r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18168
Expires: Wed, 30 Nov 2022 13:12:00 GMT
Date: Wed, 30 Nov 2022 08:09:12 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 436
Cache-Control: max-age=95355
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:12 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 10:38:27 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5073
Expires: Wed, 30 Nov 2022 09:33:45 GMT
Date: Wed, 30 Nov 2022 08:09:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 07:19:40 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2972
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DTjh24t7UF/t7kvdaf1YhCfkgnfNbGll7wAOobCGBHJFtT+Uwe0zqbspQWT7ttoIhwAVhHMT7nU=
x-amz-request-id: 2BT0KNSZKC9B1JD4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 07:45:08 GMT
age: 1444
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 08:08:56 GMT
cache-control: public,max-age=3600
age: 17
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 436
Cache-Control: max-age=90291
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:13 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:14:04 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
www.polarroute.com/newimage.asp?imageid=eywwfa-635980639&type=0&resid=6942562
200 OK 2.7 kB URL HTTP/1.1 www.polarroute.com/newimage.asp?imageid=eywwfa-635980639&type=0&resid=6942562
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2118)
Hash 867e69c6f2ebbee81032f7f8d23640eb
6e023ddbc5d63dd28c29d3058f5b56c854985daf
4ebf3d7efc7c89aed19b75c650a74cba6568c8d87ddb37f1dba5d1b1935376b8
GET /newimage.asp?imageid=eywwfa-635980639&type=0&resid=6942562 HTTP/1.1
Host: www.polarroute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:09:12 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Expires: Mon, 22 Jul 2002 11:12:01 GMT
Cache-Control: private, no-cache
Pragma: no-cache
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_PKq2L6fTZH12MtNUpNNGoi0cU8lxChtF5tTC60aUQaVqcYATSxAh4Qo6dUxhWJUCnrfSZ00527WenaIc1shLfg==
Keep-Alive: timeout=5, max=125
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Transfer-Encoding: chunked
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LacsMtOUwNesWuucmVceVA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ITr00NWRePCDG/rn74spNLTHPi4=
www.polarroute.com/px.js?ch=1
200 OK 346 B URL HTTP/1.1 www.polarroute.com/px.js?ch=1
IP
File type ASCII text, with very long lines (346), with no line terminators
Hash f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
Analyzer Verdict Alert fortinet Malware
GET /px.js?ch=1 HTTP/1.1
Host: www.polarroute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.polarroute.com/newimage.asp?imageid=eywwfa-635980639&type=0&resid=6942562
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:09:13 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=124
Connection: Keep-Alive
Content-Type: application/javascript
www.polarroute.com/px.js?ch=2
200 OK 346 B URL HTTP/1.1 www.polarroute.com/px.js?ch=2
IP
File type ASCII text, with very long lines (346), with no line terminators
Hash f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
Analyzer Verdict Alert fortinet Malware
GET /px.js?ch=2 HTTP/1.1
Host: www.polarroute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.polarroute.com/newimage.asp?imageid=eywwfa-635980639&type=0&resid=6942562
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:09:13 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=114
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14745
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 08:09:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14744
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 08:09:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14744
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 08:09:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14744
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 08:09:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14744
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 08:09:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f621857774e4b4adda95f58081644859
639165dc66d171b8266f22cd495181427112bc80
341fd33d3d9486079c182d60e21c355244b6597e6e09ba51ecee2e331b38ca2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10068
x-amzn-requestid: 7f386e94-3c17-44a1-a36b-3d0eeff4623d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEQQoAMFihA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-5069acfd038ffb2c124b7bd8;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Bh6VQ3BLEXcZKHFyJxHVGQWVQm-w2s0786t8SQOcHQUaNvSFc1rg-A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
etag: "639165dc66d171b8266f22cd495181427112bc80"
content-type: image/jpeg
age: 36984
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:35:09 GMT
age: 34446
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8825a2c5c0d98323f489e0b816b7f1d8
05f46985ea4ace57460120876da8e19db08857b3
1d12590a78b32146d6f1d107fb93bdb6cb45228d15babd087c0111495d7138e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 67e1ba67-b4fb-42c8-985d-f34164101c7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhIGGtloAMFxjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bcd-295995bb1123430c55659fe3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vOFoi7vW7NluI5wQB03BGh9efp_jvCoH1sUh4s1ubG_JAC6KcDkHxg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:15:52 GMT
age: 35603
etag: "05f46985ea4ace57460120876da8e19db08857b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e135c29a8769eb12ef8c26f99097400
87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:58:15 GMT
age: 36660
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 36984
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 536cd283dee06cf1ceb9e15e4850db92
47aafca572d34f9726a0174ac902178556e581d8
63a5acf87962da6656f828422545af0ccc0888f0a2a15ebd2160ffb3714e6241
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7658
x-amzn-requestid: e729e5b6-0c92-4ed3-b449-4a30d5bb4b89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEyEQSIAMFWsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1e-1bba7e9a2d15d66779b1896c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AuN9hTb4YydNZjvpnTGyE313wl-O3F_p4jC_NUSe8kr3RB_4AjOEMw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 36770
etag: "47aafca572d34f9726a0174ac902178556e581d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
trnadszc.com/trf?&o=B6%2B9VvCjEKCus3qbWzSWJqZttFJf5M5FMQyle3XGx3Kpa20KvZjMJFYYP%2BsdLY4tavfaGS07Ze%2BG6UqbVwdyiwhZ7f1ccV1tFQ6vmunALFG12C7SGdiokOvqS1pA2HyIvXnkRN%2BiQCaomOCG59PsKZ2jwwt%2BzlTIaiBRDFMooAH7pM6IAGfMi6gbE6UBRG5aniDUQHjJmCuHp4VDBAVf%2FPgaYQobMwMCuZ8PVjFgK5PBTVa6Zm0Tv3PIWTq8w0HSwtz7jRlR%2BMMTRG0GpyALET%2BS9YwjVI32fdnz0C5hCr1zNA6x1Dz9affXFTj3zhXNaL1jcjUoKY4eVW7gPD4lUTNIYVzrxjNAOR8WpVrNYOILt0URhOaOJQOR1AR4RMWczmbeFjtwSO6CuqXzWUHRqhCMHv9JxTp0J3SwVXwzC5CvUXPrO8%2BAdVZWuq%2FocRl3c6Wc5z%2FEJDOMOpixBZAnGWfNP8xTS22%2Fyq7CKMboWcHoAc%2FJase1TIGvkg4DUSzcl%2BCEUtFRNzL4RS42BxpPQg2WimcPbJiK5Y%2FjwRLEQI4%3D&c=21184173413530937778825&n=mQD1o%2FS6IU2Onz0J5mnyPG1ry7mPgpyvhWABIY%2F5x3UWTGUMluREtJnAXv8dTmjPrMxZOUziWHoRlSuFjg5UwKUFyxVai2TdBomrcmcf%2FkUdPOaqHctzzmL9X%2FGzuajwIBaMpJzBtgyNp%2BTA4%2FDEg%2B2WNKhSzqn7tpE66hs7ZQBkaXUl93OtlSOMt687ebR2PaRw%2B6AoJ%2FwJoxMbrWVyme3fYFFxJse1LaknUv8mk1w7E%2BgC7l%2FVyJNKR4vavaVVuZqDaAvhzaCf4jb0mnjM05%2F9cuS3t6%2FnLO%2FQ7cPjMMmiQWWPnU%2BAFvnvWAZ4qfzctPbHoo03pcX7WznzXp7zqfh%2F7rYNlw1%2FeOgbdxvg3zpyQ5jxdsTgPQzpqejQdffSKX2A%2F%2BwHnSYRV1bqHbUJhBPblzM6aLajMI9vXPFDQwVwjRBwUyY8CKBrKiFlNi%2BbHruvvlRwEpncyDdHfwFl%2FvetaDc7gxrZvAKFu082QN4rW8iePGB%2F8DzTPEawywun9ogX7AK7TPmOhOBDlBFxlOYW6sjvPKaTHLP3pj3FzXL1rQctPK2LZldZWt1XD1884EOPU9ZZcX0gVKTCvlwnuStiDdD04c%2FHGu9ZRsJoK6jvrD1fk5FqTQObF%2FMF6OY%2FaDd2t86982divKO7U3Vcj%2FiGCLHjwQ9rNiX9LJU1PZz%2F1PWMq%2BYffBo1xzydU2XEDlcie3wbTGC%2Fu0oAvnBDthg0WdeHeoYTx0OZotUEPnU0I0YpnK3%2B3rvAhjoC7PJV8WuFWEHJtDX1XKLy7kZeZBlsCu9hKyya9XYd2Mfb9fyPKWRDbGYmNKe73hcV5yb%2FezJ4QcFJA27vfvmdwnj%2FFS0E2hF6UEmLc%2FiTupWA%2BDdi%2BXK7uTSN4aU3R2gXbQgjKomqu5FbyAp6Rjmi4oHp7BPimxVInaaznzZYPoTUSjk%3D&kgp=0&_opnslfp=1&jccheck=1
