r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6705
Expires: Thu, 24 Nov 2022 21:04:30 GMT
Date: Thu, 24 Nov 2022 19:12:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2890
Expires: Thu, 24 Nov 2022 20:00:55 GMT
Date: Thu, 24 Nov 2022 19:12:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2021
Cache-Control: max-age=143527
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:45 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:04:52 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wOJzBQHsBe1TVF6dWqviI0nRb97tqHuSqimoOAu8LnPnL1VdaNnsHl5D6yp8uD7s9cihHbtt93c=
x-amz-request-id: SQ52B5V31NXETVRW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 18:40:30 GMT
age: 1935
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 18:18:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3226
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:12:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mkkuei4kdsz.com/15/458.html
64.225.91.73200 OK 329 B URL HTTP/1.1 mkkuei4kdsz.com/15/458.html
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /15/458.html HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 24 Nov 2022 19:12:45 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:12:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14760869
expires: Tue, 14 Nov 2023 19:12:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2KUys5%2B9utBI%2FMCb5B%2FJ%2Bs3PH%2Bhgf5V148aWlhkH%2B6MNGhqYWOnrxw%2B1YcUHbBcQZQIR6FEOPdYQnrNCEXB5VFgU4DMnGiYblUcLCO4vW56TrO6dgriq%2B90%2B7Z2IPwXxhdqxKbs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76f4753e1f58b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 08d349c8281dbdda9737e7cf955cfe56
59e6f8ad079593332791f5dc54d0d529681f4ddb
d51aad7442e4b119f51aac2221c732790dafb2a528f204079cba9f2e2abf22e5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D51AAD7442E4B119F51AAC2221C732790DAFB2A528F204079CBA9F2E2ABF22E5"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7731
Expires: Thu, 24 Nov 2022 21:21:36 GMT
Date: Thu, 24 Nov 2022 19:12:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 19:08:53 GMT
cache-control: public,max-age=3600
age: 233
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
mkkuei4kdsz.com/favicon.ico
64.225.91.73200 OK 329 B URL HTTP/1.1 mkkuei4kdsz.com/favicon.ico
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/15/458.html
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 24 Nov 2022 19:12:46 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
domaincntrol.com/?orighost=http://mkkuei4kdsz.com/15/458.html
172.67.68.176200 OK 28 B URL HTTP/2 domaincntrol.com/?orighost=http://mkkuei4kdsz.com/15/458.html
IP 172.67.68.176:0
File type ASCII text, with no line terminators
Hash 7aae16ed70d2e07943585bbb1cd02b55
3209123510c034e6e38ca45edf14307f1375a8f5
51bfb53a70df6adc48f0670be59a16a657ab5a2bafc176973a32d5c36a4fc5d3
GET /?orighost=http://mkkuei4kdsz.com/15/458.html HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:12:46 GMT
content-type: text/javascript;charset=UTF-8
content-length: 28
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITWnPP3ZILjPVoOZ5rBarAGbMmTfhermiAB6mQXJfIo%2BMKRaz3T6Ln4eaoVnqxK%2Bvc%2Bs18%2FZrW1D8oFfU5qEiR%2BDxw2Wb8ag7LW4Bkf4B7KdN9vPLBi5XI8vWVaTSFegZh4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f4753eff8a0b3d-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6483
Cache-Control: max-age=142926
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:46 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:54:52 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.242.3.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.3.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1RaiUBDunDCGWpnqJgx8mg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: waapmNmQwRw7L8hpo+xIEXIRjrQ=
ww2.mkkuei4kdsz.com/
64.190.63.136200 OK 1.3 kB IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (700)
Hash 8753429cfea89fb5b50400daebc4880b
257b373db6a22b6046f63c7cbc73c3d1d449afcf
e841fa74e13e22501a3092bfe4b12b61e1ccfd92c6bcc5ad53828a98170c2168
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Thu, 24 Nov 2022 19:12:47 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_zfi2IAQMFhbeJz7TohoVHVtJWU2hwm7Lrp9mU2CS1tg8fh6Um4KcOzzYJ6LQkNLWAjiGBQP1WU+h5qP7TrTizQ==
last-modified: Thu, 24 Nov 2022 19:12:46 GMT
x-cache-miss-from: parking-d7dbd8c4d-z9cx6
server: NginX
content-encoding: gzip
img.sedoparking.com/images/js_preloader.gif
205.234.175.175200 OK 4.3 kB URL HTTP/1.1 img.sedoparking.com/images/js_preloader.gif
IP 205.234.175.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:12:47 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 19:12:47 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 163006e7210afbfa63d124e95c19e9c9
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY2OTMxNzE2NzI5ZmY5NGYyZDBiZDhkZTU5NDFlM2RlNzE4ZTRhNDU2&crc=d496138111b991ba4f698f3bb3f10f9dc02b4281&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY2OTMxNzE2NzI5ZmY5NGYyZDBiZDhkZTU5NDFlM2RlNzE4ZTRhNDU2&crc=d496138111b991ba4f698f3bb3f10f9dc02b4281&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY2OTMxNzE2NzI5ZmY5NGYyZDBiZDhkZTU5NDFlM2RlNzE4ZTRhNDU2&crc=d496138111b991ba4f698f3bb3f10f9dc02b4281&cv=1 HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
date: Thu, 24 Nov 2022 19:12:47 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-d7dbd8c4d-7h6h9
server: NginX
ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D0JYWn71NbRU_0&v=NTNiMTIzMGU2MmVmODljYzQ3OThmZmQxNDYzZjRhYjQJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM3ZmMyMmU3OTZmNDQuNzIxMjEzMTEJd3cyLm1ra3VlaTRrZHN6LmNvbTYzN2ZjMjJlNzk3MTc5LjEwMzYyNzQ0CTE2NjkzMTcxNjcJYWRfNjNfMA==&l=OAlmYjE3YmM5MzExMzY4ODdjZThkNzE5YjYxMTA0NGNiMwkwCTM1CTAJMzYyZTIxMTdiNDU1MGRjYmZhOWIyZjQ2NjY1YzViYjkJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjkzMTcxNjcJMC4wMDA0NDYJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
64.190.63.136302 Found 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D0JYWn71NbRU_0&v=NTNiMTIzMGU2MmVmODljYzQ3OThmZmQxNDYzZjRhYjQJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM3ZmMyMmU3OTZmNDQuNzIxMjEzMTEJd3cyLm1ra3VlaTRrZHN6LmNvbTYzN2ZjMjJlNzk3MTc5LjEwMzYyNzQ0CTE2NjkzMTcxNjcJYWRfNjNfMA==&l=OAlmYjE3YmM5MzExMzY4ODdjZThkNzE5YjYxMTA0NGNiMwkwCTM1CTAJMzYyZTIxMTdiNDU1MGRjYmZhOWIyZjQ2NjY1YzViYjkJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjkzMTcxNjcJMC4wMDA0NDYJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D0JYWn71NbRU_0&v=NTNiMTIzMGU2MmVmODljYzQ3OThmZmQxNDYzZjRhYjQJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM3ZmMyMmU3OTZmNDQuNzIxMjEzMTEJd3cyLm1ra3VlaTRrZHN6LmNvbTYzN2ZjMjJlNzk3MTc5LjEwMzYyNzQ0CTE2NjkzMTcxNjcJYWRfNjNfMA==&l=OAlmYjE3YmM5MzExMzY4ODdjZThkNzE5YjYxMTA0NGNiMwkwCTM1CTAJMzYyZTIxMTdiNDU1MGRjYmZhOWIyZjQ2NjY1YzViYjkJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjkzMTcxNjcJMC4wMDA0NDYJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Thu, 24 Nov 2022 19:12:47 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 24 Nov 2022 19:12:47 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D0JYWn71NbRU_0&v=NTNiMTIzMGU2MmVmODljYzQ3OThmZmQxNDYzZjRhYjQJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM3ZmMyMmU3OTZmNDQuNzIxMjEzMTEJd3cyLm1ra3VlaTRrZHN6LmNvbTYzN2ZjMjJlNzk3MTc5LjEwMzYyNzQ0CTE2NjkzMTcxNjcJYWRfNjNfMA==&l=OAlmYjE3YmM5MzExMzY4ODdjZThkNzE5YjYxMTA0NGNiMwkwCTM1CTAJMzYyZTIxMTdiNDU1MGRjYmZhOWIyZjQ2NjY1YzViYjkJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjkzMTcxNjcJMC4wMDA0NDYJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
x-cache-miss-from: parking-d7dbd8c4d-wd8pp
server: NginX
ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D0JYWn71NbRU_0&v=NTNiMTIzMGU2MmVmODljYzQ3OThmZmQxNDYzZjRhYjQJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM3ZmMyMmU3OTZmNDQuNzIxMjEzMTEJd3cyLm1ra3VlaTRrZHN6LmNvbTYzN2ZjMjJlNzk3MTc5LjEwMzYyNzQ0CTE2NjkzMTcxNjcJYWRfNjNfMA==&l=OAlmYjE3YmM5MzExMzY4ODdjZThkNzE5YjYxMTA0NGNiMwkwCTM1CTAJMzYyZTIxMTdiNDU1MGRjYmZhOWIyZjQ2NjY1YzViYjkJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjkzMTcxNjcJMC4wMDA0NDYJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
