bonestry.com/
5.161.117.135301 Moved Permanently 0 B IP 5.161.117.135:0
ASN #213230 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: bonestry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 18 Dec 2022 07:38:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Location: https://bonestry.com/
Pragma: no-cache
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f3cf7e36f17a535e53e5213c02cf2b4
e65acbc03135ce135b9e91b4f74b3e1439faa6f6
a2317476862acd0a92fe523454c3991752b07ba14e7667f421dd9624e0233758
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2317476862ACD0A92FE523454C3991752B07BA14E7667F421DD9624E0233758"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8697
Expires: Sun, 18 Dec 2022 10:03:25 GMT
Date: Sun, 18 Dec 2022 07:38:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 460af93786e1eaa666f135e6c3fdc634
bc8aeba36225c79718f5de73d79928fe817c5490
471f4e7ae29bcf6ba1f749c0f5d4ab446cebfac5aa80c3e19c6edf21be456eb5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "471F4E7AE29BCF6BA1F749C0F5D4AB446CEBFAC5AA80C3E19C6EDF21BE456EB5"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7059
Expires: Sun, 18 Dec 2022 09:36:07 GMT
Date: Sun, 18 Dec 2022 07:38:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 18 Dec 2022 06:45:25 GMT
content-type: application/json
age: 3183
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bcade8542361774f13ecd22557ff8fb8
5e67a3753b0856c765f3b17f1742d3ed684ffb6d
647f8d9d3d1170e60a60e15fdfd9b59445feb56a6ce9d9bb2fa4720f0bfc3a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "647F8D9D3D1170E60A60E15FDFD9B59445FEB56A6CE9D9BB2FA4720F0BFC3A14"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11281
Expires: Sun, 18 Dec 2022 10:46:29 GMT
Date: Sun, 18 Dec 2022 07:38:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5KD36A3tiCgueC7iya0UjLfbfk4L1wu7Hi4yh5SHPQp5qbSqVv39sLDwrJm7dG6etw0lnwGdjP4=
x-amz-request-id: 4MDJXTB5VJJE7GYJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 18 Dec 2022 06:52:06 GMT
age: 2782
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 07:38:28 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de18efd6c37a08f6a88959e5dd0f5280
5a57b436338b5a1ffa0ad94d9e893319c33af992
c48d48af19a2aafc4b7c3f09d33bb7eec84b4dc5ac67e124cd7a7e9bcec84f2a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C48D48AF19A2AAFC4B7C3F09D33BB7EEC84B4DC5AC67E124CD7A7E9BCEC84F2A"
Last-Modified: Sat, 17 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Sun, 18 Dec 2022 13:37:38 GMT
Date: Sun, 18 Dec 2022 07:38:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 18 Dec 2022 07:33:23 GMT
age: 306
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
bonestry.com/
5.161.117.135200 OK 185 B IP 5.161.117.135:0
ASN #213230 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 156a10cf26b6c2dff30c1d5c213efb8e
87fe0c812083324fbfedff0bf01c17e5d21ad834
22a38bb6bc753348d969125eb30a920f25ea695b99766fd69df07bcf29966eab
GET / HTTP/1.1
Host: bonestry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 07:38:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 185
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpalbebm;Expires=Wednesday, 18-Jan-2023 07:38:28 GMT;Max-Age=2678400;Path=/
caf6b=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNjcxMzQ5MTA4fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNjcxMzQ5MTA4fSxcInRpbWVcIjoxNjcxMzQ5MTA4fSJ9.mOcFhtQgXUKq4ObVXgV79vnzdFnOFCeGKEiz8Qrb56Q;Expires=Thursday, 05-Dec-2075 15:16:56 GMT;Max-Age=1671435508;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2d1752cd6eb7f48e7494373911a5b996
43d9c23c4d03cccce0fc478f0e12c0874dc762fd
aded7fd1d638c001b0b462fdfeee0549d2ed61b51ced88eb83690e2e20ed36d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2738
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:38:29 GMT
Last-Modified: Sun, 18 Dec 2022 06:52:51 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
maritimevs.com/
54.202.126.85302 Found 0 B IP 54.202.126.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: maritimevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 18 Dec 2022 07:38:29 GMT
Server: Apache/2.4.46 (Unix) OpenSSL/1.1.1n
X-Powered-By: PHP/7.4.15
Location: http://colemass.com/wlcrehmz
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
54.149.83.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.83.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yvZwQL4dYZcxXRF1TdxJ3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qT4OHN3im3ZrW/tiRkbWbXKHLSY=
colemass.com/wlcrehmz
54.202.126.85302 Found 0 B IP 54.202.126.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wlcrehmz HTTP/1.1
Host: colemass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 18 Dec 2022 07:38:29 GMT
Server: Apache/2.4.46 (Unix) OpenSSL/1.1.1n
X-Powered-By: PHP/7.4.15
Location: http://selectalternatives.com
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
selectalternatives.com/
103.224.182.241302 Found 0 B IP 103.224.182.241:0
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: selectalternatives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 18 Dec 2022 07:38:30 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1671349110.5924341; expires=Wed, 15-Dec-2032 07:38:30 GMT; Max-Age=315360000
Location: http://ww38.selectalternatives.com/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2402
Expires: Sun, 18 Dec 2022 08:18:32 GMT
Date: Sun, 18 Dec 2022 07:38:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2402
Expires: Sun, 18 Dec 2022 08:18:32 GMT
Date: Sun, 18 Dec 2022 07:38:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2402
Expires: Sun, 18 Dec 2022 08:18:32 GMT
Date: Sun, 18 Dec 2022 07:38:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2402
Expires: Sun, 18 Dec 2022 08:18:32 GMT
Date: Sun, 18 Dec 2022 07:38:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2402
Expires: Sun, 18 Dec 2022 08:18:32 GMT
Date: Sun, 18 Dec 2022 07:38:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345d372d-49ec-4387-99c1-d3cf9f5906f5.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345d372d-49ec-4387-99c1-d3cf9f5906f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e9d18ca29ccd52a2d503336cd466b00d
d9efd68382ccd3309c943690088cca4e5934ecff
de202292f0930aaaf434fc9b54652707b9da5ef7ccd7a1f888d3bf46755874be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345d372d-49ec-4387-99c1-d3cf9f5906f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5439
x-amzn-requestid: 52d18b91-20fd-417a-9fb2-2d039e05e6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2Z2HCXoAMFsqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3772-2f8d69d42408b30e4725763a;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:41:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LXJDMcnNM5qf9LmdkozPQOR1WBoiXGA4e4jrw9CE41NtDs_NxTuueQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:54:23 GMT
age: 35047
etag: "d9efd68382ccd3309c943690088cca4e5934ecff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c80a9fa-2fa0-4eaa-8573-26bcb62a1728.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c80a9fa-2fa0-4eaa-8573-26bcb62a1728.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 455fac45ae0c53d1597a541eaf497576
591202053dde2e39766bb8d58898dd58bac94b64
567510fec1be57dc02c7daf4aa2b6ecdfd79c218e02dbab9319ad8cee75034db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c80a9fa-2fa0-4eaa-8573-26bcb62a1728.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12988
x-amzn-requestid: 98254e1f-8c22-46db-9eb3-6dd85a657173
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2Z2FG3IAMFlmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3772-2aa92ecb7ea390b82c1c2665;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:41:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ctRdi7t-KHO1QuclQGGeDghvY-dPCBmNTG03wzwi8Tf7kCcBNgnIjA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:54:07 GMT
age: 35063
etag: "591202053dde2e39766bb8d58898dd58bac94b64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ada04738696f861648635c9ba98841e4
ce644cd4349d88aa7c24b2503b0b18b444061639
e5cee777efbf1d8a0f95f6cce71199e5f016a91f90cf0afe38bc86654b9d730d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8696
x-amzn-requestid: c897aeed-a082-46a1-965f-39e8c763cb05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10ZH3jIAMF0gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-548ac80840737a20743980f5;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JecluZu8ExMmP-UHM8QbK-bjm_yqULU1tl2QQDfKMea8NHM6y2JI7g==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:37:06 GMT
age: 36084
etag: "ce644cd4349d88aa7c24b2503b0b18b444061639"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed374d0c34e8b2e15f08a6479a4f45e7
5db9e59699048998f0685e940640eae19ef11c8e
9933854830be796a87cfe44b6b8336294e2d3dbbe3205f267720aca6968c3a21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12125
x-amzn-requestid: e44faa15-1dfd-4bc0-bdfb-307c3de2755d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2QPFZAIAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3734-33d636210a1e24742ee71187;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DmeWRYIlUMCR8Nds0-n0a9ju0ySR7ZuTAS82Lu8sZxPXQpBJkqzvww==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:52:21 GMT
age: 35169
etag: "5db9e59699048998f0685e940640eae19ef11c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfd0e913579b4ff2f511223d70cb01fb
497e0ffef816e100e6ddc221ec17d5f389c1142a
bee68ae1a938a5111a32dab4ec4f6964994e6c39143eac9ab94d6c5e29999372
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3087af97-3f2d-4848-b297-eba8d84f10c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10YHv8oAMF2sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-7527022d4bd9c15518fe75cc;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KyEMrUTeuVTPJ3EIkrH1DLYqa4bHK7fe6dApTAFP4XY0G4airnflGA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:37:06 GMT
age: 36084
etag: "497e0ffef816e100e6ddc221ec17d5f389c1142a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12c4c2232b6d09e9085f0214b3260c1e