200 OK 1.4 kB URL HTTP/1.1 trnadszc.com/trf?&o=B6%2B9VvCjEKCus3qbWzSWJqZttFJf5M5FMQyle3XGx3Kpa20KvZjMJFYYP%2BsdLY4tavfaGS07Ze%2BG6UqbVwdyiwhZ7f1ccV1tFQ6vmunALFG12C7SGdiokOvqS1pA2HyIvXnkRN%2BiQCaomOCG59PsKZ2jwwt%2BzlTIaiBRDFMooAH7pM6IAGfMi6gbE6UBRG5aniDUQHjJmCuHp4VDBAVf%2FPgaYQobMwMCuZ8PVjFgK5PBTVa6Zm0Tv3PIWTq8w0HSwtz7jRlR%2BMMTRG0GpyALET%2BS9YwjVI32fdnz0C5hCr1zNA6x1Dz9affXFTj3zhXNaL1jcjUoKY4eVW7gPD4lUTNIYVzrxjNAOR8WpVrNYOILt0URhOaOJQOR1AR4RMWczmbeFjtwSO6CuqXzWUHRqhCMHv9JxTp0J3SwVXwzC5CvUXPrO8%2BAdVZWuq%2FocRl3c6Wc5z%2FEJDOMOpixBZAnGWfNP8xTS22%2Fyq7CKMboWcHoAc%2FJase1TIGvkg4DUSzcl%2BCEUtFRNzL4RS42BxpPQg2WimcPbJiK5Y%2FjwRLEQI4%3D&c=21184173413530937778825&n=mQD1o%2FS6IU2Onz0J5mnyPG1ry7mPgpyvhWABIY%2F5x3UWTGUMluREtJnAXv8dTmjPrMxZOUziWHoRlSuFjg5UwKUFyxVai2TdBomrcmcf%2FkUdPOaqHctzzmL9X%2FGzuajwIBaMpJzBtgyNp%2BTA4%2FDEg%2B2WNKhSzqn7tpE66hs7ZQBkaXUl93OtlSOMt687ebR2PaRw%2B6AoJ%2FwJoxMbrWVyme3fYFFxJse1LaknUv8mk1w7E%2BgC7l%2FVyJNKR4vavaVVuZqDaAvhzaCf4jb0mnjM05%2F9cuS3t6%2FnLO%2FQ7cPjMMmiQWWPnU%2BAFvnvWAZ4qfzctPbHoo03pcX7WznzXp7zqfh%2F7rYNlw1%2FeOgbdxvg3zpyQ5jxdsTgPQzpqejQdffSKX2A%2F%2BwHnSYRV1bqHbUJhBPblzM6aLajMI9vXPFDQwVwjRBwUyY8CKBrKiFlNi%2BbHruvvlRwEpncyDdHfwFl%2FvetaDc7gxrZvAKFu082QN4rW8iePGB%2F8DzTPEawywun9ogX7AK7TPmOhOBDlBFxlOYW6sjvPKaTHLP3pj3FzXL1rQctPK2LZldZWt1XD1884EOPU9ZZcX0gVKTCvlwnuStiDdD04c%2FHGu9ZRsJoK6jvrD1fk5FqTQObF%2FMF6OY%2FaDd2t86982divKO7U3Vcj%2FiGCLHjwQ9rNiX9LJU1PZz%2F1PWMq%2BYffBo1xzydU2XEDlcie3wbTGC%2Fu0oAvnBDthg0WdeHeoYTx0OZotUEPnU0I0YpnK3%2B3rvAhjoC7PJV8WuFWEHJtDX1XKLy7kZeZBlsCu9hKyya9XYd2Mfb9fyPKWRDbGYmNKe73hcV5yb%2FezJ4QcFJA27vfvmdwnj%2FFS0E2hF6UEmLc%2FiTupWA%2BDdi%2BXK7uTSN4aU3R2gXbQgjKomqu5FbyAp6Rjmi4oHp7BPimxVInaaznzZYPoTUSjk%3D&kgp=0&_opnslfp=1&jccheck=1
IP
ASN #40034 CONFLUENCE-NETWORK-INC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (576)
Hash f06b692cb6d29fbef61d3f211548357b
f6cb70d4d9d748066f0e18d55f144feec19676d9
d450964b2fc9ae34a583c4cda61fd91d6ce2e2dc51d32df916f0cdab40ceddea
GET /trf?&o=B6%2B9VvCjEKCus3qbWzSWJqZttFJf5M5FMQyle3XGx3Kpa20KvZjMJFYYP%2BsdLY4tavfaGS07Ze%2BG6UqbVwdyiwhZ7f1ccV1tFQ6vmunALFG12C7SGdiokOvqS1pA2HyIvXnkRN%2BiQCaomOCG59PsKZ2jwwt%2BzlTIaiBRDFMooAH7pM6IAGfMi6gbE6UBRG5aniDUQHjJmCuHp4VDBAVf%2FPgaYQobMwMCuZ8PVjFgK5PBTVa6Zm0Tv3PIWTq8w0HSwtz7jRlR%2BMMTRG0GpyALET%2BS9YwjVI32fdnz0C5hCr1zNA6x1Dz9affXFTj3zhXNaL1jcjUoKY4eVW7gPD4lUTNIYVzrxjNAOR8WpVrNYOILt0URhOaOJQOR1AR4RMWczmbeFjtwSO6CuqXzWUHRqhCMHv9JxTp0J3SwVXwzC5CvUXPrO8%2BAdVZWuq%2FocRl3c6Wc5z%2FEJDOMOpixBZAnGWfNP8xTS22%2Fyq7CKMboWcHoAc%2FJase1TIGvkg4DUSzcl%2BCEUtFRNzL4RS42BxpPQg2WimcPbJiK5Y%2FjwRLEQI4%3D&c=21184173413530937778825&n=mQD1o%2FS6IU2Onz0J5mnyPG1ry7mPgpyvhWABIY%2F5x3UWTGUMluREtJnAXv8dTmjPrMxZOUziWHoRlSuFjg5UwKUFyxVai2TdBomrcmcf%2FkUdPOaqHctzzmL9X%2FGzuajwIBaMpJzBtgyNp%2BTA4%2FDEg%2B2WNKhSzqn7tpE66hs7ZQBkaXUl93OtlSOMt687ebR2PaRw%2B6AoJ%2FwJoxMbrWVyme3fYFFxJse1LaknUv8mk1w7E%2BgC7l%2FVyJNKR4vavaVVuZqDaAvhzaCf4jb0mnjM05%2F9cuS3t6%2FnLO%2FQ7cPjMMmiQWWPnU%2BAFvnvWAZ4qfzctPbHoo03pcX7WznzXp7zqfh%2F7rYNlw1%2FeOgbdxvg3zpyQ5jxdsTgPQzpqejQdffSKX2A%2F%2BwHnSYRV1bqHbUJhBPblzM6aLajMI9vXPFDQwVwjRBwUyY8CKBrKiFlNi%2BbHruvvlRwEpncyDdHfwFl%2FvetaDc7gxrZvAKFu082QN4rW8iePGB%2F8DzTPEawywun9ogX7AK7TPmOhOBDlBFxlOYW6sjvPKaTHLP3pj3FzXL1rQctPK2LZldZWt1XD1884EOPU9ZZcX0gVKTCvlwnuStiDdD04c%2FHGu9ZRsJoK6jvrD1fk5FqTQObF%2FMF6OY%2FaDd2t86982divKO7U3Vcj%2FiGCLHjwQ9rNiX9LJU1PZz%2F1PWMq%2BYffBo1xzydU2XEDlcie3wbTGC%2Fu0oAvnBDthg0WdeHeoYTx0OZotUEPnU0I0YpnK3%2B3rvAhjoC7PJV8WuFWEHJtDX1XKLy7kZeZBlsCu9hKyya9XYd2Mfb9fyPKWRDbGYmNKe73hcV5yb%2FezJ4QcFJA27vfvmdwnj%2FFS0E2hF6UEmLc%2FiTupWA%2BDdi%2BXK7uTSN4aU3R2gXbQgjKomqu5FbyAp6Rjmi4oHp7BPimxVInaaznzZYPoTUSjk%3D&kgp=0&_opnslfp=1&jccheck=1 HTTP/1.1
Host: trnadszc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.polarroute.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:09:14 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Expires: Mon, 22 Jul 2002 11:12:01 GMT
Cache-Control: private, no-cache
Pragma: no-cache
Cteonnt-Length: 3308
Keep-Alive: timeout=5, max=126
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Content-Length: 1433
trnadszc.com/favicon.ico
404 Not Found 30 B IP
ASN #40034 CONFLUENCE-NETWORK-INC
File type ASCII text, with no line terminators
Hash c4609c83d6054d974c265b208bdc2a21
7e963e7185900347babd1f2797312c0ca21fa4ae
6cd85e3008758f2e06eeff9efdf9b4ad2981f6654f87918d155b0aced68d959a
GET /favicon.ico HTTP/1.1
Host: trnadszc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trnadszc.com/trf?&o=B6%2B9VvCjEKCus3qbWzSWJqZttFJf5M5FMQyle3XGx3Kpa20KvZjMJFYYP%2BsdLY4tavfaGS07Ze%2BG6UqbVwdyiwhZ7f1ccV1tFQ6vmunALFG12C7SGdiokOvqS1pA2HyIvXnkRN%2BiQCaomOCG59PsKZ2jwwt%2BzlTIaiBRDFMooAH7pM6IAGfMi6gbE6UBRG5aniDUQHjJmCuHp4VDBAVf%2FPgaYQobMwMCuZ8PVjFgK5PBTVa6Zm0Tv3PIWTq8w0HSwtz7jRlR%2BMMTRG0GpyALET%2BS9YwjVI32fdnz0C5hCr1zNA6x1Dz9affXFTj3zhXNaL1jcjUoKY4eVW7gPD4lUTNIYVzrxjNAOR8WpVrNYOILt0URhOaOJQOR1AR4RMWczmbeFjtwSO6CuqXzWUHRqhCMHv9JxTp0J3SwVXwzC5CvUXPrO8%2BAdVZWuq%2FocRl3c6Wc5z%2FEJDOMOpixBZAnGWfNP8xTS22%2Fyq7CKMboWcHoAc%2FJase1TIGvkg4DUSzcl%2BCEUtFRNzL4RS42BxpPQg2WimcPbJiK5Y%2FjwRLEQI4%3D&c=21184173413530937778825&n=mQD1o%2FS6IU2Onz0J5mnyPG1ry7mPgpyvhWABIY%2F5x3UWTGUMluREtJnAXv8dTmjPrMxZOUziWHoRlSuFjg5UwKUFyxVai2TdBomrcmcf%2FkUdPOaqHctzzmL9X%2FGzuajwIBaMpJzBtgyNp%2BTA4%2FDEg%2B2WNKhSzqn7tpE66hs7ZQBkaXUl93OtlSOMt687ebR2PaRw%2B6AoJ%2FwJoxMbrWVyme3fYFFxJse1LaknUv8mk1w7E%2BgC7l%2FVyJNKR4vavaVVuZqDaAvhzaCf4jb0mnjM05%2F9cuS3t6%2FnLO%2FQ7cPjMMmiQWWPnU%2BAFvnvWAZ4qfzctPbHoo03pcX7WznzXp7zqfh%2F7rYNlw1%2FeOgbdxvg3zpyQ5jxdsTgPQzpqejQdffSKX2A%2F%2BwHnSYRV1bqHbUJhBPblzM6aLajMI9vXPFDQwVwjRBwUyY8CKBrKiFlNi%2BbHruvvlRwEpncyDdHfwFl%2FvetaDc7gxrZvAKFu082QN4rW8iePGB%2F8DzTPEawywun9ogX7AK7TPmOhOBDlBFxlOYW6sjvPKaTHLP3pj3FzXL1rQctPK2LZldZWt1XD1884EOPU9ZZcX0gVKTCvlwnuStiDdD04c%2FHGu9ZRsJoK6jvrD1fk5FqTQObF%2FMF6OY%2FaDd2t86982divKO7U3Vcj%2FiGCLHjwQ9rNiX9LJU1PZz%2F1PWMq%2BYffBo1xzydU2XEDlcie3wbTGC%2Fu0oAvnBDthg0WdeHeoYTx0OZotUEPnU0I0YpnK3%2B3rvAhjoC7PJV8WuFWEHJtDX1XKLy7kZeZBlsCu9hKyya9XYd2Mfb9fyPKWRDbGYmNKe73hcV5yb%2FezJ4QcFJA27vfvmdwnj%2FFS0E2hF6UEmLc%2FiTupWA%2BDdi%2BXK7uTSN4aU3R2gXbQgjKomqu5FbyAp6Rjmi4oHp7BPimxVInaaznzZYPoTUSjk%3D&kgp=0&_opnslfp=1&jccheck=1
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 08:09:16 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
ntCoent-Length: 10
Keep-Alive: timeout=5, max=116
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Cache-Control: private
Content-Encoding: gzip
Content-Length: 30
r.redirekted.com/redirect?redirect_id=cecf5e6c0c4827d5764bd9e7217524a9&request_id=24b3d669d86a993b2a7efb432e0a30db
200 OK 794 B URL HTTP/1.1 r.redirekted.com/redirect?redirect_id=cecf5e6c0c4827d5764bd9e7217524a9&request_id=24b3d669d86a993b2a7efb432e0a30db
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (303)
Hash 83e7cf80d20a49f85cdc40e7c0958720
bc6f7c71f85b568c13bb10433b4d4d9f9ddbddc2
e28613cb4e1083c25383618f0683cd213f44b94c7f2f467d3af4fbee8acb716a
GET /redirect?redirect_id=cecf5e6c0c4827d5764bd9e7217524a9&request_id=24b3d669d86a993b2a7efb432e0a30db HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trnadszc.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Wed, 30 Nov 2022 08:09:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.14
r.redirekted.com/css/adren.css?n=1767379411
200 OK 243 B URL HTTP/1.1 r.redirekted.com/css/adren.css?n=1767379411
IP
Hash f72acd3fece9f7cf58643616c745b2ea
92bc529a83c5466fbf6b9e702eef1e59644687a1
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
GET /css/adren.css?n=1767379411 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=cecf5e6c0c4827d5764bd9e7217524a9&request_id=24b3d669d86a993b2a7efb432e0a30db
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Wed, 30 Nov 2022 08:09:16 GMT
Content-Type: text/css
Content-Length: 243
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-f3"
Accept-Ranges: bytes
r.redirekted.com/js/adren.min.js?n=1767379411
200 OK 7.5 kB URL HTTP/1.1 r.redirekted.com/js/adren.min.js?n=1767379411
IP
File type ASCII text, with very long lines (7528), with no line terminators
Hash 9a9ec61d7e275f25fe83f0aa93bd2e41
8a3a23c432b601e9f8f8fe2b61f0fedbc341c9ac
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
GET /js/adren.min.js?n=1767379411 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=cecf5e6c0c4827d5764bd9e7217524a9&request_id=24b3d669d86a993b2a7efb432e0a30db
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Wed, 30 Nov 2022 08:09:16 GMT
Content-Type: application/javascript
Content-Length: 7528
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-1d68"
Accept-Ranges: bytes
r.redirekted.com/favicon.ico
200 OK 0 B URL HTTP/1.1 r.redirekted.com/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=cecf5e6c0c4827d5764bd9e7217524a9&request_id=24b3d669d86a993b2a7efb432e0a30db
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Wed, 30 Nov 2022 08:09:16 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-0"
Accept-Ranges: bytes
r.redirekted.com/go?e=04mWWSFW49yX70UC9gwXxglp4RzXyjQM8STrXcFW10mX-t3K8gHr9jaq0gRs2AvB59Gr8RPX91wXucPLeHlX7jaq89ysmuaLeZaWv13BwbmXm1GC9gRrW13FzbHs2EUM59Gr-RPX58IA3OKM7cRnsEwCxymX31KMdbRM7ZGLsqHr-ZTn8IPAu13F8WzsyVFF8ElX7VmFtMHAbxRE55QMYImq4uJsYcvCmtvVtEwLwbHVbfvBeZUAxk3F9jGs7DmK-IPCvcFLwbGsmcPM85wVY1aqw0wsmclF8STssy3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW
200 OK 1.8 kB URL HTTP/1.1 r.redirekted.com/go?e=04mWWSFW49yX70UC9gwXxglp4RzXyjQM8STrXcFW10mX-t3K8gHr9jaq0gRs2AvB59Gr8RPX91wXucPLeHlX7jaq89ysmuaLeZaWv13BwbmXm1GC9gRrW13FzbHs2EUM59Gr-RPX58IA3OKM7cRnsEwCxymX31KMdbRM7ZGLsqHr-ZTn8IPAu13F8WzsyVFF8ElX7VmFtMHAbxRE55QMYImq4uJsYcvCmtvVtEwLwbHVbfvBeZUAxk3F9jGs7DmK-IPCvcFLwbGsmcPM85wVY1aqw0wsmclF8STssy3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW
IP
File type HTML document, ASCII text, with very long lines (469)
Hash 98e74efd938ed29f1b92360f1e4485c8
