d-9e1e-7f410a8de8c1%22%5D%2C%22clerk-content-id%22%3A4%2C%22template%22%3A%22product-page-others-also-bought%22%2C%22key%22%3A%22Z9nD5ldu4abdwwVfFLgiXdXFWuJToRZ8%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1670379843%7D&callback=__clerk_cb_1
IP 54.93.114.245:0
GET /v2/?payload=%7B%22products%22%3A%5B%222b3945f8-f484-420d-9e1e-7f410a8de8c1%22%5D%2C%22clerk-content-id%22%3A4%2C%22template%22%3A%22product-page-others-also-bought%22%2C%22key%22%3A%22Z9nD5ldu4abdwwVfFLgiXdXFWuJToRZ8%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1670379843%7D&callback=__clerk_cb_1 HTTP/1.1
Host: api.clerk.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youth.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 02:24:03 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2