a24f8e949a2f2a973fe2dd5af994cd970d37f13a
000475ed7d0aab9a7dab3e25f0a29f82552739fea99f98cbf5131282d0db7d63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10670
x-amzn-requestid: d72e1904-caf4-4c72-a811-d1bde023f4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT11JGCsIAMFRDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3687-7789040d71253d00378f9162;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8qqSQbj22k16ApKTT8y5BQItInb8EjZuACdWcsW_FnMysvnDADbLxQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:37:11 GMT
age: 36079
etag: "a24f8e949a2f2a973fe2dd5af994cd970d37f13a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ww38.selectalternatives.com/
185.53.179.29200 OK 2.5 kB URL HTTP/1.1 ww38.selectalternatives.com/
IP 185.53.179.29:0
ASN #61969 Team Internet AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2258)
Hash 83570f74e4010548f89aba7684808f5a
21710794a02eb682d3618563c7df2840f9582c6e
09d42b34cae6f616f4710e543df05f53ba62398208ac495ded45294fe6528561
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ww38.selectalternatives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 07:38:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Redirect: zeropark_zeroclick
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
d38psrni17bvxu.cloudfront.net/scripts/js3.js
54.230.245.8200 OK 1.1 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/js3.js
IP 54.230.245.8:0
File type ASCII text, with very long lines (506)
Hash 64b79b43df8fbf2c5d082964b9116a68
dc3c763519baf0f4c32bb60bfc429651a491ea01
c57e9feec209e3ea5eb1d75a1ba6fa277242a3df250055be8446052b51e58637
GET /scripts/js3.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.selectalternatives.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1134
Connection: keep-alive
Server: nginx
Date: Sun, 18 Dec 2022 04:54:36 GMT
Last-Modified: Tue, 17 Aug 2021 09:17:22 GMT
Accept-Ranges: bytes
ETag: "611b7ea2-46e"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IJLe9NAVOYHwwjXVz6rDT2x1aOESeA5oE0EN9-psWTtWVc0NaxtELg==
Age: 9835
ww38.selectalternatives.com/track.php?domain=selectalternatives.com&toggle=browserjs&uid=MTY3MTM0OTExMC45MDk0OmQ4Njc0ZmY2N2VmZTViZDcxYWQzOGM4NjE1ZWYxYmNkYjUzMjgyYzg1YzljNThkOTc5NTkwNzc2NmU3NTI1MzY6NjM5ZWMzNzZkZTA2ZQ%3D%3D
185.53.179.29200 OK 20 B URL HTTP/1.1 ww38.selectalternatives.com/track.php?domain=selectalternatives.com&toggle=browserjs&uid=MTY3MTM0OTExMC45MDk0OmQ4Njc0ZmY2N2VmZTViZDcxYWQzOGM4NjE1ZWYxYmNkYjUzMjgyYzg1YzljNThkOTc5NTkwNzc2NmU3NTI1MzY6NjM5ZWMzNzZkZTA2ZQ%3D%3D
IP 185.53.179.29:0
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=selectalternatives.com&toggle=browserjs&uid=MTY3MTM0OTExMC45MDk0OmQ4Njc0ZmY2N2VmZTViZDcxYWQzOGM4NjE1ZWYxYmNkYjUzMjgyYzg1YzljNThkOTc5NTkwNzc2NmU3NTI1MzY6NjM5ZWMzNzZkZTA2ZQ%3D%3D HTTP/1.1
Host: ww38.selectalternatives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.selectalternatives.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 07:38:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ww38.selectalternatives.com/favicon.ico
185.53.179.29200 OK 0 B URL HTTP/1.1 ww38.selectalternatives.com/favicon.ico
IP 185.53.179.29:0
ASN #61969 Team Internet AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ww38.selectalternatives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.selectalternatives.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 07:38:32 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
ww38.selectalternatives.com/track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=selectalternatives.com&uid=MTY3MTM0OTExMC45MDk0OmQ4Njc0ZmY2N2VmZTViZDcxYWQzOGM4NjE1ZWYxYmNkYjUzMjgyYzg1YzljNThkOTc5NTkwNzc2NmU3NTI1MzY6NjM5ZWMzNzZkZTA2ZQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MzllYzM3NmRlMDUzfHx8MTY3MTM0OTExMS4xOTYyfDY1NDc3NGMzNmVlMTY5YmE4YzI1MjMyYTlhZGIxMGY1NTBlMDRkZGZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw4NGU0NmJjYjVlNDY0OTM0ZWIzNDAyNDFiMjI5NjM3MWNlZjY2MzQ5fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
185.53.179.29200 OK 20 B URL HTTP/1.1 ww38.selectalternatives.com/track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=selectalternatives.com&uid=MTY3MTM0OTExMC45MDk0OmQ4Njc0ZmY2N2VmZTViZDcxYWQzOGM4NjE1ZWYxYmNkYjUzMjgyYzg1YzljNThkOTc5NTkwNzc2NmU3NTI1MzY6NjM5ZWMzNzZkZTA2ZQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MzllYzM3NmRlMDUzfHx8MTY3MTM0OTExMS4xOTYyfDY1NDc3NGMzNmVlMTY5YmE4YzI1MjMyYTlhZGIxMGY1NTBlMDRkZGZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw4NGU0NmJjYjVlNDY0OTM0ZWIzNDAyNDFiMjI5NjM3MWNlZjY2MzQ5fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
IP 185.53.179.29:0
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=selectalternatives.com&uid=MTY3MTM0OTExMC45MDk0OmQ4Njc0ZmY2N2VmZTViZDcxYWQzOGM4NjE1ZWYxYmNkYjUzMjgyYzg1YzljNThkOTc5NTkwNzc2NmU3NTI1MzY6NjM5ZWMzNzZkZTA2ZQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MzllYzM3NmRlMDUzfHx8MTY3MTM0OTExMS4xOTYyfDY1NDc3NGMzNmVlMTY5YmE4YzI1MjMyYTlhZGIxMGY1NTBlMDRkZGZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw4NGU0NmJjYjVlNDY0OTM0ZWIzNDAyNDFiMjI5NjM3MWNlZjY2MzQ5fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off HTTP/1.1
Host: ww38.selectalternatives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.selectalternatives.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 07:38:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-View-Match: true
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ciar-kep.com/zcvisitor/f81d15c1-7ea6-11ed-9af3-12806cf4fb7f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
3.208.247.235200 1.1 kB URL HTTP/1.1 ciar-kep.com/zcvisitor/f81d15c1-7ea6-11ed-9af3-12806cf4fb7f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
IP 3.208.247.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c15825cd1c174f6b0a0831d437364d9b
4e732115bfd6ae0b1e3c6c5ffca8e8e41700635b
9268d1b1dbd33142a9e1862a043072400693d98c98ec22520ba7b96a62b426ad
Analyzer Verdict Alert quad9 Sinkholed
GET /zcvisitor/f81d15c1-7ea6-11ed-9af3-12806cf4fb7f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1
Host: ciar-kep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.selectalternatives.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 18 Dec 2022 07:38:32 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: YDShxwSZ
ciar-kep.com/zcredirect?visitid=f81d15c1-7ea6-11ed-9af3-12806cf4fb7f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
3.208.247.235200 362 B URL HTTP/1.1 ciar-kep.com/zcredirect?visitid=f81d15c1-7ea6-11ed-9af3-12806cf4fb7f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 3.208.247.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5aff74e797324416847e5d61e16690f1
758443ddcf1cbbb856673cebab8dfb2749a9d19b
8fa6c862f97e03be02562114d01fe5adb8ea6423ed34b75682b4ac9a77470348
Analyzer Verdict Alert quad9 Sinkholed
GET /zcredirect?visitid=f81d15c1-7ea6-11ed-9af3-12806cf4fb7f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: ciar-kep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ciar-kep.com/zcvisitor/f81d15c1-7ea6-11ed-9af3-12806cf4fb7f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 18 Dec 2022 07:38:32 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: nOubVezR
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2fc1337e0304fc560fc10ea2920bc3c
48e7f1254e6baac9998c2b934b4be84c223abaef
f8db38022ab92edd95000041f29e02b6d03595b12a510611308a9bcb80c31ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8DB38022AB92EDD95000041F29E02B6D03595B12A510611308A9BCB80C31EE3"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10333
Expires: Sun, 18 Dec 2022 10:30:45 GMT
Date: Sun, 18 Dec 2022 07:38:32 GMT
Connection: keep-alive
clever-redirect.com/s/r6?s=623619497&s2=lateritious-falcon&s3=sierra-wog-tgg32l8oy
78.46.197.88200 OK 353 B URL HTTP/2 clever-redirect.com/s/r6?s=623619497&s2=lateritious-falcon&s3=sierra-wog-tgg32l8oy
IP 78.46.197.88:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (353), with no line terminators
Hash abc396d30d6b3dfa51ec6d7b1afde47c
393c41bae84e8f0566a5bef7973dc44b79b976ba
6033819c6a99a0318b00a14f94fc81a57b88f0f7a8f7e638839cced404ae9da9
GET /s/r6?s=623619497&s2=lateritious-falcon&s3=sierra-wog-tgg32l8oy HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ciar-kep.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
set-cookie: 60ada835b760a4098377c4f846fa83ba=c523408dc64dc1cba7e7f31adbca266b17a83666301f91de1d749ade041865fca%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2260ada835b760a4098377c4f846fa83ba%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 19-Dec-2022 07:38:32 GMT; Max-Age=86400; path=/; HttpOnly
content-length: 353
content-type: text/html; charset=UTF-8
date: Sun, 18 Dec 2022 07:38:32 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
X-Firefox-Spdy: h2
ciar-kep.com/favicon.ico
3.208.247.235404 653 B IP 3.208.247.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: ciar-kep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ciar-kep.com/zcredirect?visitid=f81d15c1-7ea6-11ed-9af3-12806cf4fb7f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Sun, 18 Dec 2022 07:38:32 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: UMIkvCAQ
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3952e09c24f92988f048a65745af7d08
afa6cc6a5628b4e389325863fcf8a6d7989b9480
432931dcbba1627af35866bed446da83cba1834c8cde653ccfc25f9d464cde79
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "432931DCBBA1627AF35866BED446DA83CBA1834C8CDE653CCFC25F9D464CDE79"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13141
Expires: Sun, 18 Dec 2022 11:17:33 GMT
Date: Sun, 18 Dec 2022 07:38:32 GMT
Connection: keep-alive
lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=skousen.no&s1=623619497&s2=lateritious-falcon&s3=sierra-wog-tgg32l8oy&s5=cf
5.9.110.29200 OK 939 B URL HTTP/1.1 lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=skousen.no&s1=623619497&s2=lateritious-falcon&s3=sierra-wog-tgg32l8oy&s5=cf