12bc119c0e6fc039bb1d9caed00e4dcc87aeb926
c779044160749a2f869ea94a31b4b88a31ad16c9565a766a97c576b073bb27f7
GET /go?e=04mWWSFW49yX70UC9gwXxglp4RzXyjQM8STrXcFW10mX-t3K8gHr9jaq0gRs2AvB59Gr8RPX91wXucPLeHlX7jaq89ysmuaLeZaWv13BwbmXm1GC9gRrW13FzbHs2EUM59Gr-RPX58IA3OKM7cRnsEwCxymX31KMdbRM7ZGLsqHr-ZTn8IPAu13F8WzsyVFF8ElX7VmFtMHAbxRE55QMYImq4uJsYcvCmtvVtEwLwbHVbfvBeZUAxk3F9jGs7DmK-IPCvcFLwbGsmcPM85wVY1aqw0wsmclF8STssy3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=cecf5e6c0c4827d5764bd9e7217524a9&request_id=24b3d669d86a993b2a7efb432e0a30db
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Wed, 30 Nov 2022 08:09:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.14
Set-Cookie: uuid=70097627480096296; expires=Thu, 01-Dec-2022 08:09:16 GMT; Max-Age=86400
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Wed, 30 Nov 2022 06:22:57 GMT
Expires: Wed, 30 Nov 2022 08:22:57 GMT
Cache-Control: public, max-age=7200
Age: 6379
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
www.google-analytics.com/collect?v=1&_v=j98&a=707716901&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFW49yX70UC9gwXxglp4RzXyjQM8STrXcFW10mX-t3K8gHr9jaq0gRs2AvB59Gr8RPX91wXucPLeHlX7jaq89ysmuaLeZaWv13BwbmXm1GC9gRrW13FzbHs2EUM59Gr-RPX58IA3OKM7cRnsEwCxymX31KMdbRM7ZGLsqHr-ZTn8IPAu13F8WzsyVFF8ElX7VmFtMHAbxRE55QMYImq4uJsYcvCmtvVtEwLwbHVbfvBeZUAxk3F9jGs7DmK-IPCvcFLwbGsmcPM85wVY1aqw0wsmclF8STssy3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1323913603.1669795756&tid=UA-32454353-1&_gid=5372826.1669795756&cd1=oz9lo258n2kesUk8sT5ipz9hsTgfn3k8sUj%3D&z=1653544890
200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j98&a=707716901&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFW49yX70UC9gwXxglp4RzXyjQM8STrXcFW10mX-t3K8gHr9jaq0gRs2AvB59Gr8RPX91wXucPLeHlX7jaq89ysmuaLeZaWv13BwbmXm1GC9gRrW13FzbHs2EUM59Gr-RPX58IA3OKM7cRnsEwCxymX31KMdbRM7ZGLsqHr-ZTn8IPAu13F8WzsyVFF8ElX7VmFtMHAbxRE55QMYImq4uJsYcvCmtvVtEwLwbHVbfvBeZUAxk3F9jGs7DmK-IPCvcFLwbGsmcPM85wVY1aqw0wsmclF8STssy3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1323913603.1669795756&tid=UA-32454353-1&_gid=5372826.1669795756&cd1=oz9lo258n2kesUk8sT5ipz9hsTgfn3k8sUj%3D&z=1653544890
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j98&a=707716901&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFW49yX70UC9gwXxglp4RzXyjQM8STrXcFW10mX-t3K8gHr9jaq0gRs2AvB59Gr8RPX91wXucPLeHlX7jaq89ysmuaLeZaWv13BwbmXm1GC9gRrW13FzbHs2EUM59Gr-RPX58IA3OKM7cRnsEwCxymX31KMdbRM7ZGLsqHr-ZTn8IPAu13F8WzsyVFF8ElX7VmFtMHAbxRE55QMYImq4uJsYcvCmtvVtEwLwbHVbfvBeZUAxk3F9jGs7DmK-IPCvcFLwbGsmcPM85wVY1aqw0wsmclF8STssy3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1323913603.1669795756&tid=UA-32454353-1&_gid=5372826.1669795756&cd1=oz9lo258n2kesUk8sT5ipz9hsTgfn3k8sUj%3D&z=1653544890 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Tue, 29 Nov 2022 20:28:37 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 42039
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
status.thawte.com/
200 OK 471 B IP
Hash e4a2ae30cd73a7497321a5b199c56339
4f7e96ab880bb10bddffa26ba542d46805ebabcf
2e54334977ebbb1644dca922c2db5a569b74a3d4db4e29c180478d5d4c280a34
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6472
Cache-Control: max-age=126556
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:17 GMT
Etag: "638641c1-1d7"
Expires: Thu, 01 Dec 2022 19:18:33 GMT
Last-Modified: Tue, 29 Nov 2022 17:30:41 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669737365222&.sig=72nQDCqKhS9a2buCzdmLMlGyx5A-&affiliationId=96965866&comId=100540408&country=no&offerId=7f09e7198c52f06d5aa9006aa49dba86&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpTA2uTEdxFrXAwLa81XxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=jKWjuHsyVPF9AUpwqwqSExZvyxEmVJrUAQB
200 OK 30 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669737365222&.sig=72nQDCqKhS9a2buCzdmLMlGyx5A-&affiliationId=96965866&comId=100540408&country=no&offerId=7f09e7198c52f06d5aa9006aa49dba86&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpTA2uTEdxFrXAwLa81XxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=jKWjuHsyVPF9AUpwqwqSExZvyxEmVJrUAQB
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash 5b5362ea1b5628e87ee27c5445f1f2b6
58115d422b168a46176db088b338072877d922b7
9319a62744945103b97e69c6ab90eb037a734aa80a83428b25e14acd9b420a07
GET /ctl/go/offersearchGo?.ts=1669737365222&.sig=72nQDCqKhS9a2buCzdmLMlGyx5A-&affiliationId=96965866&comId=100540408&country=no&offerId=7f09e7198c52f06d5aa9006aa49dba86&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpTA2uTEdxFrXAwLa81XxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=jKWjuHsyVPF9AUpwqwqSExZvyxEmVJrUAQB HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://r.redirekted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:09:17 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669795757148_338350
clickId: 107698149_1669795757138_8396336
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.020188S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 30091
Set-Cookie: datadome=3i71FyoIzMPfOjpJaqmvN_YlRWmhgO~8xaGJRxojIEJ4NwVtz8MfwDI_Chcq_VtpWkgMB1lvO7CCTNB8I6hct3xhgroyceGG6i3TotzYyyOW9txqozXcwL6su3faeGYr; Max-Age=31536000; Expires=Thu, 30 Nov 2023 08:09:17 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c6295-184c7953c52-283199; Max-Age=31536000; Expires=Thu, 30 Nov 2023 08:09:17 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=97
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c00149dd3138a1b7c32d59bb75fb278f56e44e28c91877046a27a8a8e67933fd9e83c8b1f1d74357379342619aed17346a7473c5eac66a566630c4c144cbb1853fcc808b296bee73b6689e8af67df0ca0865a71dba7319c12ff722f41756e3c7eb3150f8f089d8e04fc2556149d5c31778217d446be265575d1fe3b28665198d61aeb7192f0a258ee17aa0b4a417969e215da8b5b289a2fca3052a48da6beaeeb6f79ada153e45b183958d71d5484632946a5cd860154f41e35e1ceecd7142b3b04c65c14db5f3d9b443e90c348f8faef87d145574155b0af422d1ab09782834cd6242e6fa4467cc07e7b2e02fbcb5349f002a45e3c114f3e3290f62edcab943cf1672bf80d8cbcd3550e3404aa8dd352648539ab36ed28abe&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669795757148_338350&clickId=107698149_1669795757138_8396336
200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c00149dd3138a1b7c32d59bb75fb278f56e44e28c91877046a27a8a8e67933fd9e83c8b1f1d74357379342619aed17346a7473c5eac66a566630c4c144cbb1853fcc808b296bee73b6689e8af67df0ca0865a71dba7319c12ff722f41756e3c7eb3150f8f089d8e04fc2556149d5c31778217d446be265575d1fe3b28665198d61aeb7192f0a258ee17aa0b4a417969e215da8b5b289a2fca3052a48da6beaeeb6f79ada153e45b183958d71d5484632946a5cd860154f41e35e1ceecd7142b3b04c65c14db5f3d9b443e90c348f8faef87d145574155b0af422d1ab09782834cd6242e6fa4467cc07e7b2e02fbcb5349f002a45e3c114f3e3290f62edcab943cf1672bf80d8cbcd3550e3404aa8dd352648539ab36ed28abe&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669795757148_338350&clickId=107698149_1669795757138_8396336
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c00149dd3138a1b7c32d59bb75fb278f56e44e28c91877046a27a8a8e67933fd9e83c8b1f1d74357379342619aed17346a7473c5eac66a566630c4c144cbb1853fcc808b296bee73b6689e8af67df0ca0865a71dba7319c12ff722f41756e3c7eb3150f8f089d8e04fc2556149d5c31778217d446be265575d1fe3b28665198d61aeb7192f0a258ee17aa0b4a417969e215da8b5b289a2fca3052a48da6beaeeb6f79ada153e45b183958d71d5484632946a5cd860154f41e35e1ceecd7142b3b04c65c14db5f3d9b443e90c348f8faef87d145574155b0af422d1ab09782834cd6242e6fa4467cc07e7b2e02fbcb5349f002a45e3c114f3e3290f62edcab943cf1672bf80d8cbcd3550e3404aa8dd352648539ab36ed28abe&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669795757148_338350&clickId=107698149_1669795757138_8396336 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669737365222&.sig=72nQDCqKhS9a2buCzdmLMlGyx5A-&affiliationId=96965866&comId=100540408&country=no&offerId=7f09e7198c52f06d5aa9006aa49dba86&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpTA2uTEdxFrXAwLa81XxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=jKWjuHsyVPF9AUpwqwqSExZvyxEmVJrUAQB
Connection: keep-alive
Cookie: datadome=3i71FyoIzMPfOjpJaqmvN_YlRWmhgO~8xaGJRxojIEJ4NwVtz8MfwDI_Chcq_VtpWkgMB1lvO7CCTNB8I6hct3xhgroyceGG6i3TotzYyyOW9txqozXcwL6su3faeGYr; kelkooID=a4c6295-184c7953c52-283199
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:09:17 GMT
Request-Time: PT0.001366S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=70
Connection: Keep-Alive
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c00149dd3138a1b7c32d59bb75fb278f56e44e28c91877046a27a8a8e67933fd9e83c8b1f1d74357379342619aed17346a7473c5eac66a566630c4c144cbb1853fcc808b296bee73b6689e8af67df0ca0865a71dba7319c12ff722f41756e3c7eb3150f8f089d8e04fc2556149d5c31778217d446be265575d1fe3b28665198d61aeb7192f0a258ee17aa0b4a417969e215da8b5b289a2fca3052a48da6beaeeb6f79ada153e45b183958d71d5484632946a5cd860154f41e35e1ceecd7142b3b04c65c14db5f3d9b443e90c348f8faef87d145574155b0af422d1ab09782834cd6242e6fa4467cc07e7b2e02fbcb5349f002a45e3c114f3e3290f62edcab943cf1672bf80d8cbcd3550e3404aa8dd352648539ab36ed28abe&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669795757148_338350&clickId=107698149_1669795757138_8396336