64.190.63.136302 Found 311 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D0JYWn71NbRU_0&v=NTNiMTIzMGU2MmVmODljYzQ3OThmZmQxNDYzZjRhYjQJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM3ZmMyMmU3OTZmNDQuNzIxMjEzMTEJd3cyLm1ra3VlaTRrZHN6LmNvbTYzN2ZjMjJlNzk3MTc5LjEwMzYyNzQ0CTE2NjkzMTcxNjcJYWRfNjNfMA==&l=OAlmYjE3YmM5MzExMzY4ODdjZThkNzE5YjYxMTA0NGNiMwkwCTM1CTAJMzYyZTIxMTdiNDU1MGRjYmZhOWIyZjQ2NjY1YzViYjkJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjkzMTcxNjcJMC4wMDA0NDYJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f739d939bed8f30c1c7f06cc114fff10
7071f680dbf10e60f5cc29ed4f0b60be38403a6a
3da27563723bf61aaef812de0995e4ff2d6157a81dcdc89ebc0d101eed4a3b8c
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D0JYWn71NbRU_0&v=NTNiMTIzMGU2MmVmODljYzQ3OThmZmQxNDYzZjRhYjQJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM3ZmMyMmU3OTZmNDQuNzIxMjEzMTEJd3cyLm1ra3VlaTRrZHN6LmNvbTYzN2ZjMjJlNzk3MTc5LjEwMzYyNzQ0CTE2NjkzMTcxNjcJYWRfNjNfMA==&l=OAlmYjE3YmM5MzExMzY4ODdjZThkNzE5YjYxMTA0NGNiMwkwCTM1CTAJMzYyZTIxMTdiNDU1MGRjYmZhOWIyZjQ2NjY1YzViYjkJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjkzMTcxNjcJMC4wMDA0NDYJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Thu, 24 Nov 2022 19:12:47 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 24 Nov 2022 19:12:47 GMT
location: http://xml.sedodna.com/click?i=0JYWn71NbRU_0
x-cache-miss-from: parking-d7dbd8c4d-n225j
server: NginX
xml.sedodna.com/click?i=0JYWn71NbRU_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=0JYWn71NbRU_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=0JYWn71NbRU_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5dXVAwXrNrgzzettXmC8SzhG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3g8fXdOxQuxRGOkvs8MQM2fXSrZh5UjPvUD3eg5Z5w7URtWxpLV7zGJF7YtIv_pSU8yedaajdQan7X1xyAWrFGJaATSme3WF9iYH5cn7PpR96H_Z4cAXUhbNWIUl0XQT-85OIp9iwj7uwUW1daS2u3jXkdiroZGpvbnyvokSzRUdkToqh8XF8oSlbEWRe_vMZ585EtGYcDgElmlUqhKAuUWDF_aYFKoC_pCloREz-gAUf4GCn_ti_dC0ynZ48tkGSDsFZzNHNozOQiGGVu-xbsDCRyz2H-C45Heh8v0Km3Y1oaVVIbEr-PuuKRjgR8nMTmxekK28wDoRMkZAll1gGpA7wZp7a6IJO8RJT6is_tgBFVXMhxbJ1a3lLVGDOQcJ7XNLVlVnjPxxbPR3gMLCYzzWCrVapB_69iQ1w5QowM-475J-E0qpXAgkRf8stLn12TmXZlam1BINhKWmINt241uh3yfx2Uo6pXfFwoP5iOtLXPsV4XbRu5ORzU1Vn1mUSA8qDjC6vnHY1wggB_IvhR82DlLs2NuFNybRnJH2UinhneFTC_kNdXJxbukSAH4NcNfMJiH216jewy5yQ8Qzp1UgfAGdMmQyAz8utzkK8B4SH9IpHn1hJIz6x1GHU6Bbte42EjnU0YzG4Kh34r7-y3W68bLgkLM2nLLmHX6Bn2UxrsnKHySQRwrsgddcb22rAcUCt9-VZjKVzIjG-f5IQYntK6R9QOU-sfDU7q-doSyO2Urh6Y5oPfJtPVYBfVZ2VuN2GldX9c32cold-u16laWdmYkehfRjBXQVhSjAiSH8VPDaSXOGAoB1BNhTxv5Vei1yKtL940VVXkYT5bg9s_gBu7WitQniwS8oQmciiWiKtSStWeSexnBDUsAjReqsC8T6FZOp0ZMrgPoxdNST-TuiC5-ZNuWGuT909NKZ1v4Pgw5mRtcx376smv2bXf7xCcVornKtWB_8bpaOFWp8vR0MqT1e-JYToV8ahX_vOOroeWifPhOOyNedwu7Vc7MaO6gh0I9gEx87Q-09WCxWycrtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJZbhSXBsuqp4TKI2qVF_upugCggYFh3EAoiiZxlTdJcUbO7pWllwGdVGZXxgmhR3INz-QU0tQexjS1sjTSDdvxjTnBG6KLohwyqV7tETR7cP-o1a3gHjZa_gjn5QKyssU7dq2rVA9fmvq9IaY6LYxIeiF1cs76ErxCBdlQonnkAtH2nCzpVOQcBJKWnGaCo17onOqLNsrJIIZq0s55ffWLB9LPfjwVWyi2GIVaOQWTbhQ6iy2Vuj4pOtTgoFZ6TVpYk-fhFe-suVczN69pph7HeXj9T5EF7HRrXtVVrcM9JGqCxlSeVo_CiJK9G4vla_-RCmuI0tSEk_a_Gei7StA-CFjNx6Toj9kghgbOnleKyz947GP4TsT26NezqvwtmGKUTpGk9yX0sr4SfHbi0RDkFmhaS5DjZ7fq1QONt9OxTf7WLbPkU3hnuULpSBOclApGnETwPbCednl8usGYgrUihltjPnnWR7ArmQLfoUt5WaRwCIXpnHq8I0bYtXdmST4aCvw1mX2qEUhYBeUO1dAajXaSwjszpoemvdNVb-Ai2sCC7QSYRJxkXd-d-Km4x3zpGL3jwDO2rKic6os2yskgrCLYR7wB-v9Wa_x1wU3pDZetrPeDa_33MtPdZsQMGS7Jm7EhOsk27bxGYd3vi6Mg-aHrLZE3F_n
Pragma: no-cache
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12457
Expires: Thu, 24 Nov 2022 22:40:24 GMT
Date: Thu, 24 Nov 2022 19:12:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12457
Expires: Thu, 24 Nov 2022 22:40:24 GMT
Date: Thu, 24 Nov 2022 19:12:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12457
Expires: Thu, 24 Nov 2022 22:40:24 GMT
Date: Thu, 24 Nov 2022 19:12:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 43120
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8rbsN9OVJmneT9ov-Q7V4RB8DP5UWhhn-7cnukHiBpl06zmMM0zJTg==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
age: 76527
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:47 GMT
age: 76980
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 77141
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 43045
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 76133
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 077b945d3a829a4bc425221cde262257
64eedf0134098a56933783caae12ccf93b8e5194
6f90a7776c0b56af2d29c19f2d34bb0ff42a30abda0d526cbda2ff8984d42215
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:12:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 07:25:45 GMT
Expires: Thu, 01 Dec 2022 07:25:44 GMT
Etag: "64eedf0134098a56933783caae12ccf93b8e5194"
Cache-Control: max-age=561775,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f4754baa6f0b69-OSL
mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5dXVAwXrNrgzzettXmC8SzhG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3g8fXdOxQuxRGOkvs8MQM2fXSrZh5UjPvUD3eg5Z5w7URtWxpLV7zGJF7YtIv_pSU8yedaajdQan7X1xyAWrFGJaATSme3WF9iYH5cn7PpR96H_Z4cAXUhbNWIUl0XQT-85OIp9iwj7uwUW1daS2u3jXkdiroZGpvbnyvokSzRUdkToqh8XF8oSlbEWRe_vMZ585EtGYcDgElmlUqhKAuUWDF_aYFKoC_pCloREz-gAUf4GCn_ti_dC0ynZ48tkGSDsFZzNHNozOQiGGVu-xbsDCRyz2H-C45Heh8v0Km3Y1oaVVIbEr-PuuKRjgR8nMTmxekK28wDoRMkZAll1gGpA7wZp7a6IJO8RJT6is_tgBFVXMhxbJ1a3lLVGDOQcJ7XNLVlVnjPxxbPR3gMLCYzzWCrVapB_69iQ1w5QowM-475J-E0qpXAgkRf8stLn12TmXZlam1BINhKWmINt241uh3yfx2Uo6pXfFwoP5iOtLXPsV4XbRu5ORzU1Vn1mUSA8qDjC6vnHY1wggB_IvhR82DlLs2NuFNybRnJH2UinhneFTC_kNdXJxbukSAH4NcNfMJiH216jewy5yQ8Qzp1UgfAGdMmQyAz8utzkK8B4SH9IpHn1hJIz6x1GHU6Bbte42EjnU0YzG4Kh34r7-y3W68bLgkLM2nLLmHX6Bn2UxrsnKHySQRwrsgddcb22rAcUCt9-VZjKVzIjG-f5IQYntK6R9QOU-sfDU7q-doSyO2Urh6Y5oPfJtPVYBfVZ2VuN2GldX9c32cold-u16laWdmYkehfRjBXQVhSjAiSH8VPDaSXOGAoB1BNhTxv5Vei1yKtL940VVXkYT5bg9s_gBu7WitQniwS8oQmciiWiKtSStWeSexnBDUsAjReqsC8T6FZOp0ZMrgPoxdNST-TuiC5-ZNuWGuT909NKZ1v4Pgw5mRtcx376smv2bXf7xCcVornKtWB_8bpaOFWp8vR0MqT1e-JYToV8ahX_vOOroeWifPhOOyNedwu7Vc7MaO6gh0I9gEx87Q-09WCxWycrtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJZbhSXBsuqp4TKI2qVF_upugCggYFh3EAoiiZxlTdJcUbO7pWllwGdVGZXxgmhR3INz-QU0tQexjS1sjTSDdvxjTnBG6KLohwyqV7tETR7cP-o1a3gHjZa_gjn5QKyssU7dq2rVA9fmvq9IaY6LYxIeiF1cs76ErxCBdlQonnkAtH2nCzpVOQcBJKWnGaCo17onOqLNsrJIIZq0s55ffWLB9LPfjwVWyi2GIVaOQWTbhQ6iy2Vuj4pOtTgoFZ6TVpYk-fhFe-suVczN69pph7HeXj9T5EF7HRrXtVVrcM9JGqCxlSeVo_CiJK9G4vla_-RCmuI0tSEk_a_Gei7StA-CFjNx6Toj9kghgbOnleKyz947GP4TsT26NezqvwtmGKUTpGk9yX0sr4SfHbi0RDkFmhaS5DjZ7fq1QONt9OxTf7WLbPkU3hnuULpSBOclApGnETwPbCednl8usGYgrUihltjPnnWR7ArmQLfoUt5WaRwCIXpnHq8I0bYtXdmST4aCvw1mX2qEUhYBeUO1dAajXaSwjszpoemvdNVb-Ai2sCC7QSYRJxkXd-d-Km4x3zpGL3jwDO2rKic6os2yskgrCLYR7wB-v9Wa_x1wU3pDZetrPeDa_33MtPdZsQMGS7Jm7EhOsk27bxGYd3vi6Mg-aHrLZE3F_n
108.168.193.189302 Found 0 B URL HTTP/2 mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5dXVAwXrNrgzzettXmC8SzhG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3g8fXdOxQuxRGOkvs8MQM2fXSrZh5UjPvUD3eg5Z5w7URtWxpLV7zGJF7YtIv_pSU8yedaajdQan7X1xyAWrFGJaATSme3WF9iYH5cn7PpR96H_Z4cAXUhbNWIUl0XQT-85OIp9iwj7uwUW1daS2u3jXkdiroZGpvbnyvokSzRUdkToqh8XF8oSlbEWRe_vMZ585EtGYcDgElmlUqhKAuUWDF_aYFKoC_pCloREz-gAUf4GCn_ti_dC0ynZ48tkGSDsFZzNHNozOQiGGVu-xbsDCRyz2H-C45Heh8v0Km3Y1oaVVIbEr-PuuKRjgR8nMTmxekK28wDoRMkZAll1gGpA7wZp7a6IJO8RJT6is_tgBFVXMhxbJ1a3lLVGDOQcJ7XNLVlVnjPxxbPR3gMLCYzzWCrVapB_69iQ1w5QowM-475J-E0qpXAgkRf8stLn12TmXZlam1BINhKWmINt241uh3yfx2Uo6pXfFwoP5iOtLXPsV4XbRu5ORzU1Vn1mUSA8qDjC6vnHY1wggB_IvhR82DlLs2NuFNybRnJH2UinhneFTC_kNdXJxbukSAH4NcNfMJiH216jewy5yQ8Qzp1UgfAGdMmQyAz8utzkK8B4SH9IpHn1hJIz6x1GHU6Bbte42EjnU0YzG4Kh34r7-y3W68bLgkLM2nLLmHX6Bn2UxrsnKHySQRwrsgddcb22rAcUCt9-VZjKVzIjG-f5IQYntK6R9QOU-sfDU7q-doSyO2Urh6Y5oPfJtPVYBfVZ2VuN2GldX9c32cold-u16laWdmYkehfRjBXQVhSjAiSH8VPDaSXOGAoB1BNhTxv5Vei1yKtL940VVXkYT5bg9s_gBu7WitQniwS8oQmciiWiKtSStWeSexnBDUsAjReqsC8T6FZOp0ZMrgPoxdNST-TuiC5-ZNuWGuT909NKZ1v4Pgw5mRtcx376smv2bXf7xCcVornKtWB_8bpaOFWp8vR0MqT1e-JYToV8ahX_vOOroeWifPhOOyNedwu7Vc7MaO6gh0I9gEx87Q-09WCxWycrtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJZbhSXBsuqp4TKI2qVF_upugCggYFh3EAoiiZxlTdJcUbO7pWllwGdVGZXxgmhR3INz-QU0tQexjS1sjTSDdvxjTnBG6KLohwyqV7tETR7cP-o1a3gHjZa_gjn5QKyssU7dq2rVA9fmvq9IaY6LYxIeiF1cs76ErxCBdlQonnkAtH2nCzpVOQcBJKWnGaCo17onOqLNsrJIIZq0s55ffWLB9LPfjwVWyi2GIVaOQWTbhQ6iy2Vuj4pOtTgoFZ6TVpYk-fhFe-suVczN69pph7HeXj9T5EF7HRrXtVVrcM9JGqCxlSeVo_CiJK9G4vla_-RCmuI0tSEk_a_Gei7StA-CFjNx6Toj9kghgbOnleKyz947GP4TsT26NezqvwtmGKUTpGk9yX0sr4SfHbi0RDkFmhaS5DjZ7fq1QONt9OxTf7WLbPkU3hnuULpSBOclApGnETwPbCednl8usGYgrUihltjPnnWR7ArmQLfoUt5WaRwCIXpnHq8I0bYtXdmST4aCvw1mX2qEUhYBeUO1dAajXaSwjszpoemvdNVb-Ai2sCC7QSYRJxkXd-d-Km4x3zpGL3jwDO2rKic6os2yskgrCLYR7wB-v9Wa_x1wU3pDZetrPeDa_33MtPdZsQMGS7Jm7EhOsk27bxGYd3vi6Mg-aHrLZE3F_n