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document, ASCII text, with very long lines (939), with no line terminators
Hash 9517ad76e36aeec6445b6d1f36e3ffba
804e17e933e157d7ea74d72940bc09a5e5349bfc
ef2025e0991629fe60ebeb3a5ca52613c461fb3b3b11029d0411bbe4f11f2575
GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=skousen.no&s1=623619497&s2=lateritious-falcon&s3=sierra-wog-tgg32l8oy&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:38:32 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.13
Set-Cookie: bf8ba066df5d5fb4a551369f56f9863a=755d16e7398d6924ececb2a47fe1e17c53e2c19321958f1482e32e7faa7a436da%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22bf8ba066df5d5fb4a551369f56f9863a%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 19-Dec-2022 07:38:32 GMT; Max-Age=86399; path=/; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DMW5NL2UxWjkrWU1nWVdpeUN5eFY4UENGVGFwQUVhcC9MbjhGUUE1Y25SUGJQcGJjaG5rM1RwOVBvM2FqZ0IrdS9lYVZmTi9RVFd0ejcxSTlZUTNWbDVjSHdjcmkzeEJ1YWQrN0FyMC9SWHBrcllvRVNWbnFSekMrSjZIcGpGMVhhK0g0YWx2QUxvbFZjbERLa3hsR0FjVEhlcy8rQTZ4eUI1b0FtYU1KMWJOQS9UOUhJMmhjTCtwd0Z4b1p3Wkw4Lzl0SzdWbkdnOHhaK2FORlZxZlViUzdtQ2VEN20rdlNvOEhEaGsrQVA3NXhqRy91M2c4RWFLclh6RkVrcXhoNVNCQU1nTEU4M2luMHBXZzN0YXZDSThCa05Yb21OMFhSeGtIUkRyV0grZmd5MTVpU3VvaVlvenBYN0lWVnllNi9sZXdoNXNiSlBoemRkbHEvU1RqRENCakhMaG8wYUt2K2x1QlByMkdaUVFuNHcxZVM3K1BTVCszK1FDaW5RMVpJWkZXU04yNGhIV2VKeGF0cHhvK1J0S3h1dDZiSWxxQTl0SXJWSHc9PQ%3D%3D%26i%3Da9p496q92mFWmqEr%26placementId%3Dc0331984bffc848baeccdfb1d0d07f0b&h=f4e4189cef0de65d2559e54f64264c92
5.9.110.29200 OK 867 B URL HTTP/1.1 lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DMW5NL2UxWjkrWU1nWVdpeUN5eFY4UENGVGFwQUVhcC9MbjhGUUE1Y25SUGJQcGJjaG5rM1RwOVBvM2FqZ0IrdS9lYVZmTi9RVFd0ejcxSTlZUTNWbDVjSHdjcmkzeEJ1YWQrN0FyMC9SWHBrcllvRVNWbnFSekMrSjZIcGpGMVhhK0g0YWx2QUxvbFZjbERLa3hsR0FjVEhlcy8rQTZ4eUI1b0FtYU1KMWJOQS9UOUhJMmhjTCtwd0Z4b1p3Wkw4Lzl0SzdWbkdnOHhaK2FORlZxZlViUzdtQ2VEN20rdlNvOEhEaGsrQVA3NXhqRy91M2c4RWFLclh6RkVrcXhoNVNCQU1nTEU4M2luMHBXZzN0YXZDSThCa05Yb21OMFhSeGtIUkRyV0grZmd5MTVpU3VvaVlvenBYN0lWVnllNi9sZXdoNXNiSlBoemRkbHEvU1RqRENCakhMaG8wYUt2K2x1QlByMkdaUVFuNHcxZVM3K1BTVCszK1FDaW5RMVpJWkZXU04yNGhIV2VKeGF0cHhvK1J0S3h1dDZiSWxxQTl0SXJWSHc9PQ%3D%3D%26i%3Da9p496q92mFWmqEr%26placementId%3Dc0331984bffc848baeccdfb1d0d07f0b&h=f4e4189cef0de65d2559e54f64264c92
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (867), with no line terminators
Hash 1fbc8e9441e89cfdf6765dab0d22bb0c
f01dd4a84c090b91c1b2cb39f26136cc52ac996b
5fd735ac6162e5f783afe0132c31228498f73d48510633f22a24cc628e5362a1
GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DMW5NL2UxWjkrWU1nWVdpeUN5eFY4UENGVGFwQUVhcC9MbjhGUUE1Y25SUGJQcGJjaG5rM1RwOVBvM2FqZ0IrdS9lYVZmTi9RVFd0ejcxSTlZUTNWbDVjSHdjcmkzeEJ1YWQrN0FyMC9SWHBrcllvRVNWbnFSekMrSjZIcGpGMVhhK0g0YWx2QUxvbFZjbERLa3hsR0FjVEhlcy8rQTZ4eUI1b0FtYU1KMWJOQS9UOUhJMmhjTCtwd0Z4b1p3Wkw4Lzl0SzdWbkdnOHhaK2FORlZxZlViUzdtQ2VEN20rdlNvOEhEaGsrQVA3NXhqRy91M2c4RWFLclh6RkVrcXhoNVNCQU1nTEU4M2luMHBXZzN0YXZDSThCa05Yb21OMFhSeGtIUkRyV0grZmd5MTVpU3VvaVlvenBYN0lWVnllNi9sZXdoNXNiSlBoemRkbHEvU1RqRENCakhMaG8wYUt2K2x1QlByMkdaUVFuNHcxZVM3K1BTVCszK1FDaW5RMVpJWkZXU04yNGhIV2VKeGF0cHhvK1J0S3h1dDZiSWxxQTl0SXJWSHc9PQ%3D%3D%26i%3Da9p496q92mFWmqEr%26placementId%3Dc0331984bffc848baeccdfb1d0d07f0b&h=f4e4189cef0de65d2559e54f64264c92 HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: bf8ba066df5d5fb4a551369f56f9863a=755d16e7398d6924ececb2a47fe1e17c53e2c19321958f1482e32e7faa7a436da%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22bf8ba066df5d5fb4a551369f56f9863a%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:38:33 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.13
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d6ebdce4fde92a329072ba70bbdbfe31
a455df5f2125e22bcc43ff6ea160c5ff4d17caf1
5315a30d947ab8939e8812556617b61f46a363416e4da795aae6f3bb8b27ec55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5315A30D947AB8939E8812556617B61F46A363416E4DA795AAE6F3BB8B27EC55"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3414
Expires: Sun, 18 Dec 2022 08:35:27 GMT
Date: Sun, 18 Dec 2022 07:38:33 GMT
Connection: keep-alive
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8193137ab46161fa225358a82bc75bd0
b75a42e8fa353eac1e247d2a559d93b9ce124449
5b7eef962dd61b9dfe242c335792317e18aac0839b0e3c970d304646302fe987
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4676
Cache-Control: max-age=126606
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:38:33 GMT
Etag: "639dfcc3-1d7"
Expires: Mon, 19 Dec 2022 18:48:39 GMT
Last-Modified: Sat, 17 Dec 2022 17:30:43 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1671328059827&.sig=mvDk2BxPnkEiuBButbI3uiwSNoA-&affiliationId=96965886&comId=100476520&country=no&offerId=d84383d544d483524a0dcd55721c4b42&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=0f47df23d7ca033f32cb52506c393200e79a5616838e289eeb055ac1c1d8907b&custom2=SRdytlITOR16&custom3=false
95.211.116.26200 OK 33 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1671328059827&.sig=mvDk2BxPnkEiuBButbI3uiwSNoA-&affiliationId=96965886&comId=100476520&country=no&offerId=d84383d544d483524a0dcd55721c4b42&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=0f47df23d7ca033f32cb52506c393200e79a5616838e289eeb055ac1c1d8907b&custom2=SRdytlITOR16&custom3=false
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash 0a7d5fbf166818e6fac7914888a9a550
a2e157e6d04853e1730f8088ad4a142806a9e3de
cbddb882993d6176fc648b307763ff344f7e611b35fccc5fc1cb306c0aa70192
GET /ctl/go/offersearchGo?.ts=1671328059827&.sig=mvDk2BxPnkEiuBButbI3uiwSNoA-&affiliationId=96965886&comId=100476520&country=no&offerId=d84383d544d483524a0dcd55721c4b42&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=0f47df23d7ca033f32cb52506c393200e79a5616838e289eeb055ac1c1d8907b&custom2=SRdytlITOR16&custom3=false HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390
clickId: 107698147_1671349113719_10814644
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=61ed0ghHXtaZMiEwDKCPfWJvL5dZA6zjZVhUvnHlpRtLzUOs2SwMru6amvA2wBbR8sw-VQ8ucP95LkXRDK7coXhEOaQA2QVCR52ltwW5ha8NFeWhXVTAz24mLJNvpJho; Max-Age=31536000; Expires=Mon, 18 Dec 2023 07:38:33 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c6293-185242b9378-3a07b1; Max-Age=31536000; Expires=Mon, 18 Dec 2023 07:38:33 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
X-DataDome: protected
Request-Time: PT0.167869S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Sun, 18 Dec 2022 07:38:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 33031
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a75b6c8b96540a3b7c9431f5edc965e59755b04ce23b8b3cd621c62d6d6fc59f0f3c6daa8174b97e22128a909f42e15d9761be5835d282bc943d7c8126b2d5596bbac413fbcca1fb021c5fe1ef22506cee7c8bc51249d1e659791100d1bbb3df21c42711c8479f4c3063cf2b5c262287bc3f2bfd2a9331164e924da21ce8ddc825f3cdcdb95a279fbf413a95cb7df763e326a6e2593ec8167bb26630eb842b077e2b88dbee2b305779ce7eed5d5babf8db22a4bbc152ece855db99a9509e7563c37e6e5519daa8ed1c849d3a3d488755ec7e2f097dc51cc1adb8b63d274fe4e4157e111d51938b17a31477711ab5a4aa05395d2f7b1a4800e9610dc526640e652b&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390&clickId=107698147_1671349113719_10814644
95.211.116.26200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a75b6c8b96540a3b7c9431f5edc965e59755b04ce23b8b3cd621c62d6d6fc59f0f3c6daa8174b97e22128a909f42e15d9761be5835d282bc943d7c8126b2d5596bbac413fbcca1fb021c5fe1ef22506cee7c8bc51249d1e659791100d1bbb3df21c42711c8479f4c3063cf2b5c262287bc3f2bfd2a9331164e924da21ce8ddc825f3cdcdb95a279fbf413a95cb7df763e326a6e2593ec8167bb26630eb842b077e2b88dbee2b305779ce7eed5d5babf8db22a4bbc152ece855db99a9509e7563c37e6e5519daa8ed1c849d3a3d488755ec7e2f097dc51cc1adb8b63d274fe4e4157e111d51938b17a31477711ab5a4aa05395d2f7b1a4800e9610dc526640e652b&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390&clickId=107698147_1671349113719_10814644
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a75b6c8b96540a3b7c9431f5edc965e59755b04ce23b8b3cd621c62d6d6fc59f0f3c6daa8174b97e22128a909f42e15d9761be5835d282bc943d7c8126b2d5596bbac413fbcca1fb021c5fe1ef22506cee7c8bc51249d1e659791100d1bbb3df21c42711c8479f4c3063cf2b5c262287bc3f2bfd2a9331164e924da21ce8ddc825f3cdcdb95a279fbf413a95cb7df763e326a6e2593ec8167bb26630eb842b077e2b88dbee2b305779ce7eed5d5babf8db22a4bbc152ece855db99a9509e7563c37e6e5519daa8ed1c849d3a3d488755ec7e2f097dc51cc1adb8b63d274fe4e4157e111d51938b17a31477711ab5a4aa05395d2f7b1a4800e9610dc526640e652b&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390&clickId=107698147_1671349113719_10814644 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1671328059827&.sig=mvDk2BxPnkEiuBButbI3uiwSNoA-&affiliationId=96965886&comId=100476520&country=no&offerId=d84383d544d483524a0dcd55721c4b42&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=0f47df23d7ca033f32cb52506c393200e79a5616838e289eeb055ac1c1d8907b&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=61ed0ghHXtaZMiEwDKCPfWJvL5dZA6zjZVhUvnHlpRtLzUOs2SwMru6amvA2wBbR8sw-VQ8ucP95LkXRDK7coXhEOaQA2QVCR52ltwW5ha8NFeWhXVTAz24mLJNvpJho; kelkooID=a4c6293-185242b9378-3a07b1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Request-Time: PT0.00148S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Sun, 18 Dec 2022 07:38:33 GMT
Content-Type: image/png
Content-Length: 68
api.yadore.com/v2/r?e=MW5NL2UxWjkrWU1nWVdpeUN5eFY4UENGVGFwQUVhcC9MbjhGUUE1Y25SUGJQcGJjaG5rM1RwOVBvM2FqZ0IrdS9lYVZmTi9RVFd0ejcxSTlZUTNWbDVjSHdjcmkzeEJ1YWQrN0FyMC9SWHBrcllvRVNWbnFSekMrSjZIcGpGMVhhK0g0YWx2QUxvbFZjbERLa3hsR0FjVEhlcy8rQTZ4eUI1b0FtYU1KMWJOQS9UOUhJMmhjTCtwd0Z4b1p3Wkw4Lzl0SzdWbkdnOHhaK2FORlZxZlViUzdtQ2VEN20rdlNvOEhEaGsrQVA3NXhqRy91M2c4RWFLclh6RkVrcXhoNVNCQU1nTEU4M2luMHBXZzN0YXZDSThCa05Yb21OMFhSeGtIUkRyV0grZmd5MTVpU3VvaVlvenBYN0lWVnllNi9sZXdoNXNiSlBoemRkbHEvU1RqRENCakhMaG8wYUt2K2x1QlByMkdaUVFuNHcxZVM3K1BTVCszK1FDaW5RMVpJWkZXU04yNGhIV2VKeGF0cHhvK1J0S3h1dDZiSWxxQTl0SXJWSHc9PQ==&i=a9p496q92mFWmqEr&placementId=c0331984bffc848baeccdfb1d0d07f0b