200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c00149dd3138a1b7c32d59bb75fb278f56e44e28c91877046a27a8a8e67933fd9e83c8b1f1d74357379342619aed17346a7473c5eac66a566630c4c144cbb1853fcc808b296bee73b6689e8af67df0ca0865a71dba7319c12ff722f41756e3c7eb3150f8f089d8e04fc2556149d5c31778217d446be265575d1fe3b28665198d61aeb7192f0a258ee17aa0b4a417969e215da8b5b289a2fca3052a48da6beaeeb6f79ada153e45b183958d71d5484632946a5cd860154f41e35e1ceecd7142b3b04c65c14db5f3d9b443e90c348f8faef87d145574155b0af422d1ab09782834cd6242e6fa4467cc07e7b2e02fbcb5349f002a45e3c114f3e3290f62edcab943cf1672bf80d8cbcd3550e3404aa8dd352648539ab36ed28abe&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669795757148_338350&clickId=107698149_1669795757138_8396336
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c00149dd3138a1b7c32d59bb75fb278f56e44e28c91877046a27a8a8e67933fd9e83c8b1f1d74357379342619aed17346a7473c5eac66a566630c4c144cbb1853fcc808b296bee73b6689e8af67df0ca0865a71dba7319c12ff722f41756e3c7eb3150f8f089d8e04fc2556149d5c31778217d446be265575d1fe3b28665198d61aeb7192f0a258ee17aa0b4a417969e215da8b5b289a2fca3052a48da6beaeeb6f79ada153e45b183958d71d5484632946a5cd860154f41e35e1ceecd7142b3b04c65c14db5f3d9b443e90c348f8faef87d145574155b0af422d1ab09782834cd6242e6fa4467cc07e7b2e02fbcb5349f002a45e3c114f3e3290f62edcab943cf1672bf80d8cbcd3550e3404aa8dd352648539ab36ed28abe&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669795757148_338350&clickId=107698149_1669795757138_8396336 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669737365222&.sig=72nQDCqKhS9a2buCzdmLMlGyx5A-&affiliationId=96965866&comId=100540408&country=no&offerId=7f09e7198c52f06d5aa9006aa49dba86&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpTA2uTEdxFrXAwLa81XxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=jKWjuHsyVPF9AUpwqwqSExZvyxEmVJrUAQB
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=3i71FyoIzMPfOjpJaqmvN_YlRWmhgO~8xaGJRxojIEJ4NwVtz8MfwDI_Chcq_VtpWkgMB1lvO7CCTNB8I6hct3xhgroyceGG6i3TotzYyyOW9txqozXcwL6su3faeGYr; kelkooID=a4c6295-184c7953c52-283199; _ga=GA1.2.352358228.1669795756; _gid=GA1.2.1992724984.1669795756
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:09:17 GMT
Request-Time: PT0.003172S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=99
Connection: Keep-Alive
no-go.kelkoogroup.net/favicon.ico
403 Forbidden 0 B URL HTTP/1.0 no-go.kelkoogroup.net/favicon.ico
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669737365222&.sig=72nQDCqKhS9a2buCzdmLMlGyx5A-&affiliationId=96965866&comId=100540408&country=no&offerId=7f09e7198c52f06d5aa9006aa49dba86&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpTA2uTEdxFrXAwLa81XxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=jKWjuHsyVPF9AUpwqwqSExZvyxEmVJrUAQB
Connection: keep-alive
Cookie: datadome=3i71FyoIzMPfOjpJaqmvN_YlRWmhgO~8xaGJRxojIEJ4NwVtz8MfwDI_Chcq_VtpWkgMB1lvO7CCTNB8I6hct3xhgroyceGG6i3TotzYyyOW9txqozXcwL6su3faeGYr; kelkooID=a4c6295-184c7953c52-283199; _ga=GA1.2.352358228.1669795756; _gid=GA1.2.1992724984.1669795756
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.0 403 Forbidden
Server: BigIP
Connection: Keep-Alive
Content-Length: 0
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c00149dd3138a1b7c32d59bb75fb278f56e44e28c91877046a27a8a8e67933fd9e83c8b1f1d74357379342619aed17346a7473c5eac66a566630c4c144cbb1853fcc808b296bee73b6689e8af67df0ca0865a71dba7319c12ff722f41756e3c7eb3150f8f089d8e04fc2556149d5c31778217d446be265575d1fe3b28665198d61aeb7192f0a258ee17aa0b4a417969e215da8b5b289a2fca3052a48da6beaeeb6f79ada153e45b183958d71d5484632946a5cd860154f41e35e1ceecd7142b3b04c65c14db5f3d9b443e90c348f8faef87d145574155b0af422d1ab09782834cd6242e6fa4467cc07e7b2e02fbcb5349f002a45e3c114f3e3290f62edcab943cf1672bf80d8cbcd3550e3404aa8dd352648539ab36ed28abe&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669795757148_338350&clickId=107698149_1669795757138_8396336&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&initiator=timeout
303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c00149dd3138a1b7c32d59bb75fb278f56e44e28c91877046a27a8a8e67933fd9e83c8b1f1d74357379342619aed17346a7473c5eac66a566630c4c144cbb1853fcc808b296bee73b6689e8af67df0ca0865a71dba7319c12ff722f41756e3c7eb3150f8f089d8e04fc2556149d5c31778217d446be265575d1fe3b28665198d61aeb7192f0a258ee17aa0b4a417969e215da8b5b289a2fca3052a48da6beaeeb6f79ada153e45b183958d71d5484632946a5cd860154f41e35e1ceecd7142b3b04c65c14db5f3d9b443e90c348f8faef87d145574155b0af422d1ab09782834cd6242e6fa4467cc07e7b2e02fbcb5349f002a45e3c114f3e3290f62edcab943cf1672bf80d8cbcd3550e3404aa8dd352648539ab36ed28abe&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669795757148_338350&clickId=107698149_1669795757138_8396336&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&initiator=timeout
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c00149dd3138a1b7c32d59bb75fb278f56e44e28c91877046a27a8a8e67933fd9e83c8b1f1d74357379342619aed17346a7473c5eac66a566630c4c144cbb1853fcc808b296bee73b6689e8af67df0ca0865a71dba7319c12ff722f41756e3c7eb3150f8f089d8e04fc2556149d5c31778217d446be265575d1fe3b28665198d61aeb7192f0a258ee17aa0b4a417969e215da8b5b289a2fca3052a48da6beaeeb6f79ada153e45b183958d71d5484632946a5cd860154f41e35e1ceecd7142b3b04c65c14db5f3d9b443e90c348f8faef87d145574155b0af422d1ab09782834cd6242e6fa4467cc07e7b2e02fbcb5349f002a45e3c114f3e3290f62edcab943cf1672bf80d8cbcd3550e3404aa8dd352648539ab36ed28abe&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669795757148_338350&clickId=107698149_1669795757138_8396336&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&initiator=timeout HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669737365222&.sig=72nQDCqKhS9a2buCzdmLMlGyx5A-&affiliationId=96965866&comId=100540408&country=no&offerId=7f09e7198c52f06d5aa9006aa49dba86&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpTA2uTEdxFrXAwLa81XxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=jKWjuHsyVPF9AUpwqwqSExZvyxEmVJrUAQB
Connection: keep-alive
Cookie: datadome=3i71FyoIzMPfOjpJaqmvN_YlRWmhgO~8xaGJRxojIEJ4NwVtz8MfwDI_Chcq_VtpWkgMB1lvO7CCTNB8I6hct3xhgroyceGG6i3TotzYyyOW9txqozXcwL6su3faeGYr; kelkooID=a4c6295-184c7953c52-283199; _ga=GA1.2.352358228.1669795756; _gid=GA1.2.1992724984.1669795756
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Wed, 30 Nov 2022 08:09:17 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669795757148_338350
clickId: 107698149_1669795757138_8396336
country: no
Location: https://www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.014929S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=1gMQ3J7JAyVbmMKpNDHZk9Y6DhTkQ8u~9yQNLHdsIebg~-n6Ep~OXrrfb-lJiMebhtLAcW5HNBUZT9W5T4Pk3LUg47X8J6Pbf0U~SvuQjlaHiPQZC3rfOynzClmDZcoV; Max-Age=31536000; Expires=Thu, 30 Nov 2023 08:09:17 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=97
Connection: Keep-Alive
Content-Type: text/plain
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1669737365222%26.sig%3D72nQDCqKhS9a2buCzdmLMlGyx5A-%26affiliationId%3D96965866%26comId%3D100540408%26country%3Dno%26offerId%3D7f09e7198c52f06d5aa9006aa49dba86%26service%3D37%26tokenId%3D35e025c3-2943-4e2d-874f-eaee491f9fab%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D8IPAV5KWwpTA2uTEdxFrXAwLa81XxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL%26custom2%3DjKWjuHsyVPF9AUpwqwqSExZvyxEmVJrUAQB&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965866%7C100540408%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Mc-Utstyr.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=352358228.1669795756&tid=UA-168544891-6&_gid=1992724984.1669795756&_r=1&cd1=96965866&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669795757148_338350&cd3=100540408&cd4=a4c6295-184c7953c52-283199&cd5=&cd6=96965866%7C100540408%7C&z=746716527
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1669737365222%26.sig%3D72nQDCqKhS9a2buCzdmLMlGyx5A-%26affiliationId%3D96965866%26comId%3D100540408%26country%3Dno%26offerId%3D7f09e7198c52f06d5aa9006aa49dba86%26service%3D37%26tokenId%3D35e025c3-2943-4e2d-874f-eaee491f9fab%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D8IPAV5KWwpTA2uTEdxFrXAwLa81XxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL%26custom2%3DjKWjuHsyVPF9AUpwqwqSExZvyxEmVJrUAQB&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965866%7C100540408%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Mc-Utstyr.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=352358228.1669795756&tid=UA-168544891-6&_gid=1992724984.1669795756&_r=1&cd1=96965866&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669795757148_338350&cd3=100540408&cd4=a4c6295-184c7953c52-283199&cd5=&cd6=96965866%7C100540408%7C&z=746716527