IP 108.168.193.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5dXVAwXrNrgzzettXmC8SzhG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3g8fXdOxQuxRGOkvs8MQM2fXSrZh5UjPvUD3eg5Z5w7URtWxpLV7zGJF7YtIv_pSU8yedaajdQan7X1xyAWrFGJaATSme3WF9iYH5cn7PpR96H_Z4cAXUhbNWIUl0XQT-85OIp9iwj7uwUW1daS2u3jXkdiroZGpvbnyvokSzRUdkToqh8XF8oSlbEWRe_vMZ585EtGYcDgElmlUqhKAuUWDF_aYFKoC_pCloREz-gAUf4GCn_ti_dC0ynZ48tkGSDsFZzNHNozOQiGGVu-xbsDCRyz2H-C45Heh8v0Km3Y1oaVVIbEr-PuuKRjgR8nMTmxekK28wDoRMkZAll1gGpA7wZp7a6IJO8RJT6is_tgBFVXMhxbJ1a3lLVGDOQcJ7XNLVlVnjPxxbPR3gMLCYzzWCrVapB_69iQ1w5QowM-475J-E0qpXAgkRf8stLn12TmXZlam1BINhKWmINt241uh3yfx2Uo6pXfFwoP5iOtLXPsV4XbRu5ORzU1Vn1mUSA8qDjC6vnHY1wggB_IvhR82DlLs2NuFNybRnJH2UinhneFTC_kNdXJxbukSAH4NcNfMJiH216jewy5yQ8Qzp1UgfAGdMmQyAz8utzkK8B4SH9IpHn1hJIz6x1GHU6Bbte42EjnU0YzG4Kh34r7-y3W68bLgkLM2nLLmHX6Bn2UxrsnKHySQRwrsgddcb22rAcUCt9-VZjKVzIjG-f5IQYntK6R9QOU-sfDU7q-doSyO2Urh6Y5oPfJtPVYBfVZ2VuN2GldX9c32cold-u16laWdmYkehfRjBXQVhSjAiSH8VPDaSXOGAoB1BNhTxv5Vei1yKtL940VVXkYT5bg9s_gBu7WitQniwS8oQmciiWiKtSStWeSexnBDUsAjReqsC8T6FZOp0ZMrgPoxdNST-TuiC5-ZNuWGuT909NKZ1v4Pgw5mRtcx376smv2bXf7xCcVornKtWB_8bpaOFWp8vR0MqT1e-JYToV8ahX_vOOroeWifPhOOyNedwu7Vc7MaO6gh0I9gEx87Q-09WCxWycrtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJZbhSXBsuqp4TKI2qVF_upugCggYFh3EAoiiZxlTdJcUbO7pWllwGdVGZXxgmhR3INz-QU0tQexjS1sjTSDdvxjTnBG6KLohwyqV7tETR7cP-o1a3gHjZa_gjn5QKyssU7dq2rVA9fmvq9IaY6LYxIeiF1cs76ErxCBdlQonnkAtH2nCzpVOQcBJKWnGaCo17onOqLNsrJIIZq0s55ffWLB9LPfjwVWyi2GIVaOQWTbhQ6iy2Vuj4pOtTgoFZ6TVpYk-fhFe-suVczN69pph7HeXj9T5EF7HRrXtVVrcM9JGqCxlSeVo_CiJK9G4vla_-RCmuI0tSEk_a_Gei7StA-CFjNx6Toj9kghgbOnleKyz947GP4TsT26NezqvwtmGKUTpGk9yX0sr4SfHbi0RDkFmhaS5DjZ7fq1QONt9OxTf7WLbPkU3hnuULpSBOclApGnETwPbCednl8usGYgrUihltjPnnWR7ArmQLfoUt5WaRwCIXpnHq8I0bYtXdmST4aCvw1mX2qEUhYBeUO1dAajXaSwjszpoemvdNVb-Ai2sCC7QSYRJxkXd-d-Km4x3zpGL3jwDO2rKic6os2yskgrCLYR7wB-v9Wa_x1wU3pDZetrPeDa_33MtPdZsQMGS7Jm7EhOsk27bxGYd3vi6Mg-aHrLZE3F_n HTTP/1.1
Host: mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 24 Nov 2022 19:12:48 GMT
content-length: 0
set-cookie: rhid=82433705700; Max-Age=15552000; Expires=Tue, 23-May-2023 19:12:48 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://p201298.mybettermb.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDGSZVu5NPqSq-h2rSoksoBqNG2LV3Zkk-L8FPCSjKZr_YsQ0yRxpJ6k8LlotqmtX7ErGSkvN2YlGY4HZ8X7cx-dM1QaxFxK0PHGpJGlCLAoWMnzoVZuce8ueVaQ0F217-cHwFJ-CDJF8T7C2wcJ1dqtoOgN9pzNxgl6S4oChQzOvrPE96Ym7CMGlXRdGMK-TkKMF_XSxG7q5c9lRJWHNr4s5bSTdWcYVZJciO9bgcuS1jIeAEiXnU3VYEUAru7F_DuXugOnM5m-8Jm7EhOsk27bxGYd3vi6Mg4f18T9CpHqCT2L9NFyVXF55Q47z-CV1ol2k4XVJzHJX8mFgHSWE3TZes2Wal4z2_6cr0kIIvFC278sDJBVR-ujw_o9HKkL8PaMhDqf7kErmDrOr0d6CIh0L3FtHWHx7HA8B78vhYDGtTzOA2dFkf3_NgwLd0BdObRCJLev5D7mya12e38uuGfzEgz4XZP0gmwDojgHyynN1-rVVBwUbSr_tzFXyl2Xqp42dSrBkHXC218va1jhGFGI8jdqPtxH4UCJQ48Q3rpLLNlfGdf3DcofXCB6hjLj_YF8PtD9qvSZWbX4-aT-tvVVICUQx8RHS_UFuyjOQLz4PDe6E5DWof4U&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukOqCxlSeVo_Cu3-iVhhcw0JOq9MNEAMUH6mrefxcMDvxk04KC7Vzeg8f-Cz1jyVlOO4lAMXDH-0sQ&si=1&oref=e2905b67c440133e06d94d472902354c&optunit=g1X1rV7f4BpBS4YUfGI2rw&rb=kkFnQ3TtWkI&rr=1&abtg=0
X-Firefox-Spdy: h2
p201298.mybettermb.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDGSZVu5NPqSq-h2rSoksoBqNG2LV3Zkk-L8FPCSjKZr_YsQ0yRxpJ6k8LlotqmtX7ErGSkvN2YlGY4HZ8X7cx-dM1QaxFxK0PHGpJGlCLAoWMnzoVZuce8ueVaQ0F217-cHwFJ-CDJF8T7C2wcJ1dqtoOgN9pzNxgl6S4oChQzOvrPE96Ym7CMGlXRdGMK-TkKMF_XSxG7q5c9lRJWHNr4s5bSTdWcYVZJciO9bgcuS1jIeAEiXnU3VYEUAru7F_DuXugOnM5m-8Jm7EhOsk27bxGYd3vi6Mg4f18T9CpHqCT2L9NFyVXF55Q47z-CV1ol2k4XVJzHJX8mFgHSWE3TZes2Wal4z2_6cr0kIIvFC278sDJBVR-ujw_o9HKkL8PaMhDqf7kErmDrOr0d6CIh0L3FtHWHx7HA8B78vhYDGtTzOA2dFkf3_NgwLd0BdObRCJLev5D7mya12e38uuGfzEgz4XZP0gmwDojgHyynN1-rVVBwUbSr_tzFXyl2Xqp42dSrBkHXC218va1jhGFGI8jdqPtxH4UCJQ48Q3rpLLNlfGdf3DcofXCB6hjLj_YF8PtD9qvSZWbX4-aT-tvVVICUQx8RHS_UFuyjOQLz4PDe6E5DWof4U&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukOqCxlSeVo_Cu3-iVhhcw0JOq9MNEAMUH6mrefxcMDvxk04KC7Vzeg8f-Cz1jyVlOO4lAMXDH-0sQ&si=1&oref=e2905b67c440133e06d94d472902354c&optunit=g1X1rV7f4BpBS4YUfGI2rw&rb=kkFnQ3TtWkI&rr=1&abtg=0
108.168.193.189200 OK 558 B URL HTTP/2 p201298.mybettermb.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDGSZVu5NPqSq-h2rSoksoBqNG2LV3Zkk-L8FPCSjKZr_YsQ0yRxpJ6k8LlotqmtX7ErGSkvN2YlGY4HZ8X7cx-dM1QaxFxK0PHGpJGlCLAoWMnzoVZuce8ueVaQ0F217-cHwFJ-CDJF8T7C2wcJ1dqtoOgN9pzNxgl6S4oChQzOvrPE96Ym7CMGlXRdGMK-TkKMF_XSxG7q5c9lRJWHNr4s5bSTdWcYVZJciO9bgcuS1jIeAEiXnU3VYEUAru7F_DuXugOnM5m-8Jm7EhOsk27bxGYd3vi6Mg4f18T9CpHqCT2L9NFyVXF55Q47z-CV1ol2k4XVJzHJX8mFgHSWE3TZes2Wal4z2_6cr0kIIvFC278sDJBVR-ujw_o9HKkL8PaMhDqf7kErmDrOr0d6CIh0L3FtHWHx7HA8B78vhYDGtTzOA2dFkf3_NgwLd0BdObRCJLev5D7mya12e38uuGfzEgz4XZP0gmwDojgHyynN1-rVVBwUbSr_tzFXyl2Xqp42dSrBkHXC218va1jhGFGI8jdqPtxH4UCJQ48Q3rpLLNlfGdf3DcofXCB6hjLj_YF8PtD9qvSZWbX4-aT-tvVVICUQx8RHS_UFuyjOQLz4PDe6E5DWof4U&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukOqCxlSeVo_Cu3-iVhhcw0JOq9MNEAMUH6mrefxcMDvxk04KC7Vzeg8f-Cz1jyVlOO4lAMXDH-0sQ&si=1&oref=e2905b67c440133e06d94d472902354c&optunit=g1X1rV7f4BpBS4YUfGI2rw&rb=kkFnQ3TtWkI&rr=1&abtg=0
IP 108.168.193.189:0
Hash 082cb58f481c886a9a61f9f1007c30e2
f4d75eff5a6ce16ee7cf90230aea668559ba17a4
b53619f457b8bdf584e246cbebb633bbdba239be67a14713778e88f0b7d6dab9
GET /adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDGSZVu5NPqSq-h2rSoksoBqNG2LV3Zkk-L8FPCSjKZr_YsQ0yRxpJ6k8LlotqmtX7ErGSkvN2YlGY4HZ8X7cx-dM1QaxFxK0PHGpJGlCLAoWMnzoVZuce8ueVaQ0F217-cHwFJ-CDJF8T7C2wcJ1dqtoOgN9pzNxgl6S4oChQzOvrPE96Ym7CMGlXRdGMK-TkKMF_XSxG7q5c9lRJWHNr4s5bSTdWcYVZJciO9bgcuS1jIeAEiXnU3VYEUAru7F_DuXugOnM5m-8Jm7EhOsk27bxGYd3vi6Mg4f18T9CpHqCT2L9NFyVXF55Q47z-CV1ol2k4XVJzHJX8mFgHSWE3TZes2Wal4z2_6cr0kIIvFC278sDJBVR-ujw_o9HKkL8PaMhDqf7kErmDrOr0d6CIh0L3FtHWHx7HA8B78vhYDGtTzOA2dFkf3_NgwLd0BdObRCJLev5D7mya12e38uuGfzEgz4XZP0gmwDojgHyynN1-rVVBwUbSr_tzFXyl2Xqp42dSrBkHXC218va1jhGFGI8jdqPtxH4UCJQ48Q3rpLLNlfGdf3DcofXCB6hjLj_YF8PtD9qvSZWbX4-aT-tvVVICUQx8RHS_UFuyjOQLz4PDe6E5DWof4U&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukOqCxlSeVo_Cu3-iVhhcw0JOq9MNEAMUH6mrefxcMDvxk04KC7Vzeg8f-Cz1jyVlOO4lAMXDH-0sQ&si=1&oref=e2905b67c440133e06d94d472902354c&optunit=g1X1rV7f4BpBS4YUfGI2rw&rb=kkFnQ3TtWkI&rr=1&abtg=0 HTTP/1.1
Host: p201298.mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Cookie: rhid=82433705700
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:12:48 GMT
content-type: text/html;charset=ISO-8859-1
vary: Accept-Encoding
set-cookie: rhid=82433705700; Max-Age=15552000; Expires=Tue, 23-May-2023 19:12:48 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
loi=ad_1173576_off_617426_aff_86324_cid_201298-MKKUEI4KDSZ.COM_ts_1669317168; Max-Age=3600; Expires=Thu, 24-Nov-2022 20:12:48 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60ecc61b23aeef8ac1deaaffd62fcc46
1f3d9500775668adbdf66a54ffb0163d41a0fa45
ddae89e5d67acd46e6d5aa48745af2a8682d07c8d786f60b7f362f2e3061bfcd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DDAE89E5D67ACD46E6D5AA48745AF2A8682D07C8D786F60B7F362F2E3061BFCD"
Last-Modified: Wed, 23 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18055
Expires: Fri, 25 Nov 2022 00:13:44 GMT
Date: Thu, 24 Nov 2022 19:12:49 GMT
Connection: keep-alive
cdn.jsdelivr.net/fontawesome/4.7.0/css/font-awesome.min.css?ver=4.7.0
151.101.85.229200 OK 7.1 kB URL HTTP/2 cdn.jsdelivr.net/fontawesome/4.7.0/css/font-awesome.min.css?ver=4.7.0
IP 151.101.85.229:0
File type ASCII text, with very long lines (30837)
Hash c68c38b6f53bfc3bee6b736afa488757
871df21572c702142a7c237259326013ec2df26a
e2100c6e7b6f0d358ac92d33b11278661c9a80e4c62c056677e24bc572d6da34
GET /fontawesome/4.7.0/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promoprawn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
etag: W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 19:12:50 GMT
age: 12590220
x-served-by: cache-fra19147-FRA, cache-bma1669-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7055
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 12 kB IP 142.250.74.3:0
Hash 13f1a358fdd37191a345f25c985c95c6
d9dc200c155f6f24eb8226bc9714f165ce19fd07
0385b9336fbad6faada10ff95574d2063377a485cbe9e580b4d13b859c302741
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-181731366-4
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-181731366-4