88.99.112.6302 Found 0 B URL HTTP/2 api.yadore.com/v2/r?e=MW5NL2UxWjkrWU1nWVdpeUN5eFY4UENGVGFwQUVhcC9MbjhGUUE1Y25SUGJQcGJjaG5rM1RwOVBvM2FqZ0IrdS9lYVZmTi9RVFd0ejcxSTlZUTNWbDVjSHdjcmkzeEJ1YWQrN0FyMC9SWHBrcllvRVNWbnFSekMrSjZIcGpGMVhhK0g0YWx2QUxvbFZjbERLa3hsR0FjVEhlcy8rQTZ4eUI1b0FtYU1KMWJOQS9UOUhJMmhjTCtwd0Z4b1p3Wkw4Lzl0SzdWbkdnOHhaK2FORlZxZlViUzdtQ2VEN20rdlNvOEhEaGsrQVA3NXhqRy91M2c4RWFLclh6RkVrcXhoNVNCQU1nTEU4M2luMHBXZzN0YXZDSThCa05Yb21OMFhSeGtIUkRyV0grZmd5MTVpU3VvaVlvenBYN0lWVnllNi9sZXdoNXNiSlBoemRkbHEvU1RqRENCakhMaG8wYUt2K2x1QlByMkdaUVFuNHcxZVM3K1BTVCszK1FDaW5RMVpJWkZXU04yNGhIV2VKeGF0cHhvK1J0S3h1dDZiSWxxQTl0SXJWSHc9PQ==&i=a9p496q92mFWmqEr&placementId=c0331984bffc848baeccdfb1d0d07f0b
IP 88.99.112.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/r?e=MW5NL2UxWjkrWU1nWVdpeUN5eFY4UENGVGFwQUVhcC9MbjhGUUE1Y25SUGJQcGJjaG5rM1RwOVBvM2FqZ0IrdS9lYVZmTi9RVFd0ejcxSTlZUTNWbDVjSHdjcmkzeEJ1YWQrN0FyMC9SWHBrcllvRVNWbnFSekMrSjZIcGpGMVhhK0g0YWx2QUxvbFZjbERLa3hsR0FjVEhlcy8rQTZ4eUI1b0FtYU1KMWJOQS9UOUhJMmhjTCtwd0Z4b1p3Wkw4Lzl0SzdWbkdnOHhaK2FORlZxZlViUzdtQ2VEN20rdlNvOEhEaGsrQVA3NXhqRy91M2c4RWFLclh6RkVrcXhoNVNCQU1nTEU4M2luMHBXZzN0YXZDSThCa05Yb21OMFhSeGtIUkRyV0grZmd5MTVpU3VvaVlvenBYN0lWVnllNi9sZXdoNXNiSlBoemRkbHEvU1RqRENCakhMaG8wYUt2K2x1QlByMkdaUVFuNHcxZVM3K1BTVCszK1FDaW5RMVpJWkZXU04yNGhIV2VKeGF0cHhvK1J0S3h1dDZiSWxxQTl0SXJWSHc9PQ==&i=a9p496q92mFWmqEr&placementId=c0331984bffc848baeccdfb1d0d07f0b HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Sun, 18 Dec 2022 07:38:33 GMT
location: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1671328059827&.sig=mvDk2BxPnkEiuBButbI3uiwSNoA-&affiliationId=96965886&comId=100476520&country=no&offerId=d84383d544d483524a0dcd55721c4b42&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=0f47df23d7ca033f32cb52506c393200e79a5616838e289eeb055ac1c1d8907b&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.26
X-Firefox-Spdy: h2
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a75b6c8b96540a3b7c9431f5edc965e59755b04ce23b8b3cd621c62d6d6fc59f0f3c6daa8174b97e22128a909f42e15d9761be5835d282bc943d7c8126b2d5596bbac413fbcca1fb021c5fe1ef22506cee7c8bc51249d1e659791100d1bbb3df21c42711c8479f4c3063cf2b5c262287bc3f2bfd2a9331164e924da21ce8ddc825f3cdcdb95a279fbf413a95cb7df763e326a6e2593ec8167bb26630eb842b077e2b88dbee2b305779ce7eed5d5babf8db22a4bbc152ece855db99a9509e7563c37e6e5519daa8ed1c849d3a3d488755ec7e2f097dc51cc1adb8b63d274fe4e4157e111d51938b17a31477711ab5a4aa05395d2f7b1a4800e9610dc526640e652b&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390&clickId=107698147_1671349113719_10814644&url=https%3A%2F%2Fgo.skousen.no%2Ft%2Ft%3Fa%3D1487384327%26as%3D1090656293%26t%3D2%26tk%3D1%26epi%3Ddc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390%26url%3Dhttps%3A%2F%2Fwww.skousen.no%2Fhvitevarer%2Fkombiskap%2Fkjoleskap-med-fryser%2Fproduct%2Fsmeg-fab28lcr5%2F
95.211.116.26303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a75b6c8b96540a3b7c9431f5edc965e59755b04ce23b8b3cd621c62d6d6fc59f0f3c6daa8174b97e22128a909f42e15d9761be5835d282bc943d7c8126b2d5596bbac413fbcca1fb021c5fe1ef22506cee7c8bc51249d1e659791100d1bbb3df21c42711c8479f4c3063cf2b5c262287bc3f2bfd2a9331164e924da21ce8ddc825f3cdcdb95a279fbf413a95cb7df763e326a6e2593ec8167bb26630eb842b077e2b88dbee2b305779ce7eed5d5babf8db22a4bbc152ece855db99a9509e7563c37e6e5519daa8ed1c849d3a3d488755ec7e2f097dc51cc1adb8b63d274fe4e4157e111d51938b17a31477711ab5a4aa05395d2f7b1a4800e9610dc526640e652b&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390&clickId=107698147_1671349113719_10814644&url=https%3A%2F%2Fgo.skousen.no%2Ft%2Ft%3Fa%3D1487384327%26as%3D1090656293%26t%3D2%26tk%3D1%26epi%3Ddc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390%26url%3Dhttps%3A%2F%2Fwww.skousen.no%2Fhvitevarer%2Fkombiskap%2Fkjoleskap-med-fryser%2Fproduct%2Fsmeg-fab28lcr5%2F
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a75b6c8b96540a3b7c9431f5edc965e59755b04ce23b8b3cd621c62d6d6fc59f0f3c6daa8174b97e22128a909f42e15d9761be5835d282bc943d7c8126b2d5596bbac413fbcca1fb021c5fe1ef22506cee7c8bc51249d1e659791100d1bbb3df21c42711c8479f4c3063cf2b5c262287bc3f2bfd2a9331164e924da21ce8ddc825f3cdcdb95a279fbf413a95cb7df763e326a6e2593ec8167bb26630eb842b077e2b88dbee2b305779ce7eed5d5babf8db22a4bbc152ece855db99a9509e7563c37e6e5519daa8ed1c849d3a3d488755ec7e2f097dc51cc1adb8b63d274fe4e4157e111d51938b17a31477711ab5a4aa05395d2f7b1a4800e9610dc526640e652b&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390&clickId=107698147_1671349113719_10814644&url=https%3A%2F%2Fgo.skousen.no%2Ft%2Ft%3Fa%3D1487384327%26as%3D1090656293%26t%3D2%26tk%3D1%26epi%3Ddc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390%26url%3Dhttps%3A%2F%2Fwww.skousen.no%2Fhvitevarer%2Fkombiskap%2Fkjoleskap-med-fryser%2Fproduct%2Fsmeg-fab28lcr5%2F HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1671328059827&.sig=mvDk2BxPnkEiuBButbI3uiwSNoA-&affiliationId=96965886&comId=100476520&country=no&offerId=d84383d544d483524a0dcd55721c4b42&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=0f47df23d7ca033f32cb52506c393200e79a5616838e289eeb055ac1c1d8907b&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=61ed0ghHXtaZMiEwDKCPfWJvL5dZA6zjZVhUvnHlpRtLzUOs2SwMru6amvA2wBbR8sw-VQ8ucP95LkXRDK7coXhEOaQA2QVCR52ltwW5ha8NFeWhXVTAz24mLJNvpJho; kelkooID=a4c6293-185242b9378-3a07b1; _ga=GA1.2.481603279.1671349110; _gid=GA1.2.1374620280.1671349110
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390
clickId: 107698147_1671349113719_10814644
country: no
Location: https://go.skousen.no/t/t?a=1487384327&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390&url=https://www.skousen.no/hvitevarer/kombiskap/kjoleskap-med-fryser/product/smeg-fab28lcr5/
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=2wE3uTGX~Y2K1B3rOW5Fbv6_KbvC7ZxU_7J1EDhFpvGFlIURZki7WRiyrnTSs8L~AeN0DjInhptVJ3eB0i37XVWm2Nnax3NSjOFxf0Ino7FWk6WNS711KiH9-u3PYCrz; Max-Age=31536000; Expires=Mon, 18 Dec 2023 07:38:34 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
X-DataDome: protected
Request-Time: PT0.017551S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Sun, 18 Dec 2022 07:38:34 GMT
Content-Length: 0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash deffdea2456f3ef4d0cc9a7e404db128
c9b77ebcd4d9d248130802f45ce6b412aeb9e9f5
4a14ae172ac72803fff9a8d767a8cd8998640bb53f69db0b9449566bfb2938c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A14AE172AC72803FFF9A8D767A8CD8998640BB53F69DB0B9449566BFB2938C7"
Last-Modified: Sun, 18 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 18 Dec 2022 13:38:34 GMT
Date: Sun, 18 Dec 2022 07:38:34 GMT
Connection: keep-alive
go.skousen.no/t/t?a=1487384327&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390&url=https://www.skousen.no/hvitevarer/kombiskap/kjoleskap-med-fryser/product/smeg-fab28lcr5/
13.49.53.120302 0 B URL HTTP/1.1 go.skousen.no/t/t?a=1487384327&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390&url=https://www.skousen.no/hvitevarer/kombiskap/kjoleskap-med-fryser/product/smeg-fab28lcr5/
IP 13.49.53.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/t?a=1487384327&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390&url=https://www.skousen.no/hvitevarer/kombiskap/kjoleskap-med-fryser/product/smeg-fab28lcr5/ HTTP/1.1
Host: go.skousen.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Cache-Control: no-cache
Access-Control-Allow-Origin: *
X-TraceId: 65d7af06-6d0a-4f4f-986a-248f3731dba3
Set-Cookie: at_gd=31F59D28D54B9DA47CE20693067967CCB16E9A88; Max-Age=94608000; Path=/; Domain=go.skousen.no; SameSite=None; Secure
Location: https://www.skousen.no/hvitevarer/kombiskap/kjoleskap-med-fryser/product/smeg-fab28lcr5/?utm_source=adtraction&utm_medium=affiliate&utm_campaign=Price comparison&utm_campaign=347127093&at_gd=31F59D28D54B9DA47CE20693067967CCB16E9A88
Transfer-Encoding: chunked
Date: Sun, 18 Dec 2022 07:38:33 GMT
Connection: close
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 10a3a852ef62dc4d4ccbbf6ff396688b
953e40775326102f6c3fc09a18a7039239df656f
30872c631302c914fc93b789892b200beb6284a3ba6753e1ee7f909a1231f2dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:38:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1671328059827%26.sig%3DmvDk2BxPnkEiuBButbI3uiwSNoA-%26affiliationId%3D96965886%26comId%3D100476520%26country%3Dno%26offerId%3Dd84383d544d483524a0dcd55721c4b42%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D0f47df23d7ca033f32cb52506c393200e79a5616838e289eeb055ac1c1d8907b%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100476520%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Skousen.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=481603279.1671349110&tid=UA-168544891-6&_gid=1374620280.1671349110&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390&cd3=100476520&cd4=a4c6293-185242b9378-3a07b1&cd5=&cd6=96965886%7C100476520%7C&z=490257317
142.250.74.110200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1671328059827%26.sig%3DmvDk2BxPnkEiuBButbI3uiwSNoA-%26affiliationId%3D96965886%26comId%3D100476520%26country%3Dno%26offerId%3Dd84383d544d483524a0dcd55721c4b42%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D0f47df23d7ca033f32cb52506c393200e79a5616838e289eeb055ac1c1d8907b%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100476520%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Skousen.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=481603279.1671349110&tid=UA-168544891-6&_gid=1374620280.1671349110&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390&cd3=100476520&cd4=a4c6293-185242b9378-3a07b1&cd5=&cd6=96965886%7C100476520%7C&z=490257317