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1669737365222%26.sig%3D72nQDCqKhS9a2buCzdmLMlGyx5A-%26affiliationId%3D96965866%26comId%3D100540408%26country%3Dno%26offerId%3D7f09e7198c52f06d5aa9006aa49dba86%26service%3D37%26tokenId%3D35e025c3-2943-4e2d-874f-eaee491f9fab%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D8IPAV5KWwpTA2uTEdxFrXAwLa81XxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL%26custom2%3DjKWjuHsyVPF9AUpwqwqSExZvyxEmVJrUAQB&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965866%7C100540408%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Mc-Utstyr.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=352358228.1669795756&tid=UA-168544891-6&_gid=1992724984.1669795756&_r=1&cd1=96965866&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669795757148_338350&cd3=100540408&cd4=a4c6295-184c7953c52-283199&cd5=&cd6=96965866%7C100540408%7C&z=746716527 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Wed, 30 Nov 2022 08:09:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
200 OK 28 kB URL HTTP/2 www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with very long lines (360), with CRLF, CR, LF line terminators
Hash d328ba451f36d7f66fc4895ed91d6db7
15fd3419f85acc7b43c9ed2f4a4d3ffeb0de87fe
19b782a907074696c85c5fc0be40df0fc90921740e8533fa60045c1d019dc426
GET /products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2 HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:17 GMT
content-type: text/html; charset=iso-8859-1
content-length: 27609
x-frame-options: SAMEORIGIN
set-cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh; path=/; secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.mc-utstyr.no/js/stockgroups.js?v=11
200 OK 4.3 kB URL HTTP/2 www.mc-utstyr.no/js/stockgroups.js?v=11
IP
Hash 88b38ae0366b04c36f5d5672ab0bef68
01ed6db06582e8859d6e4739c94fc117f2f605a2
4314896825a192ea4b8ba28ffe81f77a281fd1504a3eaee9fcb915657919cdec
GET /js/stockgroups.js?v=11 HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
Cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:18 GMT
content-type: application/javascript
content-length: 4291
last-modified: Tue, 29 Nov 2022 14:40:59 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 30 Dec 2022 08:09:18 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.mc-utstyr.no/templates/global/mystore/emojis.js?v=4
200 OK 464 B URL HTTP/2 www.mc-utstyr.no/templates/global/mystore/emojis.js?v=4
IP
Hash 162b73cba2c023fed31255dbebbec66d
fc9dcb96a0926d9c96770c8a072562aea33e6ba5
29955ae579a96ca5827707f5cf6b16514e869bad023914fd2eece93a01973f15
GET /templates/global/mystore/emojis.js?v=4 HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
Cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:18 GMT
content-type: application/javascript
content-length: 464
last-modified: Tue, 29 Nov 2022 14:41:01 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 30 Dec 2022 08:09:18 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.mc-utstyr.no/users/themeeuropa_mystore_no/templates/europa/css/stylesheet_default_extended.css
200 OK 8.9 kB URL HTTP/2 www.mc-utstyr.no/users/themeeuropa_mystore_no/templates/europa/css/stylesheet_default_extended.css
IP
Hash ae3bbc3a4973d031dfcf002f07429ab3
0d0dc2fb23424c75d5602d0b7623e5efa959dc2b
b6115f9ba660b37d71fcd38bd9f116f65c3099c239725e3c965c4844d177892d
GET /users/themeeuropa_mystore_no/templates/europa/css/stylesheet_default_extended.css HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
Cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:18 GMT
content-type: text/css
content-length: 8892
last-modified: Wed, 12 Feb 2020 09:49:56 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 30 Dec 2022 08:09:18 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.mc-utstyr.no/users/mcutstyr2_mystore_no/templates/custom_javascript.js?v=1669795757
200 OK 147 B URL HTTP/2 www.mc-utstyr.no/users/mcutstyr2_mystore_no/templates/custom_javascript.js?v=1669795757
IP
File type ASCII text, with CRLF line terminators
Hash 9187f40d748dc8c645dec149e3f1e1ac
8d519d3318af56503d43c500916bc033033a0b76
b0a228875b91b45f985f330057fddef323b4389d3d007a9b6a9a797d080389cd
GET /users/mcutstyr2_mystore_no/templates/custom_javascript.js?v=1669795757 HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
Cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:18 GMT
content-type: application/javascript
content-length: 147
last-modified: Wed, 18 Apr 2018 12:29:34 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 30 Dec 2022 08:09:18 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-31278684-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-31278684-1
IP
File type ASCII text, with very long lines (1921)
Hash 5334a1f06e50491f1997bfa871b2a071
aa5e3d4ffb13a699a22949f1b78c5c436b8c09be
fde0a15470b5c27d0ad6b05074b75d363bf5cf6422f4128dacc57c4324f4a76f
GET /gtag/js?id=UA-31278684-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 08:09:18 GMT
expires: Wed, 30 Nov 2022 08:09:18 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43549
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mcutstyr2-i04.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/08906_Bullfighter_Windstopper_Genser_1.jpg/w300h299.jpg
200 OK 7.6 kB URL HTTP/2 mcutstyr2-i04.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/08906_Bullfighter_Windstopper_Genser_1.jpg/w300h299.jpg
IP
File type JPEG image data, baseline, precision 8, 300x299, components 3\012- data
Hash 18f3c1f9dda5188433971359b6a00452
c26c92ddbd8a9e3e8e4c744557e5aea6a0cda6ed
36a00687136dcfd8bab3dc2527896f1e20eabf3facba1c2063d829e5adac1ed5
GET /mysimgprod/mcutstyr2_mystore_no/images/08906_Bullfighter_Windstopper_Genser_1.jpg/w300h299.jpg HTTP/1.1
Host: mcutstyr2-i04.mycdn.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 7609
date: Tue, 29 Nov 2022 16:42:42 GMT
last-modified: Tue, 26 Oct 2021 15:01:06 GMT
etag: "18f3c1f9dda5188433971359b6a00452"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZVSibVkTIwzHiA7TwRSCPeTClQ3b7Mq5qo6YFnY9aFm10Y1JdDtNdQ==
age: 55597
X-Firefox-Spdy: h2
mcutstyr2-i01.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/18203_Bolt_Bari_Kevlarjeans_1.jpg/w215h300.jpg
200 OK 7.1 kB URL HTTP/2 mcutstyr2-i01.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/18203_Bolt_Bari_Kevlarjeans_1.jpg/w215h300.jpg
IP
File type JPEG image data, baseline, precision 8, 215x300, components 3\012- data
Hash a5c037c7c04bd20b60eba24680c9d23e
b9cc10787d7c3d81c04beb299bd46da280b45dbe
7d3fa2e39f40e0bcc0c0a364e3c22487d325874728b6d7fd5aa57d45b708649c
GET /mysimgprod/mcutstyr2_mystore_no/images/18203_Bolt_Bari_Kevlarjeans_1.jpg/w215h300.jpg HTTP/1.1
Host: mcutstyr2-i01.mycdn.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 7149
last-modified: Tue, 26 Oct 2021 11:45:35 GMT
server: AmazonS3
date: Tue, 29 Nov 2022 23:45:13 GMT
etag: "a5c037c7c04bd20b60eba24680c9d23e"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KHhpkbhqS8lv2zIMcP8cKLKo4Tixbdv8RgFQTEVulIhALcd85AxqfA==
age: 30420
X-Firefox-Spdy: h2
www.mc-utstyr.no/users/mcutstyr2_mystore_no/templates/custom_stylesheet.css?v=1669795757
200 OK 202 B URL HTTP/2 www.mc-utstyr.no/users/mcutstyr2_mystore_no/templates/custom_stylesheet.css?v=1669795757
IP
File type ASCII text, with CRLF line terminators
Hash 34a0357dba36b1dee9ef2e983e599816
1ee831ad7bc7ede4a27149b3646b85b10611a040
8f6132611d5ebca31bd6eb6afd153802fdc9570e5e34bd0563c50f710e8e8770
GET /users/mcutstyr2_mystore_no/templates/custom_stylesheet.css?v=1669795757 HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
Cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:18 GMT
content-type: text/css
content-length: 202
last-modified: Tue, 23 Oct 2018 06:44:26 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 30 Dec 2022 08:09:18 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.mc-utstyr.no/global.js.php?version=1664790516&v2&host=mcutstyr2_mystore_no
200 OK 51 kB URL HTTP/2 www.mc-utstyr.no/global.js.php?version=1664790516&v2&host=mcutstyr2_mystore_no
IP
File type ASCII text, with very long lines (32341)
Hash c04b7ef9e0ac172afa057c848e370c68
6560ce84ca0ac973a3c81c5f214c130a6721a08b
b0a8f28e859b7e33485152d36af7ff566ec9c707b3511f26a26091917f521592
GET /global.js.php?version=1664790516&v2&host=mcutstyr2_mystore_no HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
Cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:18 GMT
content-type: application/javascript; Charset: ISO-8859-1
content-length: 51244
expires: Wed, 07 Dec 2022 08:09:18 GMT
pragma: cache
cache-control: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.mc-utstyr.no/users/mcutstyr2_mystore_no/logo/Header10.22.187.png
200 OK 9.3 kB URL HTTP/2 www.mc-utstyr.no/users/mcutstyr2_mystore_no/logo/Header10.22.187.png
IP
File type PNG image data, 300 x 59, 8-bit/color RGBA, non-interlaced\012- data
Hash af595df0cc94177267bdc4afc21b743e
c21625069bf1a780997a0b09c8e1a07bc51eeab6
a84761885314beeeed182d7dee9ef748824f955375938631b0b5e6e0d283a117
GET /users/mcutstyr2_mystore_no/logo/Header10.22.187.png HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
Cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:18 GMT
content-type: image/png
content-length: 9330
last-modified: Mon, 22 Oct 2018 10:36:47 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 30 Dec 2022 08:09:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.mc-utstyr.no/users/mcutstyr2_mystore_no/Image/Saddlemen11.jpg
200 OK 8.0 kB URL HTTP/2 www.mc-utstyr.no/users/mcutstyr2_mystore_no/Image/Saddlemen11.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 200x100, components 3\012- data
Hash fc65992c9acd36e9a6dfe7717d4ce2a7
6d7627e7b9e37df76cea7daa32241a18de56010b
7921cdf3d808cbb763261046840a801455e005d18cc35147e747786582968284
GET /users/mcutstyr2_mystore_no/Image/Saddlemen11.jpg HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
Cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:18 GMT
content-type: image/jpeg
content-length: 8030
last-modified: Wed, 13 Jan 2016 13:41:32 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 30 Dec 2022 08:09:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.mc-utstyr.no/images/payment/visa.png
200 OK 5.5 kB URL HTTP/2 www.mc-utstyr.no/images/payment/visa.png
IP
File type PNG image data, 48 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash b8f6fb9891138413e60e775243197634
210eeea3f6e21682a46b6683d50136fa00339ae5
c72ac510eb4c051dd79700f0b98da701a025e5c1c0342e053bb90c029c8c616f
GET /images/payment/visa.png HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
Cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:18 GMT
content-type: image/png
content-length: 5547
last-modified: Tue, 29 Nov 2022 14:40:59 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 30 Dec 2022 08:09:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.mc-utstyr.no/images/payment/mastercard.png
200 OK 6.2 kB URL HTTP/2 www.mc-utstyr.no/images/payment/mastercard.png
IP
File type PNG image data, 48 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash cd9b81d4441cf9ad96e7fdd3e35bc26f
383003e483be0176cf1b1a73d8abdc80b33fd02d
dafc269485a34229e7e5bf93cc764d4f730c42fc5de21b52da823c8a18bde958
GET /images/payment/mastercard.png HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
Cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:18 GMT
content-type: image/png
content-length: 6183
last-modified: Tue, 29 Nov 2022 14:40:59 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 30 Dec 2022 08:09:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
mcutstyr2-i02.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/04136_Sweep_Travel_Tubes_30L_1.jpg/w299h300.jpg
200 OK 6.3 kB URL HTTP/2 mcutstyr2-i02.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/04136_Sweep_Travel_Tubes_30L_1.jpg/w299h300.jpg
IP
File type JPEG image data, baseline, precision 8, 299x300, components 3\012- data
Hash 1dabe829b28156a6f69aab239fc298da
dc7884879f4bafa693abd198feb1dc5a843a14b6
319e02c87bd582389df384fdf11457b507fdf290bcdd0fe2f3f37bb74d59813a
GET /mysimgprod/mcutstyr2_mystore_no/images/04136_Sweep_Travel_Tubes_30L_1.jpg/w299h300.jpg HTTP/1.1
Host: mcutstyr2-i02.mycdn.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 6302
date: Tue, 29 Nov 2022 17:34:28 GMT
last-modified: Tue, 26 Oct 2021 16:16:22 GMT
etag: "1dabe829b28156a6f69aab239fc298da"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: y0Hy2XnZ1S9i2oP0bijeLgLZ57W0oP5An9bX1-aE3Pr_rSqmeY-zAw==
age: 52490
X-Firefox-Spdy: h2
mcutstyr2-i02.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/08848_Bullfighter_Windstopper_Bukse_1.jpg/w141h300.jpg
200 OK 4.6 kB URL HTTP/2 mcutstyr2-i02.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/08848_Bullfighter_Windstopper_Bukse_1.jpg/w141h300.jpg
IP
File type JPEG image data, baseline, precision 8, 141x300, components 3\012- data
Hash 07dec53231e54353b54dc75002f474d4
1e7a50a3ebcbc3dec72854a25d994d1cf31028f2
bd4b2ec28a41d63004289e5537cfe1b564a8fbbccb379a8290b46054d3a2fe74
GET /mysimgprod/mcutstyr2_mystore_no/images/08848_Bullfighter_Windstopper_Bukse_1.jpg/w141h300.jpg HTTP/1.1
Host: mcutstyr2-i02.mycdn.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 4579
last-modified: Tue, 26 Oct 2021 15:01:06 GMT
server: AmazonS3
date: Wed, 30 Nov 2022 05:32:57 GMT
etag: "07dec53231e54353b54dc75002f474d4"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BVC5whbhHGbafUGlsjZIfIJgrNcHN327TPotxFWBmQvgeXVsNbPcAg==
age: 51246
X-Firefox-Spdy: h2
s.kk-resources.com/leadtag.js
200 OK 2.6 kB URL HTTP/1.1 s.kk-resources.com/leadtag.js
IP
File type C source, ASCII text, with very long lines (6910)
Hash b9c7aa9898d0e7b5d8dfa27c81eda1ac
3e22a4f4ac1fd469128de60e1a80433513242071
980531f0a81016e3a7a4c3fa56f75e7b791f1f4c09296992221bd766b91a53a0
GET /leadtag.js HTTP/1.1
Host: s.kk-resources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2595
Connection: keep-alive
X-Gravitee-Transaction-Id: 0ac80267-f58a-45aa-8802-67f58ad5aa20
X-Gravitee-Request-Id: 0ac80267-f58a-45aa-8802-67f58ad5aa20
Request-Time: 12
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 12 Jul 2022 13:48:05 GMT
Content-Encoding: gzip
Date: Wed, 30 Nov 2022 08:01:34 GMT
ETag: "01eb894c46b26432f1c6dc225e35b2f1bfc24a0c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _0qDgxz-aJuE5B0KxWlv8KRxMlXJJamVM3RG9G-O3EqyvJI-z2NhLQ==
Age: 464
www.mc-utstyr.no/images/payment/verified.png
200 OK 16 kB URL HTTP/2 www.mc-utstyr.no/images/payment/verified.png
IP
File type PNG image data, 235 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 56c1826e09b5772154ca0844d812f51a
099bcf1ed730f7cc495aed37f497f357b30bc0ad
cdacc29a05ec3786abfb0c0190fec5276470d7a3958e59c8e9e83437ce074c5e
GET /images/payment/verified.png HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
Cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:18 GMT
content-type: image/png
content-length: 15907
last-modified: Tue, 29 Nov 2022 14:40:59 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 30 Dec 2022 08:09:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
mcutstyr2-i05.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/44186_4BIKERS_MC-TELT_ORIGINAL_1.jpg/w264h300.jpg
200 OK 9.0 kB URL HTTP/2 mcutstyr2-i05.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/44186_4BIKERS_MC-TELT_ORIGINAL_1.jpg/w264h300.jpg
IP
File type JPEG image data, baseline, precision 8, 264x300, components 3\012- data
Hash fd64b8063a57fee7258477e291fd9692
abf0f7814889b2a75fdb140e3da2f3f074cd5c9d
2a1e61ab6a4936106d3432432066485134675645c5a761f76680f8dd7b24b8b8
GET /mysimgprod/mcutstyr2_mystore_no/images/44186_4BIKERS_MC-TELT_ORIGINAL_1.jpg/w264h300.jpg HTTP/1.1
Host: mcutstyr2-i05.mycdn.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 8977
date: Tue, 29 Nov 2022 08:56:20 GMT
last-modified: Tue, 26 Oct 2021 15:59:08 GMT
etag: "fd64b8063a57fee7258477e291fd9692"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5_LTMbs8OJkw5PH78OabWnQEMqFp1wRMSO3mm20AP0ViEG_Ljy3Y0w==
age: 83579
X-Firefox-Spdy: h2
mcutstyr2-i03.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/oOIGi_Racer_Racer_VIPER_2_-_D3O__Ryggskinne_1.jpg/w300h300.jpg
200 OK 7.1 kB URL HTTP/2 mcutstyr2-i03.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/oOIGi_Racer_Racer_VIPER_2_-_D3O__Ryggskinne_1.jpg/w300h300.jpg
IP
File type JPEG image data, baseline, precision 8, 300x300, components 3\012- data
Hash 82a8c84f8ebdbe726c3c4117cb6aed91
df1e7779ed844a6885e7b0e530d222658f449ec9
99cccca975ba2fdf828078b47aa2d2067bbadfeaa4914b947f832cd098c5984b
GET /mysimgprod/mcutstyr2_mystore_no/images/oOIGi_Racer_Racer_VIPER_2_-_D3O__Ryggskinne_1.jpg/w300h300.jpg HTTP/1.1
Host: mcutstyr2-i03.mycdn.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 7109
last-modified: Thu, 22 Sep 2022 19:06:26 GMT
server: AmazonS3
date: Tue, 29 Nov 2022 16:01:19 GMT
etag: "82a8c84f8ebdbe726c3c4117cb6aed91"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8TkKH7iH81wqOVOGyqLMHEvLUqp6Fhc7BkK4iCbRrgwoZ8wTPW2bpQ==
age: 58080
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mcutstyr2-i02.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/3116__sadd001_0.jpg/w135h90.jpg
200 OK 2.1 kB URL HTTP/2 mcutstyr2-i02.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/3116__sadd001_0.jpg/w135h90.jpg
IP
File type JPEG image data, baseline, precision 8, 135x90, components 3\012- data
Hash 96b41e5a23800f3d05f1208eb163393a
750a317c7db557ccaa0f92a9e49de20ec4e54704
47e10dd64cfe47d8a149833a613b22dda5cb116544a2a8101a9bec9b4cfca08e
GET /mysimgprod/mcutstyr2_mystore_no/images/3116__sadd001_0.jpg/w135h90.jpg HTTP/1.1
Host: mcutstyr2-i02.mycdn.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2077
last-modified: Wed, 27 Oct 2021 03:51:12 GMT
server: AmazonS3
date: Wed, 30 Nov 2022 08:09:19 GMT
etag: "96b41e5a23800f3d05f1208eb163393a"
x-cache: RefreshHit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Uc7sW7f-wOhHk12Bn7AbfEv96RGbMzuyb7l9GmHsOMi_bAefx_ZWWw==
X-Firefox-Spdy: h2
mcutstyr2-i04.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/81310_Cruiser_2_1.jpg/w600h600.jpg