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash f37c66254dc4e82a90cbc586e82c3d60
79fde438e20bc2f5576396ca0b38b1bd57f793a3
1dd5549a5b0024983a2835544f93610574e2b020cf84cbe3f45659b6a54c5c85
GET /gtag/js?id=UA-181731366-4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promoprawn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 19:12:50 GMT
expires: Thu, 24 Nov 2022 19:12:50 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43680
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 4.4 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 274d856e6e0a8ec9fdcb50305a725c8f
82f100491177f9f3eacc7b24622b43be5067ba0f
e33c4c748760832e033103d8bbe7879056cc263e5c8d7305623f2bb1fd6985b5
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:12:50 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "BD4C74B9511FD740B5F4E318AB180D936CEC6B55"
Expires: Fri, 25 Nov 2022 06:00:00 GMT
Last-Modified: Thu, 24 Nov 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 719
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f4755e0b030afa-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 711 B IP 142.250.74.3:0
Hash a5e7232c3d586915d507274aa14ee803
cd172d4e9eeac04087c2d5d7acadc939d5734a87
639a58baf875e1b54e284dc78fb392c2bb3c08970cfce152d70cc72a1d3c5755
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2571
Cache-Control: max-age=124591
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:51 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 05:49:22 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_GB/sdk.js
157.240.200.14200 OK 14 kB URL HTTP/2 connect.facebook.net/en_GB/sdk.js
IP 157.240.200.14:0
Hash dbee43c8349ad310c1177c0faa7cb395
1efb5af8a5dc5cf3da97721684948002b358b70c
ecb7c5b1882dd21895f15de5e4c6ba3d55fdb950d710c1f862f4c20788470853
GET /en_GB/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promoprawn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 1180f16803de3b0b5b049ebb161422b0
etag: "4a080065a2f49aca2f3bdccb1509437f"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 24 Nov 2022 19:26:32 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: vjOXbwWDsQGS2r+wUD42Ng==
x-fb-debug: NPk1TxPEWxz9F0tAA3MrdeQyRBGynuU+ZqUb5UyHAt1RLa3SlE2HIVP6Yl8pWP+orlqeEC7gtDrsVFyBa4uDSw==
content-length: 1687
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 19:12:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2571
Cache-Control: max-age=124591
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:51 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 05:49:22 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 13 kB IP 142.250.74.3:0
Hash 6b3223c4b1feb08b80221090cbe843e1
575a8b33af1eaae69a7abf949c0ee1e68ae49396
acf7ead83aff83a9adbd7fa4c2edfc38a16142aa9847ad7fa13c360b47c6d074
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
172.217.21.170200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 172.217.21.170:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promoprawn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 18:53:12 GMT
expires: Thu, 24 Nov 2022 19:53:12 GMT
cache-control: public, max-age=3600
age: 1179
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_GB/sdk.js?hash=578270983077cb78cca3375e057fb665
157.240.200.14200 OK 88 kB URL HTTP/2 connect.facebook.net/en_GB/sdk.js?hash=578270983077cb78cca3375e057fb665
IP 157.240.200.14:0
File type ASCII text, with very long lines (18530)
Hash 253e333ad922ad46df5624b6ef4db5a6
8fb42b4ab2b1ee883b7e2f2b5e377a1dae979b53
12b375ce3cef69bfcea4bc40911b258b05a183e956301c45f74cd62778e814a0
GET /en_GB/sdk.js?hash=578270983077cb78cca3375e057fb665 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promoprawn.com
Connection: keep-alive
Referer: https://promoprawn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: f9df8aa4a31a9370cdec32412045882e
etag: "e46fb11d9bdec2bc7f5495848e7710c5"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 24 Nov 2023 17:59:11 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: JT4zOtkirUbfViS27021pg==
x-fb-debug: Z+b2n20VfpBJTcQG4Eh8hk26zhlwoysVu/migZumXfCq0TUIEF1HMtKy6KyUp0oi52mMh2uuCLNYw81fLtqzPw==
priority: u=3,i
content-length: 88368
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 19:12:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promoprawn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 18:41:08 GMT
expires: Thu, 24 Nov 2022 20:41:08 GMT
cache-control: public, max-age=7200
age: 1903
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 8.0 kB IP 142.250.74.3:0
Hash 4f34289e00b950f8d5955091d2f37b3d
fdad02cd93c47b2f98bb4e6ca5ec8bf714c515da
bbe347ea75cd56d12f831a036c4f726b54f00048534fcf1878713ffa5460f61b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.163200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promoprawn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 19:07:27 GMT
expires: Fri, 24 Nov 2023 19:07:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main
172.217.21.170200 OK 1.8 kB URL HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main
IP 172.217.21.170:0
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promoprawn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75035
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 00:23:31 GMT
expires: Thu, 23 Nov 2023 00:23:31 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 12 Nov 2022 06:10:12 GMT
content-type: text/javascript; charset=UTF-8
age: 154160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
142.250.74.163200 OK 910 B URL HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP 142.250.74.163:0
File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promoprawn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 06:42:34 GMT
expires: Thu, 23 Nov 2023 06:42:34 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 131417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
142.250.74.138200 OK 1.4 kB URL HTTP/2 translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP 142.250.74.138:0
Hash 3ad547ec47ef63d87eff80e53d6dd861
20cd334266b4bc9b47966d5487f0a2b2d41db765
c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promoprawn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 24 Nov 2022 19:12:51 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Thu, 24 Nov 2022 19:12:51 GMT
set-cookie: NID=511=WAz5RX_jP_IgiSLG-WyZ0xn9jAmwVw2TpBbvqP_TRK_P8SUtYPtY1WqNxw0P3DcosH-mpoUhhjKbMtEFeWEGgE0rl163sY8N_PmMQB3JcTRs1q_d26D5DALYY9nOfPjsIITJ7VMSiAUzqGhbj58ldHgqZMrKmAW2o4nUOMcWEwM; expires=Fri, 26-May-2023 19:12:51 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+732; expires=Sat, 23-Nov-2024 19:12:51 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id=235643263204884&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e2c10bdda0902%26domain%3Dpromoprawn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromoprawn.com%252Ff26b396ba78b2b%26relation%3Dparent.parent&container_width=361&height=290&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fappthemes&locale=en_GB&sdk=joey&show_facepile=true&show_posts=false&small_header=false&width=268
157.240.200.35200 OK 8.2 kB URL HTTP/2 www.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id=235643263204884&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e2c10bdda0902%26domain%3Dpromoprawn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromoprawn.com%252Ff26b396ba78b2b%26relation%3Dparent.parent&container_width=361&height=290&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fappthemes&locale=en_GB&sdk=joey&show_facepile=true&show_posts=false&small_header=false&width=268
IP 157.240.200.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19774)
Hash f6227fa56d52e89096530a27e87398de
1992064fd61a63381d46690b065144d9bd251a3e
f38e293649c598cc2239bdda96a8f37a72c715ec6c766d5a1d57df375f84f7cd
GET /v2.3/plugins/page.php?adapt_container_width=true&app_id=235643263204884&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e2c10bdda0902%26domain%3Dpromoprawn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromoprawn.com%252Ff26b396ba78b2b%26relation%3Dparent.parent&container_width=361&height=290&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fappthemes&locale=en_GB&sdk=joey&show_facepile=true&show_posts=false&small_header=false&width=268 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promoprawn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