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1671328059827%26.sig%3DmvDk2BxPnkEiuBButbI3uiwSNoA-%26affiliationId%3D96965886%26comId%3D100476520%26country%3Dno%26offerId%3Dd84383d544d483524a0dcd55721c4b42%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D0f47df23d7ca033f32cb52506c393200e79a5616838e289eeb055ac1c1d8907b%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100476520%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Skousen.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=481603279.1671349110&tid=UA-168544891-6&_gid=1374620280.1671349110&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1671349113725_4252390&cd3=100476520&cd4=a4c6293-185242b9378-3a07b1&cd5=&cd6=96965886%7C100476520%7C&z=490257317 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Sun, 18 Dec 2022 07:38:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 10a3a852ef62dc4d4ccbbf6ff396688b
953e40775326102f6c3fc09a18a7039239df656f
30872c631302c914fc93b789892b200beb6284a3ba6753e1ee7f909a1231f2dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:38:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0035aba572b5226c9781ecedb6e0abca
9203273e404a7c2c2d9afc116b453c5ad532f0d8
1560631f8d771002470a8b384e1b4db526c67435c223cd0ce80489e0b2466cf0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=101762
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:38:34 GMT
Etag: "639dadfc-118"
Expires: Mon, 19 Dec 2022 11:54:36 GMT
Last-Modified: Sat, 17 Dec 2022 11:54:36 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 430dfc43e7b8c7da8bc1893247b445dd
f2710fd87f9923b06e70b9dc66e6d9d62775d57b
deb62ccbdd21d34ae7c76dda3d8f25d50d7198ba09f5254a8a14e8cde44e32f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5904
Cache-Control: max-age=137230
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:38:35 GMT
Etag: "639e217a-116"
Expires: Mon, 19 Dec 2022 21:45:45 GMT
Last-Modified: Sat, 17 Dec 2022 20:07:22 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 430dfc43e7b8c7da8bc1893247b445dd
f2710fd87f9923b06e70b9dc66e6d9d62775d57b
deb62ccbdd21d34ae7c76dda3d8f25d50d7198ba09f5254a8a14e8cde44e32f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5904
Cache-Control: max-age=137230
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:38:35 GMT
Etag: "639e217a-116"
Expires: Mon, 19 Dec 2022 21:45:45 GMT
Last-Modified: Sat, 17 Dec 2022 20:07:22 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 430dfc43e7b8c7da8bc1893247b445dd
f2710fd87f9923b06e70b9dc66e6d9d62775d57b
deb62ccbdd21d34ae7c76dda3d8f25d50d7198ba09f5254a8a14e8cde44e32f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5904
Cache-Control: max-age=137230
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:38:35 GMT
Etag: "639e217a-116"
Expires: Mon, 19 Dec 2022 21:45:45 GMT
Last-Modified: Sat, 17 Dec 2022 20:07:22 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 430dfc43e7b8c7da8bc1893247b445dd
f2710fd87f9923b06e70b9dc66e6d9d62775d57b
deb62ccbdd21d34ae7c76dda3d8f25d50d7198ba09f5254a8a14e8cde44e32f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1883
Cache-Control: max-age=133210
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:38:35 GMT
Etag: "639e217a-116"
Expires: Mon, 19 Dec 2022 20:38:45 GMT
Last-Modified: Sat, 17 Dec 2022 20:07:22 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 430dfc43e7b8c7da8bc1893247b445dd
f2710fd87f9923b06e70b9dc66e6d9d62775d57b
deb62ccbdd21d34ae7c76dda3d8f25d50d7198ba09f5254a8a14e8cde44e32f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3647
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:38:35 GMT
Etag: "639e217a-116"
Last-Modified: Sun, 18 Dec 2022 06:37:48 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
images2.wagcdn.com/f/frontend/skousen/no/matcher-netpris-2.png
104.26.2.210200 OK 74 kB URL HTTP/2 images2.wagcdn.com/f/frontend/skousen/no/matcher-netpris-2.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8fab0c232163e96c8a681ad077e05194
47ee2d2d76924bf65cbc5d4d032853aea6f89648
a8d20f5ddd4a6a902d8bb9dc6cf4921fa0d0aa657298a9d95be3f7e5cf5f4cf9
GET /f/frontend/skousen/no/matcher-netpris-2.png HTTP/1.1
Host: images2.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 73890
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=115667
content-disposition: inline; filename="matcher-netpris-2.webp"
expires: Sun, 15 Jan 2023 18:51:01 GMT
last-modified: Tue, 20 Apr 2021 01:31:17 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 218854
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLnNCM6TXikTGSalKguU4g2Z2Q3XGRIn0aloQGSnpsqeJn%2BV4fgkSYxk4cBmVl8obCd3XhDOCUerxXcV%2FrZsbVXZH62ekYkOLyA7jytuA91wW3Sk16tCkNMcuc0andBhfMsqew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d634bafb50c-OSL
X-Firefox-Spdy: h2
images2.wagcdn.com/f/frontend/skousen/no/follow-us-footer-text.png
104.26.2.210200 OK 970 B URL HTTP/2 images2.wagcdn.com/f/frontend/skousen/no/follow-us-footer-text.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 48e003ef86d40b20d34c28253ec90db9
0fbba88b73f0bc4abe4f49b22f724eab47e63cd2
adb6a0ce0390a104c9ea828783aa90102c6925a9c2c054fe7484ff343611b067
GET /f/frontend/skousen/no/follow-us-footer-text.png HTTP/1.1
Host: images2.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 970
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2741
content-disposition: inline; filename="follow-us-footer-text.webp"
expires: Sun, 15 Jan 2023 18:48:19 GMT
last-modified: Wed, 01 Apr 2020 16:40:58 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 219016
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BAK%2BHWQy1KJYQk6xdUhTQBMoSImwOUnA5HoQIvorR%2BYgCfHL5l7Fn%2FSJ14hhcBFOimYjBzh00FTFO9cImlU%2FhOMTXQdmfBM6hELC36F77uQ5657i65FEums6QL6PT%2F6h3R8FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d634bb2b50c-OSL
X-Firefox-Spdy: h2
images2.wagcdn.com/70/70/fill/p//pimberly/FAB28LCR5-6113db318b0dec4fe300027d.png
104.26.2.210200 OK 1.4 kB URL HTTP/2 images2.wagcdn.com/70/70/fill/p//pimberly/FAB28LCR5-6113db318b0dec4fe300027d.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e501e47cc4ca46b677df9bb9557128fa
136f67611d04a6a194ab0ed25348ed6693d263f8
b3f1de7761a97edc7fd2dd8a5c73bf52e7796606191f1d0d23e8e7dbab0948bd
GET /70/70/fill/p//pimberly/FAB28LCR5-6113db318b0dec4fe300027d.png HTTP/1.1
Host: images2.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 1446
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1904
content-disposition: inline; filename="FAB28LCR5-6113db318b0dec4fe300027d.webp"
expires: Thu, 12 Jan 2023 17:18:42 GMT
last-modified: Wed, 11 Aug 2021 14:15:43 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 483593
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZTachmvbXMddsDb7Er%2BLby4IKmo3Ex4sk3csVAjIjB9IYWXAUag21rtM%2BUZykGanqaROOhAfI8EtAUWulEt4aHEPUk7fhEB%2F8jpgJjRIz2Fb9GKJXwyeMJ6xPSTtDC29etyDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d634bb3b50c-OSL
X-Firefox-Spdy: h2
images2.wagcdn.com/60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe3000277.png
104.26.2.210200 OK 3.2 kB URL HTTP/2 images2.wagcdn.com/60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe3000277.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bb2bd89d488771dd5f0abc5a0057b523
b5eecb14631e9fb8aaa2eff2f431dde17fa731c2
9e9f455770fb8f04ce6f082612660533e6785c4876a1c9726b4afa58c7e5555e
GET /60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe3000277.png HTTP/1.1
Host: images2.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 3178
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3920
content-disposition: inline; filename="FAB28LCR5-6113db318b0dec4fe3000277.webp"
expires: Tue, 17 Jan 2023 21:57:55 GMT
last-modified: Wed, 11 Aug 2021 14:15:45 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 34840
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmSB3du4FYrloYo8uvDrmE3dsflC4yz31lQwfUDkL1rnScGmi%2FzufF9TTCM4hU8vjdOS0IxrTCLzeF4nkK7E7FcGT6VSbJA0nJixeYJrXjJrdVvlU0PXt1FAQG1xFcVqLhbQHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d634bb4b50c-OSL
X-Firefox-Spdy: h2
images2.wagcdn.com/60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe3000276.png
104.26.2.210200 OK 5.1 kB URL HTTP/2 images2.wagcdn.com/60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe3000276.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 72ca36000aa3377dcc7afbb0a6c61e14
3e2f8cd5c9cd3e7838d20cb46ab47bd5502873ce
a67729df3a1086e26973200f465f6121494388e02b82cb17affa9b5519f90f81
GET /60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe3000276.png HTTP/1.1
Host: images2.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 5144
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6996
content-disposition: inline; filename="FAB28LCR5-6113db318b0dec4fe3000276.webp"
expires: Tue, 17 Jan 2023 21:57:55 GMT
last-modified: Wed, 11 Aug 2021 14:15:44 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 34840
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPDsWlMxaHirpa7yUFe8atmnHL9opmwSSQo3BQessYPVjN%2FipUsJZZj2jhl7CJow8sCTH3im%2FRi%2FmktIxW6COurPkIxCq2Pb97AIWyJ2PQO8Z%2FzD9tHoplaW%2BKNoD7dunmt39g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d634bb5b50c-OSL
X-Firefox-Spdy: h2
images2.wagcdn.com/60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe300027a.png
104.26.2.210200 OK 1.9 kB URL HTTP/2 images2.wagcdn.com/60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe300027a.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 99cd68bfa16cddd91c5383923f6110ad
d3924766ef771fe003c48ff8a71d8d906b4294d5
577cf85f032424bc0203c0a743a9959da1024f47a0d09c50dfdc0fa219c14d4a
GET /60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe300027a.png HTTP/1.1
Host: images2.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 1868
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2403
content-disposition: inline; filename="FAB28LCR5-6113db318b0dec4fe300027a.webp"
expires: Tue, 17 Jan 2023 21:57:55 GMT
last-modified: Wed, 11 Aug 2021 14:15:44 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 34840
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGobBmW6EAaquX6MLX%2BIjJs9wPt7NDTtcyNPVZjvGL%2BILgAq2MXzi8qnzN7ArQMYj2xnUXU%2BFQnuGDgEkB1fdpv47O%2Bd63P8%2FDT%2B1OSjQgx4yC7ZLtlGhnq4FAvmk35rXjH%2FyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d634bb7b50c-OSL
X-Firefox-Spdy: h2
images2.wagcdn.com/60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe3000278.png