200 OK 12 kB URL HTTP/2 mcutstyr2-i04.mycdn.no/mysimgprod/mcutstyr2_mystore_no/images/81310_Cruiser_2_1.jpg/w600h600.jpg
IP
File type JPEG image data, baseline, precision 8, 600x600, components 3\012- data
Hash af9d0003a16d42a6b2ee25e691fc0f49
10b726177b3def401c75c0d607dad4fdc3901f4f
bdda226eaecfc1c63b0d9ff2b9ffe69afae9c7b9705f11ca799834e652bc73f0
GET /mysimgprod/mcutstyr2_mystore_no/images/81310_Cruiser_2_1.jpg/w600h600.jpg HTTP/1.1
Host: mcutstyr2-i04.mycdn.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 12465
date: Wed, 30 Nov 2022 08:09:19 GMT
last-modified: Wed, 27 Oct 2021 03:51:12 GMT
etag: "af9d0003a16d42a6b2ee25e691fc0f49"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: T47AOwGzq01C3mNkVlRb6_S42YCz61luWayuG-rQsl7G4VyecYoSFA==
X-Firefox-Spdy: h2
status.thawte.com/
200 OK 471 B IP
Hash e4a2ae30cd73a7497321a5b199c56339
4f7e96ab880bb10bddffa26ba542d46805ebabcf
2e54334977ebbb1644dca922c2db5a569b74a3d4db4e29c180478d5d4c280a34
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6473
Cache-Control: max-age=126556
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:18 GMT
Etag: "638641c1-1d7"
Expires: Thu, 01 Dec 2022 19:18:34 GMT
Last-Modified: Tue, 29 Nov 2022 17:30:41 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
200 OK 471 B IP
Hash e4a2ae30cd73a7497321a5b199c56339
4f7e96ab880bb10bddffa26ba542d46805ebabcf
2e54334977ebbb1644dca922c2db5a569b74a3d4db4e29c180478d5d4c280a34
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6473
Cache-Control: max-age=126556
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:18 GMT
Etag: "638641c1-1d7"
Expires: Thu, 01 Dec 2022 19:18:34 GMT
Last-Modified: Tue, 29 Nov 2022 17:30:41 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.mc-utstyr.no/templates/clean/fonts/fontawesome-webfont.woff2?v=4.3.0
200 OK 57 kB URL HTTP/2 www.mc-utstyr.no/templates/clean/fonts/fontawesome-webfont.woff2?v=4.3.0
IP
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /templates/clean/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.mc-utstyr.no/global.css.php?version=a1664790516&host=mcutstyr2_mystore_no
Cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh; kk_leadtag=true; kelkooId=a4c6295-184c7953c52-283199
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:18 GMT
content-length: 56780
last-modified: Tue, 29 Nov 2022 14:41:01 GMT
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.kelkoogroup.net/k.gif
200 OK 0 B IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: etag
Referer: https://www.mc-utstyr.no/
Origin: https://www.mc-utstyr.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 8c98cd1f-1df5-4350-98cd-1f1df5e35055
X-Gravitee-Request-Id: 8c98cd1f-1df5-4350-98cd-1f1df5e35055
Vary: Origin
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://www.mc-utstyr.no
Access-Control-Allow-Headers: etag
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Date: Wed, 30 Nov 2022 08:09:18 GMT
content-length: 0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mc-utstyr.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:33:54 GMT
expires: Thu, 23 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 563724
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mc-utstyr.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:15 GMT
expires: Thu, 23 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 563703
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mc-utstyr.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 07:01:24 GMT
expires: Wed, 29 Nov 2023 07:01:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 90474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.kelkoogroup.net/k.gif
200 OK 43 B IP
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
ETag: a2Vsa29vSWQ9YTRjNjI5NS0xODRjNzk1M2M1Mi0yODMxOTk=
Origin: https://www.mc-utstyr.no
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 1cbdecaf-ab14-4246-bdec-afab14b246c1
X-Gravitee-Request-Id: 1cbdecaf-ab14-4246-bdec-afab14b246c1
ETag: a2Vsa29vSWQ9YTRjNjI5NS0xODRjNzk1M2M1Mi0yODMxOTk=
Vary: *,Origin
Pragma: no-cache
Expires: 0
Request-Time: 0
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Last-Modified: Fri, 01 Jan 2010 00:00:00 GMT
Access-Control-Allow-Origin: https://www.mc-utstyr.no
Access-Control-Expose-Headers: ETag
Access-Control-Allow-Credentials: true
Date: Wed, 30 Nov 2022 08:09:18 GMT
Content-Type: image/gif
content-length: 43
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash c3c6fcc1a6ec6e438b371359a220d437
646d2c502eb3579d0c394dbdd16ef10f60f43063
5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 495
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:18 GMT
Last-Modified: Wed, 30 Nov 2022 08:01:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
www.mc-utstyr.no/users/mcutstyr2_mystore_no/logo/favicon1.png
200 OK 3.0 kB URL HTTP/2 www.mc-utstyr.no/users/mcutstyr2_mystore_no/logo/favicon1.png
IP
File type PNG image data, 82 x 82, 8-bit/color RGBA, non-interlaced\012- data
Hash dd96300ce0e1d13a538c063314de2f62
3097638cb33a9d09d110958a9e229d33e56be991
5885bc255c61ee199e4a94c2ccdfeda09a48d2780fca0f3095758b993460db3b
GET /users/mcutstyr2_mystore_no/logo/favicon1.png HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
Cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh; kk_leadtag=true; kelkooId=a4c6295-184c7953c52-283199
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:18 GMT
content-type: image/png
content-length: 2990
last-modified: Wed, 07 Mar 2018 09:34:51 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 30 Dec 2022 08:09:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
connect.facebook.net/nb_NO/all.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/nb_NO/all.js
IP
File type ASCII text, with very long lines (1957)
Hash 7ef3682c2aeeb395a8d289c2962a8b01
58cb26e5011be2d6eb95018e86299406ffd6c1e7
a68bf7b57c56140d6da8aa3fa40999eb6ccec40317c2da12299e8329db79def2
GET /nb_NO/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: cf39a9bd0e43da84468221312fb7653d
etag: "a7f33026e8d11e6b0645f2273e08a1ea"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 30 Nov 2022 08:13:45 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: fvNoLCrus5Wo0onCliqLAQ==
x-fb-debug: p4PkfFZSyrlRs/vpoyD/uQzsXB+y6sV5Wh/EJ9QHG+nPXiD3sdFdTCPOvnEbkZsFn7DW3kX292nIBBxrT3qbBw==
priority: u=3,i
content-length: 1688
x-fb-trip-id: 1904183273
date: Wed, 30 Nov 2022 08:09:18 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b1a5da6636cd444028100566c55137cd
0c50a145e941e1aa6e3e2dede461248c67a789a2
bd83c87b7f38d37a7b443b4b7aa7f34b6c127070b332ac4f34d16aa17c6e301a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash c3c6fcc1a6ec6e438b371359a220d437
646d2c502eb3579d0c394dbdd16ef10f60f43063
5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 495
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:18 GMT
Last-Modified: Wed, 30 Nov 2022 08:01:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
apis.google.com/js/plusone.js
200 OK 21 kB URL HTTP/2 apis.google.com/js/plusone.js
IP
File type ASCII text, with very long lines (1279)
Hash 327d33b72373a953dc7ddef0c6463b48
2fd9b26cb459ff01c3a1dd3507f1c7484cce6ce4
1f9becca80520826519f7908eff9bc2cdf551f9afc5d2a276f9d3c4a55a0e79c
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Wed, 30 Nov 2022 08:09:18 GMT
expires: Wed, 30 Nov 2022 08:09:18 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "34fae0e5dab49917"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/nb_NO/all.js?hash=5f87346a840178503bf21029c851a7ee
200 OK 88 kB URL HTTP/2 connect.facebook.net/nb_NO/all.js?hash=5f87346a840178503bf21029c851a7ee
IP
File type ASCII text, with very long lines (18318)
Hash 509725f01ed7c6b5f8bb645fe7c5ee2d
3d40ee6203f1bc9a4711c71fbed840629b3193ca
3136550beec5664c913b02fb5965d6baa92689d48dfb40eed852134c05d9bdbf
GET /nb_NO/all.js?hash=5f87346a840178503bf21029c851a7ee HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mc-utstyr.no
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: eaa36b42d3a40a3e7a563f6d129c1a94
etag: "3a75f984738de7a9f54ac2267959ce7b"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 30 Nov 2023 05:53:39 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: UJcl8B7XxrX4u2Rf58XuLQ==
x-fb-debug: WII1tH7VuJM1sN3+8trPtk32wOMiZ49PJi5N2yrj4j+0+GROLKWyLup9FZw5OldjT/uqEKvHRjIIg5379RY0gA==
priority: u=3,i
content-length: 88248
x-fb-trip-id: 1904183273
date: Wed, 30 Nov 2022 08:09:18 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/833441087/?random=1669795757753&cv=11&fst=1669795757753&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&auid=340546271.1669795758&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/833441087/?random=1669795757753&cv=11&fst=1669795757753&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&auid=340546271.1669795758&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2283), with no line terminators
Hash 00f1f78bffea649f4f5906364b1ad590
dc220c2a1655b13faf20547fe81fd364893c0447