facebook-api-version: v9.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: Cz4XyIXAlYcc6RguDUznrlCpPLrh+hB0M6fnrFUCvuY2Cd968U0qs/+lZ9Gr9PwHeStqT84zkjqapskMjm+FZg==
date: Thu, 24 Nov 2022 19:12:51 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-GZH27V8EPY>m=2oeb90&_p=292545174&gdid=dZTNiMT&cid=227166659.1669317171&ul=en-us&sr=1280x1024&_s=1&sid=1669317171&sct=1&seg=0&dl=https%3A%2F%2Fpromoprawn.com%2Fgo-to-batterychampion-no%2F&dt=Go%20to%20batterychampion-no&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-GZH27V8EPY>m=2oeb90&_p=292545174&gdid=dZTNiMT&cid=227166659.1669317171&ul=en-us&sr=1280x1024&_s=1&sid=1669317171&sct=1&seg=0&dl=https%3A%2F%2Fpromoprawn.com%2Fgo-to-batterychampion-no%2F&dt=Go%20to%20batterychampion-no&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GZH27V8EPY>m=2oeb90&_p=292545174&gdid=dZTNiMT&cid=227166659.1669317171&ul=en-us&sr=1280x1024&_s=1&sid=1669317171&sct=1&seg=0&dl=https%3A%2F%2Fpromoprawn.com%2Fgo-to-batterychampion-no%2F&dt=Go%20to%20batterychampion-no&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promoprawn.com
Connection: keep-alive
Referer: https://promoprawn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://promoprawn.com
date: Thu, 24 Nov 2022 19:12:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r.srvtrck.com/v1/redirect?url=https%3A%2F%2Fbatterychampion.no&type=url&api_key=75e8ee737d4fc03bfc0d76000b6f72b0&site_id=e7e6bb15baa647a58253d090ef5d387a&yk_tag=89673379090
104.19.169.96302 Found 0 B URL HTTP/2 r.srvtrck.com/v1/redirect?url=https%3A%2F%2Fbatterychampion.no&type=url&api_key=75e8ee737d4fc03bfc0d76000b6f72b0&site_id=e7e6bb15baa647a58253d090ef5d387a&yk_tag=89673379090
IP 104.19.169.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/redirect?url=https%3A%2F%2Fbatterychampion.no&type=url&api_key=75e8ee737d4fc03bfc0d76000b6f72b0&site_id=e7e6bb15baa647a58253d090ef5d387a&yk_tag=89673379090 HTTP/1.1
Host: r.srvtrck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 19:12:52 GMT
content-length: 0
p3p: CP="CAO PSA OUR"
set-cookie: ykuid=3cfe5b0b5493405fb032cee8d1552497; Domain=.srvtrck.com; Expires=Fri, 24-Nov-2023 19:12:52 GMT; Path=/
location: /v2/go?t=gtipo%3Au%2Fcoag8.defk0o0r3u2.5e7%2F6ta%2F5obs6t7s%3DamctGu%3F%26tc%3D66f9419162589%26cs4g0J6aaYab7e2j0I440R0h0O0F%3Dkmgt%26uf%26iuittsoaIa%3Dd6d6a6455c9m3d8175-2718%26bo5n-rd%3D7o6o9f3r1d%3DfI6e6oe%26a39eeidr7s60c326c66091c7%267e3r6h1d111791303046703%3D_I6c9a1s192d70_6319907%265e0v9cc%3Da67tdk9n8d%3D3Ibe3f3%26-ndy6t4u7c-3d702a1a%3D8Iaod%2612%266d9e9Pdrnmi%3Darlefcas-oM1yvI394z0m1N246d3y4Z6xeQf%3Dai8.94c317e7d326116s9.coshor2eeeeib%2F1gblac4tan8p5odg9oel5k3o7--no%2Fpsntnh&e=1&ai=1dfb02497cfe47ef8da9b954d4418e3d&sct=1&ct=1669317172550&cu=2374a6ae6f0a48c99c516e9d42f166c9&ykuid=3cfe5b0b5493405fb032cee8d1552497&sc=1&cs=8ffd01c5bc6a16026be057ed9ab3e8a9
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f475653df3b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f9927c94dccfe212130a414b3b27b983
ef50a81298178afa1d8ed38e54b36b6eef9ecbe0
6fa1ccf882ccba4cc906c8f99046abcc43cbe33935a8115f22a445098cd0be30
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4035
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:52 GMT
Etag: "637e58ca-1d7"
Last-Modified: Thu, 24 Nov 2022 18:05:37 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1669317172384&.sig=JQaxYZbyedj4IN4mRzh9OIFykMg-&affiliationId=96966625&comId=11522713&country=no&offerId=f8696de7aa9ce9d07567c921c6609dc9&searchId=107610033497131_1669317172170_6369300&service=36&tokenId=31b33936-7dd6-457b-8d70-a7a883a9d514&addedParams=true&custom1=v0304000142062374a6ae6f0a48c99c516e9d42f166c9&custom2=e7e6bb15baa647a58253d090ef5d387a-couponing
95.211.116.27200 OK 32 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1669317172384&.sig=JQaxYZbyedj4IN4mRzh9OIFykMg-&affiliationId=96966625&comId=11522713&country=no&offerId=f8696de7aa9ce9d07567c921c6609dc9&searchId=107610033497131_1669317172170_6369300&service=36&tokenId=31b33936-7dd6-457b-8d70-a7a883a9d514&addedParams=true&custom1=v0304000142062374a6ae6f0a48c99c516e9d42f166c9&custom2=e7e6bb15baa647a58253d090ef5d387a-couponing
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash d6ab1d06afadbe851fdc15c527bfd00e
ee6da8340de5fd48f609c17976e4592ae7ab7ec5
fea8d5f5f6bb2f54e591ffd71c70ca8681e8cedef881106db78d3ce043359e32
GET /ctl/go/sitesearchGo?.ts=1669317172384&.sig=JQaxYZbyedj4IN4mRzh9OIFykMg-&affiliationId=96966625&comId=11522713&country=no&offerId=f8696de7aa9ce9d07567c921c6609dc9&searchId=107610033497131_1669317172170_6369300&service=36&tokenId=31b33936-7dd6-457b-8d70-a7a883a9d514&addedParams=true&custom1=v0304000142062374a6ae6f0a48c99c516e9d42f166c9&custom2=e7e6bb15baa647a58253d090ef5d387a-couponing HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.srvtrck.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:12:53 GMT
leadId: dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1669317172861_567749
clickId: 107698149_1669317172854_3158301
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.221981S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 31976
Set-Cookie: datadome=18wxvCDPfMfXXk4-xexNDjYSsq2_HBADIv_Gx808cRgI8UD1~TBldMtynwpMlaGjw9rxKHWuHoM5_BW0cSLF-WMh84k6CMnIYCzVyI0VcRrYD_qSnu6wg0CpsVqBnMYK; Max-Age=31536000; Expires=Fri, 24 Nov 2023 19:12:53 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c6295-184ab0e9e77-ea04f; Max-Age=31536000; Expires=Fri, 24 Nov 2023 19:12:53 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=83
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464b4df6567099719ee902d74b067ef79fb09fc9dff26320053a845a712ba31f2127c59e7b5479d8e0e29e92d33b080cd0710641ef2a9a21446a44f26279eb4b9acae4c8aceda070d3bd2e4fdea014022231ffb6d2f8595bdedc5454dd054b4f7fc60521e6170be2c522ab170e826f76c21543ee59a01a1bf71f9786e663966c5803cabb86726b0d1de2abb77532bbed3047e4790293f69a79506525a41b7d249be746ee3fc71ffd19abbc6a7f172b325458301bc5783249dac03ea9c61f0f09075d0a6d716ce186cbbb5fc13e98814e5c769b9d49bb494d8d84e826086392f57b28dc8520c3d973ec9b55f389ec7a385c1c64e7788dc4108dfefe4106b6252baca&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1669317172861_567749&clickId=107698149_1669317172854_3158301
95.211.116.27200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464b4df6567099719ee902d74b067ef79fb09fc9dff26320053a845a712ba31f2127c59e7b5479d8e0e29e92d33b080cd0710641ef2a9a21446a44f26279eb4b9acae4c8aceda070d3bd2e4fdea014022231ffb6d2f8595bdedc5454dd054b4f7fc60521e6170be2c522ab170e826f76c21543ee59a01a1bf71f9786e663966c5803cabb86726b0d1de2abb77532bbed3047e4790293f69a79506525a41b7d249be746ee3fc71ffd19abbc6a7f172b325458301bc5783249dac03ea9c61f0f09075d0a6d716ce186cbbb5fc13e98814e5c769b9d49bb494d8d84e826086392f57b28dc8520c3d973ec9b55f389ec7a385c1c64e7788dc4108dfefe4106b6252baca&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1669317172861_567749&clickId=107698149_1669317172854_3158301
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464b4df6567099719ee902d74b067ef79fb09fc9dff26320053a845a712ba31f2127c59e7b5479d8e0e29e92d33b080cd0710641ef2a9a21446a44f26279eb4b9acae4c8aceda070d3bd2e4fdea014022231ffb6d2f8595bdedc5454dd054b4f7fc60521e6170be2c522ab170e826f76c21543ee59a01a1bf71f9786e663966c5803cabb86726b0d1de2abb77532bbed3047e4790293f69a79506525a41b7d249be746ee3fc71ffd19abbc6a7f172b325458301bc5783249dac03ea9c61f0f09075d0a6d716ce186cbbb5fc13e98814e5c769b9d49bb494d8d84e826086392f57b28dc8520c3d973ec9b55f389ec7a385c1c64e7788dc4108dfefe4106b6252baca&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1669317172861_567749&clickId=107698149_1669317172854_3158301 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1669317172384&.sig=JQaxYZbyedj4IN4mRzh9OIFykMg-&affiliationId=96966625&comId=11522713&country=no&offerId=f8696de7aa9ce9d07567c921c6609dc9&searchId=107610033497131_1669317172170_6369300&service=36&tokenId=31b33936-7dd6-457b-8d70-a7a883a9d514&addedParams=true&custom1=v0304000142062374a6ae6f0a48c99c516e9d42f166c9&custom2=e7e6bb15baa647a58253d090ef5d387a-couponing
Connection: keep-alive
Cookie: datadome=18wxvCDPfMfXXk4-xexNDjYSsq2_HBADIv_Gx808cRgI8UD1~TBldMtynwpMlaGjw9rxKHWuHoM5_BW0cSLF-WMh84k6CMnIYCzVyI0VcRrYD_qSnu6wg0CpsVqBnMYK; kelkooID=a4c6295-184ab0e9e77-ea04f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:12:53 GMT
Request-Time: PT0.001538S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=95
Connection: Keep-Alive
dd.kelkoogroup.net/tags.js
54.230.111.93200 OK 43 kB URL HTTP/2 dd.kelkoogroup.net/tags.js