104.26.2.210200 OK 2.7 kB URL HTTP/2 images2.wagcdn.com/60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe3000278.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash df2604f1ec427ff3004f04a1f74599a9
fc1875a9729e43f2c5514cfcc68159fe4da84933
04e2e37a8120854cd47c81ace0ed776724b3642f2252c62838daabcda5447b98
GET /60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe3000278.png HTTP/1.1
Host: images2.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 2684
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3546
content-disposition: inline; filename="FAB28LCR5-6113db318b0dec4fe3000278.webp"
expires: Tue, 17 Jan 2023 21:57:55 GMT
last-modified: Wed, 11 Aug 2021 14:15:44 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 34840
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4hUvf2hSUv9xB0SwdCGhe0N1W8yC3eSW6fXsYht4%2BTso0WNsf0KXSTzvmRZnEiAJNYUa38kWmorJkIrEwPyrg2cL8CZiSqkDJJZc9f6smawvOTnmoeUTuvt8QgWrsjLE2JzfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d634bb9b50c-OSL
X-Firefox-Spdy: h2
images2.wagcdn.com/f/manufactor-logos/smeg.png
104.26.2.210200 OK 1.5 kB URL HTTP/2 images2.wagcdn.com/f/manufactor-logos/smeg.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e655a7aebe63540d3a811950c6c88987
aef45ae831ba14816c9c11adc8ee8ebe567474ac
9191e2603fd4bb7a04477a2fe574b6d7dbeac0bec00adf48c418bd5e7c725227
GET /f/manufactor-logos/smeg.png HTTP/1.1
Host: images2.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 1482
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4230
content-disposition: inline; filename="smeg.webp"
expires: Sun, 15 Jan 2023 19:20:57 GMT
last-modified: Wed, 01 Apr 2020 16:51:05 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 217057
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DTakAUNpEKtoBO9jrAqaRjKZkGCSvbCcARGhKwuIt94AV7%2FkneEx%2B3WbVdQ6dNFTZPEyNyAQuVvVO3Gf4H4e7ht%2BwBy%2Brp0KkhSicrx%2F3hmCGzmf81zU5ernKehYgTlzzg9kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d634bbeb50c-OSL
X-Firefox-Spdy: h2
images2.wagcdn.com/60/60/fill/p//pimberly/FAB28LCR5-6113db318b0dec4fe300027d.png
104.26.2.210200 OK 1.1 kB URL HTTP/2 images2.wagcdn.com/60/60/fill/p//pimberly/FAB28LCR5-6113db318b0dec4fe300027d.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f108973c3fce233196ffc7e9371f8d96
d3c5867c67b6398242c61267398f1f8ceaf06c4b
94499e955cf687540de414d7e98de87442b3780292ddd4d0646268455e674f07
GET /60/60/fill/p//pimberly/FAB28LCR5-6113db318b0dec4fe300027d.png HTTP/1.1
Host: images2.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 1142
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1527
content-disposition: inline; filename="FAB28LCR5-6113db318b0dec4fe300027d.webp"
expires: Tue, 17 Jan 2023 21:57:55 GMT
last-modified: Wed, 11 Aug 2021 14:15:43 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 34840
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1F18UH%2BKj1TKu4wUn%2BgpDoVTRyfRc2bCrleAtUwjaDWuj4odj3IIIp3TQnyTDVFDoixbyXLUzxDPms4SEs3cvFKYWkRfp9NAtMYzyB1VYOaB9eVPJRlor9MAQq1Rw6MF6rOdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d634bc1b50c-OSL
X-Firefox-Spdy: h2
images2.wagcdn.com/60/60/fill/p//pimberly/FAB28LCR5-6113db318b0dec4fe3000279.png
104.26.2.210200 OK 2.2 kB URL HTTP/2 images2.wagcdn.com/60/60/fill/p//pimberly/FAB28LCR5-6113db318b0dec4fe3000279.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2728e39808838882ac0f2f271f647730
7e98e7e8f275699fe40e9e95a17e4c72dc46de10
bf205b43ce1b6e8c63491cc1d3a0031403b2011321dc98aae5c7426ebbadcd07
GET /60/60/fill/p//pimberly/FAB28LCR5-6113db318b0dec4fe3000279.png HTTP/1.1
Host: images2.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 2238
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3342
content-disposition: inline; filename="FAB28LCR5-6113db318b0dec4fe3000279.webp"
expires: Mon, 16 Jan 2023 13:33:40 GMT
last-modified: Wed, 11 Aug 2021 14:15:44 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 151495
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Th7GcuCBntkqv1BK4ulm5Or6kEX6A0ZZN9HDz%2Br%2B3wwUxAiRxw12PSrlRYjHGiZK%2F5cAIAUiO6aqKXe7JqekIbIRBAv0qThxKd8hVUtAtAFK1codVp222GbdlBDU%2BFj3Uy9JkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d634bc3b50c-OSL
X-Firefox-Spdy: h2
images2.wagcdn.com/60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe300027c.png
104.26.2.210200 OK 860 B URL HTTP/2 images2.wagcdn.com/60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe300027c.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 93ccb489917e64cb633e4b558d6f30fd
6eb9260268c3fd0d4d3c98abbd79d458834d1981
12f358f950d8e53e7adbc02c4b90637c1c126232670c8476a07603fbe0c44070
GET /60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe300027c.png HTTP/1.1
Host: images2.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 860
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1564
content-disposition: inline; filename="FAB28LCR5-6113db318b0dec4fe300027c.webp"
expires: Mon, 16 Jan 2023 13:33:40 GMT
last-modified: Wed, 11 Aug 2021 14:15:45 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 151495
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YV9GHaelNuBtB4xxSMoyIM1x8Cy0Dk0SMGpW%2BRgEDVFacTIr7mZLAE67iGSO3S%2BzmoC5LKsqd9WhMxYdICVPSfDtRJUv3k9UChQxNWXEV7%2B7Nv67x9KUXsyD5MFYNhE1Qfd5hA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d634bc6b50c-OSL
X-Firefox-Spdy: h2
images2.wagcdn.com/60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe300027b.png
104.26.2.210200 OK 3.1 kB URL HTTP/2 images2.wagcdn.com/60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe300027b.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f12f0ab04ef7681be699458ff4184280
eecef0d2f2c780e677de8c86f690153ce4b0661d
405a56e38944b549afbd8d447a2fba58ce683cc194de00ab47cf1eb2a9239014
GET /60/60/fill/p/pimberly/FAB28LCR5-6113db318b0dec4fe300027b.png HTTP/1.1
Host: images2.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 3062
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4167
content-disposition: inline; filename="FAB28LCR5-6113db318b0dec4fe300027b.webp"
expires: Mon, 16 Jan 2023 13:33:40 GMT
last-modified: Wed, 11 Aug 2021 14:15:46 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 151495
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7P9hAn0YIrjNAaClj7%2FNLJ1ftZzEnfpfu7pOgQ1R4fpDyEjXQK1V6e9VIwlgEILYY2nLpu%2FrQIkcYBWtLdss5z8PDolYWSdZshk942sjsECe4Mlqu2alIWgnwVtfsSEmNsTpUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d634bc2b50c-OSL
X-Firefox-Spdy: h2
images.wagcdn.com/260/156/fill/p/pimberly/AURO-352296-634d01d22419795dad00018f.jpeg
104.26.2.210200 OK 586 B URL HTTP/2 images.wagcdn.com/260/156/fill/p/pimberly/AURO-352296-634d01d22419795dad00018f.jpeg
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x156, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4a1d4972a0f6be9ffc0fa96c640ac208
9e37707cb58a0303413075c047b689ca9f228e22
e4b6af1d6054381c366a1877ef9af248d5eb6e1457903f64384ea65cc9509add
GET /260/156/fill/p/pimberly/AURO-352296-634d01d22419795dad00018f.jpeg HTTP/1.1
Host: images.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 586
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=1539
content-disposition: inline; filename="AURO-352296-634d01d22419795dad00018f.webp"
expires: Sun, 15 Jan 2023 18:51:51 GMT
last-modified: Mon, 17 Oct 2022 07:19:16 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 218804
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMGw5hW8gVgKYukZvju4mbz9NZIcxACmfDkvezr3%2Fpb7U%2BWdNbGe3Ux06ehaN5vM%2B6R5xdvz%2F%2BRGUjlHvM810iDlbL1AUQxcv%2BEnR8JKX9JfpUNy9sk4FIPpvS%2FSgl63NRDx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d635bc7b50c-OSL
X-Firefox-Spdy: h2
images2.wagcdn.com/f/frontend/skousen/no/matcher-netpris-2-mobile.png
104.26.2.210200 OK 21 kB URL HTTP/2 images2.wagcdn.com/f/frontend/skousen/no/matcher-netpris-2-mobile.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b2a051ecddfae9c7fd3b7d661b8330fb
4232ce9edc293d2191450941ff98c195eab43e38
c1945a0d6efd64e2ee09ae26f60b0c3dbc5452dce942c1ce456c1f81a36697ca
GET /f/frontend/skousen/no/matcher-netpris-2-mobile.png HTTP/1.1
Host: images2.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 20586
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=32691
content-disposition: inline; filename="matcher-netpris-2-mobile.webp"
expires: Sun, 15 Jan 2023 19:37:55 GMT
last-modified: Tue, 20 Apr 2021 01:31:17 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 216040
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9lcKQEUJS2o11KXNrq5%2B9m2Tn8tqwa2wASbapNyBuzS8k88weXZJ3BCByzt3KFkFTZsd9cpk1uXTYGXsMjfqYyxIih8qP3Dnp3T7bv8OZR8o3P1UmEjrWqmlQ9K%2BRxZ1jC92A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d634bbcb50c-OSL
X-Firefox-Spdy: h2
images.wagcdn.com/80/80/fill/p//pimberly/FAB28LCR5-6113db318b0dec4fe300027d.png
104.26.2.210200 OK 1.8 kB URL HTTP/2 images.wagcdn.com/80/80/fill/p//pimberly/FAB28LCR5-6113db318b0dec4fe300027d.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1c9db84aee0941b5bd8128d89e804e5e
c1b8aa7f55a60ed87c351f6c6f6179f6410443ff
f230308c9eb960c3a44581e3eed62fa62a5788e3b16b1ab5eed509aef9cb57bb
GET /80/80/fill/p//pimberly/FAB28LCR5-6113db318b0dec4fe300027d.png HTTP/1.1
Host: images.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 1772
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2434
content-disposition: inline; filename="FAB28LCR5-6113db318b0dec4fe300027d.webp"
expires: Mon, 16 Jan 2023 13:33:40 GMT
last-modified: Wed, 11 Aug 2021 14:15:43 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 151495
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jp9lmRx8KpSqKjO1iMr030rEeTwe8gA%2BztPtfxxosQtpOMfl4bvBSNSw3eJMfza5To6b7pvZV2a7VgXKHDot9Agy3O3Zu8hVKMm7U70uI%2FUJ3CU3Wcl8LGyOipBJ4YdFx714"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d635bcab50c-OSL
X-Firefox-Spdy: h2
images.wagcdn.com/f/design/skouno/logo_retina.png
104.26.2.210200 OK 29 kB URL HTTP/2 images.wagcdn.com/f/design/skouno/logo_retina.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b659f483d5301cc040c485dbeaf9d7d3
9001d1fd8257d24d471bcbd59ba943eaf6825fd8