d41fe5cc53537bedd30e32609cc72cfce370339f3a0390c310206e4fb635035f
GET /pagead/viewthroughconversion/833441087/?random=1669795757753&cv=11&fst=1669795757753&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&auid=340546271.1669795758&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 08:09:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1006
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Nov-2022 08:24:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/833441087/?random=1669795757762&cv=11&fst=1669795757762&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&value=598¤cy_code=NOK&auid=340546271.1669795758&data=event%3Dview_item%3Bid%3D2645&rfmt=3&fmt=4
200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/833441087/?random=1669795757762&cv=11&fst=1669795757762&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&value=598¤cy_code=NOK&auid=340546271.1669795758&data=event%3Dview_item%3Bid%3D2645&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2379), with no line terminators
Hash 6def1ed5e9d1e24997093d48aed9bae6
d3b149b70974016c16528343ed407387e8b737e6
f8f9564e4386be7d0278c879c6f337c5eb12cac086a73d6773f98ff27ba63715
GET /pagead/viewthroughconversion/833441087/?random=1669795757762&cv=11&fst=1669795757762&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&value=598¤cy_code=NOK&auid=340546271.1669795758&data=event%3Dview_item%3Bid%3D2645&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 08:09:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1035
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Nov-2022 08:24:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 06:41:08 GMT
expires: Wed, 30 Nov 2022 08:41:08 GMT
cache-control: public, max-age=7200
age: 5290
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f58cd30443a495eed3ec0d9827550c1
fd0f53d2acc63ae015b7b42155136ade5841ebc7
333a3cae36081ea37371e32dc9587faacfda5970daa476b3b36cd6f587ce1594
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/833441087/?random=1669795757753&cv=11&fst=1669795200000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1278665788&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/833441087/?random=1669795757753&cv=11&fst=1669795200000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1278665788&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/833441087/?random=1669795757753&cv=11&fst=1669795200000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1278665788&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 08:09:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/833441087/?random=1669795757753&cv=11&fst=1669795200000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1278665788&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/833441087/?random=1669795757753&cv=11&fst=1669795200000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1278665788&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/833441087/?random=1669795757753&cv=11&fst=1669795200000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1278665788&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 08:09:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/833441087/?random=1669795757762&cv=11&fst=1669795200000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&value=598¤cy_code=NOK&data=event%3Dview_item%3Bid%3D2645&fmt=3&is_vtc=1&random=74403653&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/833441087/?random=1669795757762&cv=11&fst=1669795200000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&value=598¤cy_code=NOK&data=event%3Dview_item%3Bid%3D2645&fmt=3&is_vtc=1&random=74403653&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/833441087/?random=1669795757762&cv=11&fst=1669795200000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&value=598¤cy_code=NOK&data=event%3Dview_item%3Bid%3D2645&fmt=3&is_vtc=1&random=74403653&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 08:09:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/833441087/?random=1669795757762&cv=11&fst=1669795200000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&value=598¤cy_code=NOK&data=event%3Dview_item%3Bid%3D2645&fmt=3&is_vtc=1&random=74403653&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/833441087/?random=1669795757762&cv=11&fst=1669795200000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&value=598¤cy_code=NOK&data=event%3Dview_item%3Bid%3D2645&fmt=3&is_vtc=1&random=74403653&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/833441087/?random=1669795757762&cv=11&fst=1669795200000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Cruiser%202%20-%20MC-UTSTYR&value=598¤cy_code=NOK&data=event%3Dview_item%3Bid%3D2645&fmt=3&is_vtc=1&random=74403653&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 08:09:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/x/oauth/status?client_id=138255156243557&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&sdk=joey&wants_cookie_data=true
200 OK 0 B URL HTTP/2 www.facebook.com/x/oauth/status?client_id=138255156243557&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&sdk=joey&wants_cookie_data=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/oauth/status?client_id=138255156243557&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.mc-utstyr.no%2Fproducts%2Fbraided-2_4%3Fkk%3Da4c6295-184c7953c52-283199%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DSaddlemen%2BCruiser%2B2&sdk=joey&wants_cookie_data=true HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mc-utstyr.no/
Origin: https://www.mc-utstyr.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: https://www.mc-utstyr.no
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
x-fb-debug: CcMKop6mqrApuypZ5sNnt4NwQh0N76kR3OlidjxYTeXgopVrPT/2yQobcdO9v4v1HNFCpXQGVW5MixO1MuK+Zg==
content-length: 0
date: Wed, 30 Nov 2022 08:09:19 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a67f152254e0a2cfaf6ba5e5e51d9ae4
6ddc5ee596d0469d4d5f0bbcd1918677019337b4
d786acd565665c5d7c3c43e1ec737a20f8ed2a2467bff7758cc9cbb199e602d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:09:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.mc-utstyr.no&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
200 OK 4.7 kB URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.mc-utstyr.no&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2267)
Hash ded6d06e635ab588414ab5b09b93ddba
8c72db8e267663bf1950d0e0f808d6eba6de7379
220ed1216ae461a53e9be03ddcf8d503aea4946895792b328639c1fd6ed433e5
GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.mc-utstyr.no&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 30 Nov 2022 08:09:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-hn3dFJH5f8-4LTBjcinNbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mc-utstyr.no/users/themeeuropa_mystore_no/templates/europa/js/paris.bundle.js
200 OK 0 B URL HTTP/2 www.mc-utstyr.no/users/themeeuropa_mystore_no/templates/europa/js/paris.bundle.js
IP
GET /users/themeeuropa_mystore_no/templates/europa/js/paris.bundle.js HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
Cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:18 GMT
content-type: application/javascript
last-modified: Mon, 07 Oct 2019 09:17:44 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 30 Dec 2022 08:09:18 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.mc-utstyr.no/global.css.php?version=a1664790516&host=mcutstyr2_mystore_no
200 OK 0 B URL HTTP/2 www.mc-utstyr.no/global.css.php?version=a1664790516&host=mcutstyr2_mystore_no
IP
GET /global.css.php?version=a1664790516&host=mcutstyr2_mystore_no HTTP/1.1
Host: www.mc-utstyr.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/products/braided-2_4?kk=a4c6295-184c7953c52-283199&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Saddlemen+Cruiser+2
Cookie: digistore_custid=6mjjg1e909a41j89pr8sv020rh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:09:18 GMT
content-type: text/css; Charset: UTF-8;charset=iso-8859-1
expires: Wed, 07 Dec 2022 08:09:18 GMT
pragma: cache
cache-control: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
x.klarnacdn.net/payment-method/assets/badges/generic/white/klarna.svg
200 OK 0 B URL HTTP/2 x.klarnacdn.net/payment-method/assets/badges/generic/white/klarna.svg
IP
GET /payment-method/assets/badges/generic/white/klarna.svg HTTP/1.1
Host: x.klarnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mc-utstyr.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 28 Nov 2022 08:38:56 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Oct 2022 11:44:39 GMT
etag: W/"3758d80b7e5fb6ce4f6a2d5084139737"
cache-control: public,max-age=604800
x-amz-version-id: 2DlNkGsT35186asrFH0Ckl7JQnHKoi79
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WPBh5jzhfT7yqA2hAooqn9R9u9kQKsDYc4NssFqOgL5zZYTBz1ZwIQ==
age: 171023
X-Firefox-Spdy: h2
204.11.56.48
93.184.220.29
142.250.74.110
95.211.116.27
31.13.72.12
23.36.76.226
185.60.164.26
52.17.124.116
0.0.0.0