IP 54.230.111.93:0
File type ASCII text, with very long lines (65432)
Hash 1e9601b9f2fcd0d1d742e87fd046749c
88431bfdad7d8be4cf62396a57aebcec0de09827
4bcdd319b49ac3e4683e774aefe69157100f9ebee3bc428e425cfc93a7da9feb
GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=18wxvCDPfMfXXk4-xexNDjYSsq2_HBADIv_Gx808cRgI8UD1~TBldMtynwpMlaGjw9rxKHWuHoM5_BW0cSLF-WMh84k6CMnIYCzVyI0VcRrYD_qSnu6wg0CpsVqBnMYK; kelkooID=a4c6295-184ab0e9e77-ea04f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 43164
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 17 Nov 2022 15:19:16 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
date: Thu, 24 Nov 2022 18:20:01 GMT
cache-control: max-age=3600, public
expires: Thu, 24 Nov 2022 19:19:58 GMT
etag: "33bf8-5edac1cc94a7f-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: jMmjaYTabYfVpuSqUBgxzyZBH7OQs8Zr4UnnoMef_jt8byGPL7eATA==
age: 3175
X-Firefox-Spdy: h2
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464b4df6567099719ee902d74b067ef79fb09fc9dff26320053a845a712ba31f2127c59e7b5479d8e0e29e92d33b080cd0710641ef2a9a21446a44f26279eb4b9acae4c8aceda070d3bd2e4fdea014022231ffb6d2f8595bdedc5454dd054b4f7fc60521e6170be2c522ab170e826f76c21543ee59a01a1bf71f9786e663966c5803cabb86726b0d1de2abb77532bbed3047e4790293f69a79506525a41b7d249be746ee3fc71ffd19abbc6a7f172b325458301bc5783249dac03ea9c61f0f09075d0a6d716ce186cbbb5fc13e98814e5c769b9d49bb494d8d84e826086392f57b28dc8520c3d973ec9b55f389ec7a385c1c64e7788dc4108dfefe4106b6252baca&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1669317172861_567749&clickId=107698149_1669317172854_3158301
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464b4df6567099719ee902d74b067ef79fb09fc9dff26320053a845a712ba31f2127c59e7b5479d8e0e29e92d33b080cd0710641ef2a9a21446a44f26279eb4b9acae4c8aceda070d3bd2e4fdea014022231ffb6d2f8595bdedc5454dd054b4f7fc60521e6170be2c522ab170e826f76c21543ee59a01a1bf71f9786e663966c5803cabb86726b0d1de2abb77532bbed3047e4790293f69a79506525a41b7d249be746ee3fc71ffd19abbc6a7f172b325458301bc5783249dac03ea9c61f0f09075d0a6d716ce186cbbb5fc13e98814e5c769b9d49bb494d8d84e826086392f57b28dc8520c3d973ec9b55f389ec7a385c1c64e7788dc4108dfefe4106b6252baca&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1669317172861_567749&clickId=107698149_1669317172854_3158301
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464b4df6567099719ee902d74b067ef79fb09fc9dff26320053a845a712ba31f2127c59e7b5479d8e0e29e92d33b080cd0710641ef2a9a21446a44f26279eb4b9acae4c8aceda070d3bd2e4fdea014022231ffb6d2f8595bdedc5454dd054b4f7fc60521e6170be2c522ab170e826f76c21543ee59a01a1bf71f9786e663966c5803cabb86726b0d1de2abb77532bbed3047e4790293f69a79506525a41b7d249be746ee3fc71ffd19abbc6a7f172b325458301bc5783249dac03ea9c61f0f09075d0a6d716ce186cbbb5fc13e98814e5c769b9d49bb494d8d84e826086392f57b28dc8520c3d973ec9b55f389ec7a385c1c64e7788dc4108dfefe4106b6252baca&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1669317172861_567749&clickId=107698149_1669317172854_3158301 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1669317172384&.sig=JQaxYZbyedj4IN4mRzh9OIFykMg-&affiliationId=96966625&comId=11522713&country=no&offerId=f8696de7aa9ce9d07567c921c6609dc9&searchId=107610033497131_1669317172170_6369300&service=36&tokenId=31b33936-7dd6-457b-8d70-a7a883a9d514&addedParams=true&custom1=v0304000142062374a6ae6f0a48c99c516e9d42f166c9&custom2=e7e6bb15baa647a58253d090ef5d387a-couponing
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=18wxvCDPfMfXXk4-xexNDjYSsq2_HBADIv_Gx808cRgI8UD1~TBldMtynwpMlaGjw9rxKHWuHoM5_BW0cSLF-WMh84k6CMnIYCzVyI0VcRrYD_qSnu6wg0CpsVqBnMYK; kelkooID=a4c6295-184ab0e9e77-ea04f; _ga=GA1.2.1479276222.1669317172; _gid=GA1.2.1785509453.1669317172
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:12:53 GMT
Request-Time: PT0.002871S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=96
Connection: Keep-Alive
no-go.kelkoogroup.net/favicon.ico
95.211.116.27403 Forbidden 0 B URL HTTP/1.0 no-go.kelkoogroup.net/favicon.ico
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1669317172384&.sig=JQaxYZbyedj4IN4mRzh9OIFykMg-&affiliationId=96966625&comId=11522713&country=no&offerId=f8696de7aa9ce9d07567c921c6609dc9&searchId=107610033497131_1669317172170_6369300&service=36&tokenId=31b33936-7dd6-457b-8d70-a7a883a9d514&addedParams=true&custom1=v0304000142062374a6ae6f0a48c99c516e9d42f166c9&custom2=e7e6bb15baa647a58253d090ef5d387a-couponing
Connection: keep-alive
Cookie: datadome=18wxvCDPfMfXXk4-xexNDjYSsq2_HBADIv_Gx808cRgI8UD1~TBldMtynwpMlaGjw9rxKHWuHoM5_BW0cSLF-WMh84k6CMnIYCzVyI0VcRrYD_qSnu6wg0CpsVqBnMYK; kelkooID=a4c6295-184ab0e9e77-ea04f; _ga=GA1.2.1479276222.1669317172; _gid=GA1.2.1785509453.1669317172
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.0 403 Forbidden
Server: BigIP
Connection: Keep-Alive
Content-Length: 0
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464b4df6567099719ee902d74b067ef79fb09fc9dff26320053a845a712ba31f2127c59e7b5479d8e0e29e92d33b080cd0710641ef2a9a21446a44f26279eb4b9acae4c8aceda070d3bd2e4fdea014022231ffb6d2f8595bdedc5454dd054b4f7fc60521e6170be2c522ab170e826f76c21543ee59a01a1bf71f9786e663966c5803cabb86726b0d1de2abb77532bbed3047e4790293f69a79506525a41b7d249be746ee3fc71ffd19abbc6a7f172b325458301bc5783249dac03ea9c61f0f09075d0a6d716ce186cbbb5fc13e98814e5c769b9d49bb494d8d84e826086392f57b28dc8520c3d973ec9b55f389ec7a385c1c64e7788dc4108dfefe4106b6252baca&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1669317172861_567749&clickId=107698149_1669317172854_3158301&url=https%3A%2F%2Fwww.batterychampion.no%2Fproducts%2FDigital_Camcorder%2FSony%2FHDR%2FHDR-C%2FHDR-CX500%2FHDR-CX505E%2FCS-FH100D.html%3Fkk%3Da4c6295-184ab0e9e77-ea04f%26assortmentProductId%3D21037289%26shopGroupId%3D88101269%26tracker%3Dkelkoo_no%26currencyId%3D70000000%26langId%3D19%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSony%2BBatteri%2B%25283300%2BmAh%2B7.4%2BV%252C%2BM%25C3%25B8rk%2Bgr%25C3%25A5%2529%2B&initiator=timeout
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464b4df6567099719ee902d74b067ef79fb09fc9dff26320053a845a712ba31f2127c59e7b5479d8e0e29e92d33b080cd0710641ef2a9a21446a44f26279eb4b9acae4c8aceda070d3bd2e4fdea014022231ffb6d2f8595bdedc5454dd054b4f7fc60521e6170be2c522ab170e826f76c21543ee59a01a1bf71f9786e663966c5803cabb86726b0d1de2abb77532bbed3047e4790293f69a79506525a41b7d249be746ee3fc71ffd19abbc6a7f172b325458301bc5783249dac03ea9c61f0f09075d0a6d716ce186cbbb5fc13e98814e5c769b9d49bb494d8d84e826086392f57b28dc8520c3d973ec9b55f389ec7a385c1c64e7788dc4108dfefe4106b6252baca&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1669317172861_567749&clickId=107698149_1669317172854_3158301&url=https%3A%2F%2Fwww.batterychampion.no%2Fproducts%2FDigital_Camcorder%2FSony%2FHDR%2FHDR-C%2FHDR-CX500%2FHDR-CX505E%2FCS-FH100D.html%3Fkk%3Da4c6295-184ab0e9e77-ea04f%26assortmentProductId%3D21037289%26shopGroupId%3D88101269%26tracker%3Dkelkoo_no%26currencyId%3D70000000%26langId%3D19%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSony%2BBatteri%2B%25283300%2BmAh%2B7.4%2BV%252C%2BM%25C3%25B8rk%2Bgr%25C3%25A5%2529%2B&initiator=timeout
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4373002ebc12b4ed464b4df6567099719ee902d74b067ef79fb09fc9dff26320053a845a712ba31f2127c59e7b5479d8e0e29e92d33b080cd0710641ef2a9a21446a44f26279eb4b9acae4c8aceda070d3bd2e4fdea014022231ffb6d2f8595bdedc5454dd054b4f7fc60521e6170be2c522ab170e826f76c21543ee59a01a1bf71f9786e663966c5803cabb86726b0d1de2abb77532bbed3047e4790293f69a79506525a41b7d249be746ee3fc71ffd19abbc6a7f172b325458301bc5783249dac03ea9c61f0f09075d0a6d716ce186cbbb5fc13e98814e5c769b9d49bb494d8d84e826086392f57b28dc8520c3d973ec9b55f389ec7a385c1c64e7788dc4108dfefe4106b6252baca&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1669317172861_567749&clickId=107698149_1669317172854_3158301&url=https%3A%2F%2Fwww.batterychampion.no%2Fproducts%2FDigital_Camcorder%2FSony%2FHDR%2FHDR-C%2FHDR-CX500%2FHDR-CX505E%2FCS-FH100D.html%3Fkk%3Da4c6295-184ab0e9e77-ea04f%26assortmentProductId%3D21037289%26shopGroupId%3D88101269%26tracker%3Dkelkoo_no%26currencyId%3D70000000%26langId%3D19%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSony%2BBatteri%2B%25283300%2BmAh%2B7.4%2BV%252C%2BM%25C3%25B8rk%2Bgr%25C3%25A5%2529%2B&initiator=timeout HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1669317172384&.sig=JQaxYZbyedj4IN4mRzh9OIFykMg-&affiliationId=96966625&comId=11522713&country=no&offerId=f8696de7aa9ce9d07567c921c6609dc9&searchId=107610033497131_1669317172170_6369300&service=36&tokenId=31b33936-7dd6-457b-8d70-a7a883a9d514&addedParams=true&custom1=v0304000142062374a6ae6f0a48c99c516e9d42f166c9&custom2=e7e6bb15baa647a58253d090ef5d387a-couponing