000b110625a7d0db79f91f38c4ce2594a72e89703fdf6046c84e6dc793b275dc
GET /f/design/skouno/logo_retina.png HTTP/1.1
Host: images.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 28560
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=43976
content-disposition: inline; filename="logo_retina.webp"
expires: Sun, 15 Jan 2023 19:30:44 GMT
last-modified: Wed, 01 Apr 2020 16:37:45 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 216471
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0YNFMiySOKSrMgKloV0JCCWW2ZQqIeFUCTfrDljqQxcWx4%2BivHt4r9Rrhch%2FBQtFJb4W9kfkRzy8M15UJTXUVQiw8rE0%2FmgfzVc28SneCDbQmUEILd5FhLV8BcjdqHRZDOl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d635bc9b50c-OSL
X-Firefox-Spdy: h2
images.wagcdn.com/260/156/fill/p/pimberly/AURO-352794-5eee44902f82fa001e78302a.png
104.26.2.210200 OK 10 kB URL HTTP/2 images.wagcdn.com/260/156/fill/p/pimberly/AURO-352794-5eee44902f82fa001e78302a.png
IP 104.26.2.210:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c2a8a32861bd9d49b47376011218256d
9a25907091f5e4a72691a679a02b4151a103d17e
29558e9131507b257e477e27279cac4b31a2a603082e22e9f758dc08f8bcaa44
GET /260/156/fill/p/pimberly/AURO-352794-5eee44902f82fa001e78302a.png HTTP/1.1
Host: images.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/webp
content-length: 10004
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=16556
content-disposition: inline; filename="AURO-352794-5eee44902f82fa001e78302a.webp"
expires: Sun, 15 Jan 2023 18:34:59 GMT
last-modified: Tue, 28 Sep 2021 11:56:55 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 219816
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWmNwqAARCQJ%2Bn0uvbnxFhGsAXcw%2ByBO%2BZSduLNw8PHiBHU%2BZonLWcsxd4chKJgAz%2BA0R%2FP27WvbbCuRzs6xontHn11nyuzPLgeG9px254cCm8isU8px4cCaA%2Fp6O43X%2FRMH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d635bc8b50c-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash c8140b21de71d48bdf58fd815784f60a
476898f4c04e18bed6fc5fdebf5adbb5ad01af9a
0a44da7885e563101859a77d9f2a0bc9e9dd91351d77076e52d0fbc680814d41
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149478
Date: Sun, 18 Dec 2022 07:38:35 GMT
Etag: "639e5f48-1d7"
Expires: Tue, 20 Dec 2022 01:09:53 GMT
Last-Modified: Sun, 18 Dec 2022 00:31:04 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Rl79uNWGhqvff8V38Gi2awmj3miv-eF3lxcrxD5P9UExy9MgtCH-ag==
Age: 2329
zipcode-module-bucket-prod.s3.eu-central-1.amazonaws.com/zipcode.css
3.5.134.152200 OK 2.1 kB URL HTTP/1.1 zipcode-module-bucket-prod.s3.eu-central-1.amazonaws.com/zipcode.css
IP 3.5.134.152:0
File type ASCII text, with very long lines (2020)
Hash 56eb5960ffba8cfdc1ac5c0f19f5a7fd
8e41599fdc6d2ca12f385b79c32bf4b9fd2c8ca9
99b0802f5cb14e941b2ed0dc5e5f4bc2d8629d716f2de8c26fc27d70934499e6
GET /zipcode.css HTTP/1.1
Host: zipcode-module-bucket-prod.s3.eu-central-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: z0Qj5V63kHgtZdayiJSPqXH/uNMrb8EMFYZFppHAsSUzwsHke4rNEQq1ysyhJ3mRnWiAwZQiaMI0lkTv4lPWng==
x-amz-request-id: M6N8DMTE8B48KBXH
Date: Sun, 18 Dec 2022 07:38:36 GMT
Last-Modified: Fri, 10 Dec 2021 13:39:40 GMT
ETag: "56eb5960ffba8cfdc1ac5c0f19f5a7fd"
x-amz-version-id: ZWbNi9gqk8b1eFWMAJgT0t8U9e4JxVSp
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 2084
images2.wagcdn.com/290/x/p//pimberly/FAB28LCR5-6113db318b0dec4fe3000281.png.jpg
104.26.2.210200 OK 44 kB URL HTTP/2 images2.wagcdn.com/290/x/p//pimberly/FAB28LCR5-6113db318b0dec4fe3000281.png.jpg
IP 104.26.2.210:0
File type PNG image data, 290 x 577, 8-bit/color RGBA, non-interlaced\012- data
Hash 7d892d039f73ec4c5dede3e7faed1416
5b922f1060ed7db86b477edb8d2b5b517cac38ad
7162d2597c5b0d2a515b59ee39a507b6b78ca6ce5c3642ba0fd542d908b545f8
GET /290/x/p//pimberly/FAB28LCR5-6113db318b0dec4fe3000281.png.jpg HTTP/1.1
Host: images2.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: image/jpeg
content-length: 43992
pragma: public
cache-control: max-age=2678400, public
expires: Wed, 18 Jan 2023 07:38:35 GMT
last-modified: Wed, 11 Aug 2021 14:15:46 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTQ7XeGrpe4L4W8pTCtIbYFZiztW96SDfaemIIQ%2BL1ehsOaAP2FDONkPzUNEB%2FPfBHMbo6L%2F170yP7n6cWoe%2Fc04eYX9xtTjUM45NfIF78DOIZLNvEImO2Y6pzzjhJtgGA%2FVjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b63d634bc4b50c-OSL
X-Firefox-Spdy: h2
www.skousen.no/hvitevarer/kombiskap/kjoleskap-med-fryser/product/smeg-fab28lcr5/?utm_source=adtraction&utm_medium=affiliate&utm_campaign=Price%20comparison&utm_campaign=347127093&at_gd=31F59D28D54B9DA47CE20693067967CCB16E9A88
172.67.74.253200 OK 126 kB URL HTTP/2 www.skousen.no/hvitevarer/kombiskap/kjoleskap-med-fryser/product/smeg-fab28lcr5/?utm_source=adtraction&utm_medium=affiliate&utm_campaign=Price%20comparison&utm_campaign=347127093&at_gd=31F59D28D54B9DA47CE20693067967CCB16E9A88
IP 172.67.74.253:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7856), with CRLF, LF line terminators
Size 126 kB (126086 bytes)
Hash 058d50967d3e3968bb824372e4b6fb74
02051888349939483e367bdbec68a8a24919544f
a518fa0d76fb9fe28a1d4a0145cb4580e8db7934c839e28eedc2a680de4252bb
GET /hvitevarer/kombiskap/kjoleskap-med-fryser/product/smeg-fab28lcr5/?utm_source=adtraction&utm_medium=affiliate&utm_campaign=Price%20comparison&utm_campaign=347127093&at_gd=31F59D28D54B9DA47CE20693067967CCB16E9A88 HTTP/1.1
Host: www.skousen.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=1syfKE1qibcQmDCDhVy6p4QFUbTdt0m86nLC27TRsK7FdIS/+lb/Ja479FrqqExwV+KJdjT3kpxzdjeFuKC4BmHDDQiVDc3nKESYgx07FYPutyIPhhDXDXWvUG2B; Expires=Sun, 25 Dec 2022 07:38:34 GMT; Path=/
AWSALBCORS=1syfKE1qibcQmDCDhVy6p4QFUbTdt0m86nLC27TRsK7FdIS/+lb/Ja479FrqqExwV+KJdjT3kpxzdjeFuKC4BmHDDQiVDc3nKESYgx07FYPutyIPhhDXDXWvUG2B; Expires=Sun, 25 Dec 2022 07:38:34 GMT; Path=/; SameSite=None
RelewiseId=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BORIKSG9eM2mOwmDez0vVH3lPziKqUYzGEuSoox0ctt4VUUOAGWXe4K2PuSqvYokxzbDkvRWixaauFX2kESEXCkdzhF01%2FJk5yOGRCzccL2hD4nWwHjQf3DASjR3lj7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d5edaa2b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Nunito
142.250.74.106200 OK 963 B URL HTTP/2 fonts.googleapis.com/css2?family=Nunito
IP 142.250.74.106:0
Hash aa752674942ac772830b2e017d46bf6a
1ea7058fd64f6c9a7870a69458776e9447889c06
98cba6a68cc4b99c4df996a1c57416d72a2bb3c722de575cca86cc5f762b2d1e
GET /css2?family=Nunito HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zipcode-module-bucket-prod.s3.eu-central-1.amazonaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Dec 2022 07:38:35 GMT
date: Sun, 18 Dec 2022 07:38:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
policy.app.cookieinformation.com/uc.js
152.199.21.175200 OK 11 kB URL HTTP/2 policy.app.cookieinformation.com/uc.js
IP 152.199.21.175:0
File type Unicode text, UTF-8 text, with very long lines (33315), with no line terminators
Hash 1daa6fac288f313bd8259a15620e93a2
6cc7b1244182d7d00d1464006aa5eb1817fd91df
3d214ddc2ebd7cd44d079361f3662697ead14836c05ae59afc3f51df5922b36f
GET /uc.js HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 235
cache-control: max-age=300
content-md5: MYYKq2p56pWUQuWDOioz6A==
content-type: application/javascript
date: Sun, 18 Dec 2022 07:38:36 GMT
etag: 0x8DAC63B0E0D8AF8
expires: Sun, 18 Dec 2022 07:43:36 GMT
last-modified: Mon, 14 Nov 2022 12:23:36 GMT
server: ECAcc (ska/F74D)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: d2e589d9-701e-0027-5db3-122f89000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 10635
X-Firefox-Spdy: h2
policy.app.cookieinformation.com/cookiesharingiframe.html
152.199.21.175200 OK 2.8 kB URL HTTP/2 policy.app.cookieinformation.com/cookiesharingiframe.html
IP 152.199.21.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8796), with no line terminators
Hash 464df94556dbd1a2739263fcab4816f1
97697bd4140c79cca4db296ec880986a93c850db
0a9398fe42c23368200c4a6b0daa74d62666f507b3792ea43e333cf117d22e53
GET /cookiesharingiframe.html HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 194
cache-control: max-age=300
content-md5: xqkKVmywb8mz//pJblCHTA==
content-type: text/html
date: Sun, 18 Dec 2022 07:38:36 GMT
etag: 0x8DAC63B0D415222
expires: Sun, 18 Dec 2022 07:43:36 GMT
last-modified: Mon, 14 Nov 2022 12:23:35 GMT
server: ECAcc (ska/F754)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 7e4074bf-f01e-0016-41b3-12ce9a000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 2809
X-Firefox-Spdy: h2
policy.app.cookieinformation.com/cookie-data/skousen.no/cabl.json
152.199.21.175200 OK 597 B URL HTTP/2 policy.app.cookieinformation.com/cookie-data/skousen.no/cabl.json
IP 152.199.21.175:0
File type JSON data\012- , ASCII text, with very long lines (3334), with no line terminators
Hash 3470970a86cb1171697f626b33e0e81e
3b57b9e42b495467b49b26e7a52b628552f29e95
b66137d8c6610d7dad0a3e73585711b715fc73dd397f674785ba43fc23fb159a
GET /cookie-data/skousen.no/cabl.json HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.skousen.no
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 290
cache-control: max-age=300
content-md5: 8VraAzNsYggbNT52kfqaQA==
content-type: application/json
date: Sun, 18 Dec 2022 07:38:36 GMT
etag: 0x8DAD8D96ABE860F
expires: Sun, 18 Dec 2022 07:43:36 GMT
last-modified: Thu, 08 Dec 2022 05:02:33 GMT
server: ECAcc (ska/F6C2)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: b7b02669-001e-0094-2eb3-128f24000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 597
X-Firefox-Spdy: h2
policy.app.cookieinformation.com/9e5f1e/skousen.no/nb.js
152.199.21.175200 OK 16 kB URL HTTP/2 policy.app.cookieinformation.com/9e5f1e/skousen.no/nb.js
IP 152.199.21.175:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (65391)
Hash ec5cf4a58a36bc0dc7fbf3ca968a23f9
3d56f501852b7cdbc18c2894ac071145254fb953
7a1eaa5bae4380b9f5b71523fd5df5466f1ef2f317b01ca008f20f00b9e79e17
GET /9e5f1e/skousen.no/nb.js HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 290
cache-control: max-age=300
content-md5: ewTTtd0UJMCz/rJ9ZGRoOw==
content-type: application/javascript