Connection: keep-alive
Cookie: datadome=18wxvCDPfMfXXk4-xexNDjYSsq2_HBADIv_Gx808cRgI8UD1~TBldMtynwpMlaGjw9rxKHWuHoM5_BW0cSLF-WMh84k6CMnIYCzVyI0VcRrYD_qSnu6wg0CpsVqBnMYK; kelkooID=a4c6295-184ab0e9e77-ea04f; _ga=GA1.2.1479276222.1669317172; _gid=GA1.2.1785509453.1669317172
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Thu, 24 Nov 2022 19:12:53 GMT
leadId: dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1669317172861_567749
clickId: 107698149_1669317172854_3158301
country: no
Location: https://www.batterychampion.no/products/Digital_Camcorder/Sony/HDR/HDR-C/HDR-CX500/HDR-CX505E/CS-FH100D.html?kk=a4c6295-184ab0e9e77-ea04f&assortmentProductId=21037289&shopGroupId=88101269&tracker=kelkoo_no¤cyId=70000000&langId=19&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Sony+Batteri+%283300+mAh+7.4+V%2C+M%C3%B8rk+gr%C3%A5%29+
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.013945S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=3e3GWM9zZOt22fGYOYNcL1eJ4vjqXCoPLd4FfYBEmjI4_rWol5~n8QTRBGnKDfEEP01v3K3szX6fHMN5gU5DVg-ueHQITThIa9jMZYHCuC6A7dvVRv-buOC0tsodzDjl; Max-Age=31536000; Expires=Fri, 24 Nov 2023 19:12:53 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=95
Connection: Keep-Alive
Content-Type: text/plain
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2bba9e0e9fee412af713d50892bbf089
155c43aad9eb1755efd69db873e3b8513f70ad30
8f8701461925e79678d3f93ac7508602160845a2c5887982a8f9794cce311440
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:12:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:51:19 GMT
Expires: Tue, 29 Nov 2022 13:51:18 GMT
Etag: "155c43aad9eb1755efd69db873e3b8513f70ad30"
Cache-Control: max-age=599127,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 584
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f4756e2c830b41-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55c011d5090eb77815e6999b7d208c2b
5b58e6693e68a05fcc4cddd3afd8400c5cab2f9b
5c297f1d9d5f374d5c44ca508247ecb8da07efe12a44a0b78e588637935493c8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C297F1D9D5F374D5C44CA508247ECB8DA07EFE12A44A0B78E588637935493C8"
Last-Modified: Thu, 24 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5246
Expires: Thu, 24 Nov 2022 20:40:19 GMT
Date: Thu, 24 Nov 2022 19:12:53 GMT
Connection: keep-alive
api-js.datadome.co/js/
13.51.39.45200 OK 236 B IP 13.51.39.45:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d007c2e0891d84f5cf184373595059f7
eca4dc963159ea7c9c5782e5b090ea5a994d3dea
4c4d50a52a6b0f020df32302647d0bfce97e969b81f6b137898fb8b61d81541c
POST /js/ HTTP/1.1
Host: api-js.datadome.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4185
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:12:53 GMT
content-type: application/json;charset=utf-8
content-length: 236
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2
www.batterychampion.no/products/Digital_Camcorder/Sony/HDR/HDR-C/HDR-CX500/HDR-CX505E/CS-FH100D.html?kk=a4c6295-184ab0e9e77-ea04f&assortmentProductId=21037289&shopGroupId=88101269&tracker=kelkoo_no¤cyId=70000000&langId=19&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Sony+Batteri+%283300+mAh+7.4+V%2C+M%C3%B8rk+gr%C3%A5%29+
89.188.12.130301 Moved Permanently 543 B URL HTTP/1.1 www.batterychampion.no/products/Digital_Camcorder/Sony/HDR/HDR-C/HDR-CX500/HDR-CX505E/CS-FH100D.html?kk=a4c6295-184ab0e9e77-ea04f&assortmentProductId=21037289&shopGroupId=88101269&tracker=kelkoo_no¤cyId=70000000&langId=19&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Sony+Batteri+%283300+mAh+7.4+V%2C+M%C3%B8rk+gr%C3%A5%29+
IP 89.188.12.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (385)
Hash de390420525c13aca962e6052b928707
a10a149cee19a906230fa8916f3e91e42a61fe25
605609ea80bf21e19de934be4fec8e0a78045670bede15b1f58e671491fc2a6f
GET /products/Digital_Camcorder/Sony/HDR/HDR-C/HDR-CX500/HDR-CX505E/CS-FH100D.html?kk=a4c6295-184ab0e9e77-ea04f&assortmentProductId=21037289&shopGroupId=88101269&tracker=kelkoo_no¤cyId=70000000&langId=19&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Sony+Batteri+%283300+mAh+7.4+V%2C+M%C3%B8rk+gr%C3%A5%29+ HTTP/1.1
Host: www.batterychampion.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 19:12:53 GMT
Server: Apache/2.4.54 (Debian)
Location: https://www.batterychampion.no/shopBrowser.php?kk=a4c6295-184ab0e9e77-ea04f&assortmentProductId=21037289&shopGroupId=88101269&tracker=kelkoo_no¤cyId=70000000&langId=19&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Sony+Batteri+%283300+mAh+7.4+V%2C+M%C3%B8rk+gr%C3%A5%29+
Content-Length: 543
Connection: close
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FsitesearchGo%3F.ts%3D1669317172384%26.sig%3DJQaxYZbyedj4IN4mRzh9OIFykMg-%26affiliationId%3D96966625%26comId%3D11522713%26country%3Dno%26offerId%3Df8696de7aa9ce9d07567c921c6609dc9%26searchId%3D107610033497131_1669317172170_6369300%26service%3D36%26tokenId%3D31b33936-7dd6-457b-8d70-a7a883a9d514%26addedParams%3Dtrue%26custom1%3Dv0304000142062374a6ae6f0a48c99c516e9d42f166c9%26custom2%3De7e6bb15baa647a58253d090ef5d387a-couponing&dr=https%3A%2F%2Fr.srvtrck.com%2F&dp=%2F96966625%7C11522713%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20BatteryChampion&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1479276222.1669317172&tid=UA-168544891-6&_gid=1785509453.1669317172&_r=1&cd1=96966625&cd2=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1669317172861_567749&cd3=11522713&cd4=a4c6295-184ab0e9e77-ea04f&cd5=&cd6=96966625%7C11522713%7C&z=1906403185
142.250.74.174200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FsitesearchGo%3F.ts%3D1669317172384%26.sig%3DJQaxYZbyedj4IN4mRzh9OIFykMg-%26affiliationId%3D96966625%26comId%3D11522713%26country%3Dno%26offerId%3Df8696de7aa9ce9d07567c921c6609dc9%26searchId%3D107610033497131_1669317172170_6369300%26service%3D36%26tokenId%3D31b33936-7dd6-457b-8d70-a7a883a9d514%26addedParams%3Dtrue%26custom1%3Dv0304000142062374a6ae6f0a48c99c516e9d42f166c9%26custom2%3De7e6bb15baa647a58253d090ef5d387a-couponing&dr=https%3A%2F%2Fr.srvtrck.com%2F&dp=%2F96966625%7C11522713%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20BatteryChampion&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1479276222.1669317172&tid=UA-168544891-6&_gid=1785509453.1669317172&_r=1&cd1=96966625&cd2=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1669317172861_567749&cd3=11522713&cd4=a4c6295-184ab0e9e77-ea04f&cd5=&cd6=96966625%7C11522713%7C&z=1906403185
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FsitesearchGo%3F.ts%3D1669317172384%26.sig%3DJQaxYZbyedj4IN4mRzh9OIFykMg-%26affiliationId%3D96966625%26comId%3D11522713%26country%3Dno%26offerId%3Df8696de7aa9ce9d07567c921c6609dc9%26searchId%3D107610033497131_1669317172170_6369300%26service%3D36%26tokenId%3D31b33936-7dd6-457b-8d70-a7a883a9d514%26addedParams%3Dtrue%26custom1%3Dv0304000142062374a6ae6f0a48c99c516e9d42f166c9%26custom2%3De7e6bb15baa647a58253d090ef5d387a-couponing&dr=https%3A%2F%2Fr.srvtrck.com%2F&dp=%2F96966625%7C11522713%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20BatteryChampion&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1479276222.1669317172&tid=UA-168544891-6&_gid=1785509453.1669317172&_r=1&cd1=96966625&cd2=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1669317172861_567749&cd3=11522713&cd4=a4c6295-184ab0e9e77-ea04f&cd5=&cd6=96966625%7C11522713%7C&z=1906403185 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Thu, 24 Nov 2022 19:12:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.batterychampion.no/shopBrowser.php?kk=a4c6295-184ab0e9e77-ea04f&assortmentProductId=21037289&shopGroupId=88101269&tracker=kelkoo_no¤cyId=70000000&langId=19&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Sony+Batteri+%283300+mAh+7.4+V%2C+M%C3%B8rk+gr%C3%A5%29+
89.188.12.130200 OK 59 kB URL HTTP/1.1 www.batterychampion.no/shopBrowser.php?kk=a4c6295-184ab0e9e77-ea04f&assortmentProductId=21037289&shopGroupId=88101269&tracker=kelkoo_no¤cyId=70000000&langId=19&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Sony+Batteri+%283300+mAh+7.4+V%2C+M%C3%B8rk+gr%C3%A5%29+
IP 89.188.12.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65508), with no line terminators
Hash 433c7ba10608e42d2067a5a800deef7e
94e2b9cfd6afd6c6f55f28dac2b7a7e6552f14bb
05fbff5b46dd93105139747f0d489f9c9683ab83c608d7bdc644cbfb001cc76f
GET /shopBrowser.php?kk=a4c6295-184ab0e9e77-ea04f&assortmentProductId=21037289&shopGroupId=88101269&tracker=kelkoo_no¤cyId=70000000&langId=19&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Sony+Batteri+%283300+mAh+7.4+V%2C+M%C3%B8rk+gr%C3%A5%29+ HTTP/1.1
Host: www.batterychampion.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:12:53 GMT
Server: Apache/2.4.54 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=gs2pcgrglfejqgmja1r6u0a0g7; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55bc30743496fc60ba35a242c2d2f0a8
5119b5b017f39b3379556534f2ca4e3cedd4fa3b
0addb4cc5a85506efa7c0f820e1ebcb1383bf4d4cd53f895df54a402b196959c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:12:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion.js
142.250.74.98200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (2772)
Hash ac7574cbc5b2e85b7ddfa76b8657e59d
2bbeec5531576d6352b1c2b74e0e05c1ea10251d
bdf1e52afba9d671ea698707f97e8609de6360c502dc7b6eed2f40f979e08387
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batterychampion.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 24 Nov 2022 19:12:54 GMT
expires: Thu, 24 Nov 2022 19:12:54 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16359567893097152046
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16827
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
promoprawn.com/norway/?utm_source=no&utm_medium=89673379090
172.67.209.137302 Found 0 B URL HTTP/2 promoprawn.com/norway/?utm_source=no&utm_medium=89673379090
IP 172.67.209.137:0
GET /norway/?utm_source=no&utm_medium=89673379090 HTTP/1.1
Host: promoprawn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: utm_source=no; utm_medium=89673379090; handl_landing_page=https%3A%2F%2Fpromoprawn.com%2Fnorway%3Futm_source%3Dno%26utm_medium%3D89673379090; handl_ip=91.90.42.154; handl_url=https%3A%2F%2Fpromoprawn.com%2Fnorway%3Futm_source%3Dno%26utm_medium%3D89673379090
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 19:12:49 GMT
content-type: text/html; charset=UTF-8
location: https://promoprawn.com/go-to-batterychampion-no
x-powered-by: PHP/7.4.28
cf-edge-cache: cache,platform=wordpress
set-cookie: utm_source=no; expires=Sat, 24-Dec-2022 19:12:49 GMT; Max-Age=2592000; path=/; domain=.promoprawn.com
utm_medium=89673379090; expires=Sat, 24-Dec-2022 19:12:49 GMT; Max-Age=2592000; path=/; domain=.promoprawn.com
utm_term=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
utm_content=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
utm_campaign=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
gclid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
handl_original_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
handl_landing_page=https%3A%2F%2Fpromoprawn.com%2Fnorway%3Futm_source%3Dno%26utm_medium%3D89673379090; expires=Sat, 24-Dec-2022 19:12:49 GMT; Max-Age=2592000; path=/; domain=.promoprawn.com
handl_ip=91.90.42.154; expires=Sat, 24-Dec-2022 19:12:49 GMT; Max-Age=2592000; path=/; domain=.promoprawn.com
handl_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
handl_url=https%3A%2F%2Fpromoprawn.com%2Fnorway%2F%3Futm_source%3Dno%26utm_medium%3D89673379090; expires=Sat, 24-Dec-2022 19:12:49 GMT; Max-Age=2592000; path=/; domain=.promoprawn.com
email=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
username=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
x-redirect-by: WordPress
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4A8UMKmhX60hTVGnPKdB6KMpZOAJQw8jo30%2Fdt%2FU8DCOKxOQP%2BLdUTr7WHscg1cTdff1DZKbvUOM0Lj7Mv42Bqc%2FgbzOHW7QddtlQPhCTYqBkfchf05Q4lQHh%2FwfIaXfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f475530f340b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r.srvtrck.com/v2/go?t=gtipo%3Au%2Fcoag8.defk0o0r3u2.5e7%2F6ta%2F5obs6t7s%3DamctGu%3F%26tc%3D66f9419162589%26cs4g0J6aaYab7e2j0I440R0h0O0F%3Dkmgt%26uf%26iuittsoaIa%3Dd6d6a6455c9m3d8175-2718%26bo5n-rd%3D7o6o9f3r1d%3DfI6e6oe%26a39eeidr7s60c326c66091c7%267e3r6h1d111791303046703%3D_I6c9a1s192d70_6319907%265e0v9cc%3Da67tdk9n8d%3D3Ibe3f3%26-ndy6t4u7c-3d702a1a%3D8Iaod%2612%266d9e9Pdrnmi%3Darlefcas-oM1yvI394z0m1N246d3y4Z6xeQf%3Dai8.94c317e7d326116s9.coshor2eeeeib%2F1gblac4tan8p5odg9oel5k3o7--no%2Fpsntnh&e=1&ai=1dfb02497cfe47ef8da9b954d4418e3d&sct=1&ct=1669317172550&cu=2374a6ae6f0a48c99c516e9d42f166c9&ykuid=3cfe5b0b5493405fb032cee8d1552497&sc=1&cs=8ffd01c5bc6a16026be057ed9ab3e8a9
104.19.169.96200 OK 0 B URL HTTP/2 r.srvtrck.com/v2/go?t=gtipo%3Au%2Fcoag8.defk0o0r3u2.5e7%2F6ta%2F5obs6t7s%3DamctGu%3F%26tc%3D66f9419162589%26cs4g0J6aaYab7e2j0I440R0h0O0F%3Dkmgt%26uf%26iuittsoaIa%3Dd6d6a6455c9m3d8175-2718%26bo5n-rd%3D7o6o9f3r1d%3DfI6e6oe%26a39eeidr7s60c326c66091c7%267e3r6h1d111791303046703%3D_I6c9a1s192d70_6319907%265e0v9cc%3Da67tdk9n8d%3D3Ibe3f3%26-ndy6t4u7c-3d702a1a%3D8Iaod%2612%266d9e9Pdrnmi%3Darlefcas-oM1yvI394z0m1N246d3y4Z6xeQf%3Dai8.94c317e7d326116s9.coshor2eeeeib%2F1gblac4tan8p5odg9oel5k3o7--no%2Fpsntnh&e=1&ai=1dfb02497cfe47ef8da9b954d4418e3d&sct=1&ct=1669317172550&cu=2374a6ae6f0a48c99c516e9d42f166c9&ykuid=3cfe5b0b5493405fb032cee8d1552497&sc=1&cs=8ffd01c5bc6a16026be057ed9ab3e8a9
IP 104.19.169.96:0
GET /v2/go?t=gtipo%3Au%2Fcoag8.defk0o0r3u2.5e7%2F6ta%2F5obs6t7s%3DamctGu%3F%26tc%3D66f9419162589%26cs4g0J6aaYab7e2j0I440R0h0O0F%3Dkmgt%26uf%26iuittsoaIa%3Dd6d6a6455c9m3d8175-2718%26bo5n-rd%3D7o6o9f3r1d%3DfI6e6oe%26a39eeidr7s60c326c66091c7%267e3r6h1d111791303046703%3D_I6c9a1s192d70_6319907%265e0v9cc%3Da67tdk9n8d%3D3Ibe3f3%26-ndy6t4u7c-3d702a1a%3D8Iaod%2612%266d9e9Pdrnmi%3Darlefcas-oM1yvI394z0m1N246d3y4Z6xeQf%3Dai8.94c317e7d326116s9.coshor2eeeeib%2F1gblac4tan8p5odg9oel5k3o7--no%2Fpsntnh&e=1&ai=1dfb02497cfe47ef8da9b954d4418e3d&sct=1&ct=1669317172550&cu=2374a6ae6f0a48c99c516e9d42f166c9&ykuid=3cfe5b0b5493405fb032cee8d1552497&sc=1&cs=8ffd01c5bc6a16026be057ed9ab3e8a9 HTTP/1.1
Host: r.srvtrck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ykuid=3cfe5b0b5493405fb032cee8d1552497
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:12:52 GMT
content-type: text/html;charset=UTF-8
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f475688d98b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
promoprawn.com/norway?utm_source=no&utm_medium=89673379090
172.67.209.137301 Moved Permanently 0 B URL HTTP/2 promoprawn.com/norway?utm_source=no&utm_medium=89673379090
IP 172.67.209.137:0
GET /norway?utm_source=no&utm_medium=89673379090 HTTP/1.1
Host: promoprawn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 24 Nov 2022 19:12:49 GMT
content-type: text/html; charset=UTF-8
location: https://promoprawn.com/norway/?utm_source=no&utm_medium=89673379090
x-powered-by: PHP/7.4.28
cf-edge-cache: cache,platform=wordpress
set-cookie: utm_source=no; expires=Sat, 24-Dec-2022 19:12:49 GMT; Max-Age=2592000; path=/; domain=.promoprawn.com
utm_medium=89673379090; expires=Sat, 24-Dec-2022 19:12:49 GMT; Max-Age=2592000; path=/; domain=.promoprawn.com
utm_term=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
utm_content=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
utm_campaign=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
gclid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
handl_original_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
handl_landing_page=https%3A%2F%2Fpromoprawn.com%2Fnorway%3Futm_source%3Dno%26utm_medium%3D89673379090; expires=Sat, 24-Dec-2022 19:12:49 GMT; Max-Age=2592000; path=/; domain=.promoprawn.com
handl_ip=91.90.42.154; expires=Sat, 24-Dec-2022 19:12:49 GMT; Max-Age=2592000; path=/; domain=.promoprawn.com
handl_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
handl_url=https%3A%2F%2Fpromoprawn.com%2Fnorway%3Futm_source%3Dno%26utm_medium%3D89673379090; expires=Sat, 24-Dec-2022 19:12:49 GMT; Max-Age=2592000; path=/; domain=.promoprawn.com
email=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
username=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.promoprawn.com
x-redirect-by: WordPress
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8uJEeRreoXSgAXSqYqTeexL5ab5YjIlb%2FKExelxzFLYiZ1KJHeKU3WT9ORzd77AWGW9%2FYS6ZKVawjeUIrxdEMI3fT5x7nX0bNYjnLQ8JAEVkruZp5BAe9AqK5Q7B2gWrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f4754fcffa0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2