date: Sun, 18 Dec 2022 07:38:36 GMT
etag: 0x8DAD8D96AC64D60
expires: Sun, 18 Dec 2022 07:43:36 GMT
last-modified: Thu, 08 Dec 2022 05:02:33 GMT
server: ECAcc (ska/F76B)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f578cf1f-801e-0041-31b3-1260a9000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 16161
X-Firefox-Spdy: h2
unpkg.com/react@17.0.1/umd/react.production.min.js
104.16.123.175200 OK 5.2 kB URL HTTP/2 unpkg.com/react@17.0.1/umd/react.production.min.js
IP 104.16.123.175:0
File type ASCII text, with very long lines (544)
Hash c3205a697395acd76b5d2c3d11d040ff
5f137f0407d6950165c20079c45a797863fc12eb
8395e9e3f12912aecb57b1b92c4a03647fe39046962b15242014c5846443d4e7
GET /react@17.0.1/umd/react.production.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.skousen.no
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:36 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"2cb0-bI0FRVZ0hpPwV3HmpuJgeQ4hPVk"
via: 1.1 fly.io
fly-request-id: 01G4XH22PD9ZKC2HQCAFMP2QRG-fra
cf-cache-status: HIT
age: 16795742
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77b63d67d939b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-TNG3SC
142.250.74.168200 OK 92 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TNG3SC
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (45970)
Hash b86c99cb665507772098056be9a98013
184dbce95bf3edf6fe517a6556b9b098852b40a6
bbed39e54626053fa287df2ca18189c61c27203c834ab2b1789b7fe349e8c4c4
GET /gtm.js?id=GTM-TNG3SC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Dec 2022 07:38:36 GMT
expires: Sun, 18 Dec 2022 07:38:36 GMT
cache-control: private, max-age=900
last-modified: Sun, 18 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92547
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NG6N64X
142.250.74.168200 OK 95 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NG6N64X
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (39544)
Hash 4dd311dcc73e62307c1136b712109f43
1ca5c5ebf582bfe8624e64c501ca9e1c3c31137a
c3f7745b4dce65d4e96cd40d12f2ca209d80cd048a2ad72200316483f8215ac5
GET /gtm.js?id=GTM-NG6N64X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Dec 2022 07:38:36 GMT
expires: Sun, 18 Dec 2022 07:38:36 GMT
cache-control: private, max-age=900
last-modified: Sun, 18 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 95411
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unpkg.com/prop-types@15.7.2/prop-types.min.js
104.16.123.175200 OK 82 kB URL HTTP/2 unpkg.com/prop-types@15.7.2/prop-types.min.js
IP 104.16.123.175:0
File type ASCII text, with very long lines (1763), with no line terminators
Hash c18bb3e3bbfb6b79ea2da8f8a2941f2b
c2deac32bfef26ee5d61059459cf52d3ee927bfb
9fc7fdd2247e4d8c90865068ef048517499c861ebd7e1d08950144eb7cff8054
GET /prop-types@15.7.2/prop-types.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.skousen.no
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:36 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Wed, 13 Feb 2019 20:11:21 GMT
etag: W/"6e3-FdOphQHe1m12PwtWQ9DQhpIrVk8"
via: 1.1 fly.io
fly-request-id: 01GM9C80P3YHP6XB8JF1KD3Y6Q-fra
cf-cache-status: HIT
age: 292002
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77b63d691a9ab4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
assets.wagcdn.com/shop/e5126d3c-d225-4577-a72f-914c5aa2920e/build/shared/shared_vip_aec0f06cdf9e47a28ed98aa87635f0db.js
104.26.2.210200 OK 37 kB URL HTTP/2 assets.wagcdn.com/shop/e5126d3c-d225-4577-a72f-914c5aa2920e/build/shared/shared_vip_aec0f06cdf9e47a28ed98aa87635f0db.js
IP 104.26.2.210:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f08524ee1c5eac0772c4d46c6a3e4ca7
083109141734d30e1717f6bb80bb9282778642e8
b0c1c595d9918357154ee54fc92ae00ce6863ae18c1bd1b7fc9006e1757af1b0
GET /shop/e5126d3c-d225-4577-a72f-914c5aa2920e/build/shared/shared_vip_aec0f06cdf9e47a28ed98aa87635f0db.js HTTP/1.1
Host: assets.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.skousen.no
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:36 GMT
content-type: text/javascript
x-amz-id-2: flE4YqZpUB5SZsX15KDpw0ltfq6rY+dH0E/sPoxOcV+2JzH+EKj5FwetqE8MH2yWATYstEFbCuw=
x-amz-request-id: QH7AFTF6KGCWKJDN
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 16 Dec 2022 12:11:42 GMT
x-amz-expiration: expiry-date="Sun, 17 Dec 2023 00:00:00 GMT", rule-id="Delete assets after a year"
etag: W/"aec0f06cdf9e47a28ed98aa87635f0db"
cf-cache-status: HIT
age: 156181
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20iP4wgPRiKHYdR%2FGyvLlHLmdbCuM2S8JJReCPwVWYo03ZKD%2BfSfb2PrQLgyiSXNXjv6E8im5j1EqZ0IxkNZLfIFEcgt39bANOp6jfLx0oMLLjpU0ylkesw%2Fdusm7qTiScWS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d6a3907b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:38:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:38:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:38:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.skousen.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 18:52:41 GMT
expires: Tue, 12 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 477955
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:38:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
142.250.74.35200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.skousen.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:15 GMT
expires: Sat, 16 Dec 2023 13:33:15 GMT
cache-control: public, max-age=31536000
age: 151521
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
142.250.74.35200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 14060, version 1.0\012- data
Hash aacf0f4f8b5d693087b4d8ac6c86d2ae
ad06f3ffd0db6034eb0a12f98aa8aa4dead430fb
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
GET /s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.skousen.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14060
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 07:31:31 GMT
expires: Sat, 16 Dec 2023 07:31:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:44:57 GMT
content-type: font/woff2
age: 173225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assets.wagcdn.com/shop/e5126d3c-d225-4577-a72f-914c5aa2920e/build/skousen/skousen.js
104.26.2.210200 OK 114 kB URL HTTP/2 assets.wagcdn.com/shop/e5126d3c-d225-4577-a72f-914c5aa2920e/build/skousen/skousen.js
IP 104.26.2.210:0
File type Unicode text, UTF-8 text, with very long lines (65336), with no line terminators
Size 114 kB (114463 bytes)
Hash e46b42579f497359ba66a0fb7c03446e
fd65498f0e4a965057a5ae33e3ce9b3278a8c15e
59370387393d549a79311348306570d69e2f432e63567b3c40ca42163a115393
GET /shop/e5126d3c-d225-4577-a72f-914c5aa2920e/build/skousen/skousen.js HTTP/1.1
Host: assets.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.skousen.no
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:36 GMT
content-type: text/javascript
x-amz-id-2: B/CVhfIGiceRn1J+HUyWs5D8KvFpfVy/MWTL7UuGz6JGwwtef0efHiyt/UKxAyDYHQc8uDUOThc=
x-amz-request-id: QH7EGW5BTZF389QP
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 16 Dec 2022 12:11:42 GMT
x-amz-expiration: expiry-date="Sun, 17 Dec 2023 00:00:00 GMT", rule-id="Delete assets after a year"
etag: W/"cc232482d1cfd3d0e40753182383bbf5"
cf-cache-status: HIT
age: 156181
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bnf7NPiouwjSSIji7RNAw%2Fi1TCWXB8Q%2B5u9Y7Xohe02wrZxHGZk1q3U%2FU1LWC%2FajCXii9BY8rj1PCNNrkTALEXc48i6i2KNyBTarkYp4cV9hxjyjUveBqhgghkjDURcttCm5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d6a3908b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
142.250.74.35200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Hash 3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.skousen.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 18:56:07 GMT
expires: Tue, 12 Dec 2023 18:56:07 GMT
cache-control: public, max-age=31536000
age: 477749
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:38:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zipcode-module-bucket-prod.s3.eu-central-1.amazonaws.com/images/zipcode-icon.svg
3.5.134.152200 OK 3.4 kB URL HTTP/1.1 zipcode-module-bucket-prod.s3.eu-central-1.amazonaws.com/images/zipcode-icon.svg
IP 3.5.134.152:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3067)
Hash 5dfada74cc3c3c235bea093a5dae3f97
bfc118aeacee3bccd4f98582b97f5079615af10d
d41f67a5b1b088060cf3e8005ebca4f6270a771c7014d67a0b75544ad9c0239e
GET /images/zipcode-icon.svg HTTP/1.1
Host: zipcode-module-bucket-prod.s3.eu-central-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: CGMr6b6LTVczbNPSp0AXE75A84H5IhfCFxo3t6wS3RrYfD2d1tj2Vr8cBnqJ5SM0YryRDFZ5YvSFXmIZGWtraA==
x-amz-request-id: 36WSZE1Q9JF9ZS05
Date: Sun, 18 Dec 2022 07:38:37 GMT
Last-Modified: Fri, 10 Dec 2021 13:39:40 GMT
ETag: "5dfada74cc3c3c235bea093a5dae3f97"
x-amz-version-id: XzA0hCvq5CfF6NWEEPq.vSS26QTKHWzl
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 3386
www.skousen.no/frontend/build/skousen/svg.html
172.67.74.253200 OK 72 kB URL HTTP/2 www.skousen.no/frontend/build/skousen/svg.html
IP 172.67.74.253:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash ab3b739834b89600836a3f19355b6c91
eb2eaf3e3c397215759879861cf4e8f7cda84d64
04c198fa4abf7d2e6b802ef81ae7a2a68dfae88898e6a80942a8038470afc657
GET /frontend/build/skousen/svg.html HTTP/1.1
Host: www.skousen.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/hvitevarer/kombiskap/kjoleskap-med-fryser/product/smeg-fab28lcr5/?utm_source=adtraction&utm_medium=affiliate&utm_campaign=Price%20comparison&utm_campaign=347127093&at_gd=31F59D28D54B9DA47CE20693067967CCB16E9A88
Cookie: AWSALB=1syfKE1qibcQmDCDhVy6p4QFUbTdt0m86nLC27TRsK7FdIS/+lb/Ja479FrqqExwV+KJdjT3kpxzdjeFuKC4BmHDDQiVDc3nKESYgx07FYPutyIPhhDXDXWvUG2B
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:36 GMT
content-type: text/html
set-cookie: AWSALB=Q1uVHSJj4nwrFPUHpVkA5pKXC8XWbeAa2lzaaluxQvAHDFcUr9wCVWfB6uFsnSEa5HhuZQx03dFBW86QL0ELRUPjPOuv4gDoMGNhYEBm/b9WrEGBZMNcuwc9lT/K; Expires=Sun, 25 Dec 2022 07:38:36 GMT; Path=/
AWSALBCORS=Q1uVHSJj4nwrFPUHpVkA5pKXC8XWbeAa2lzaaluxQvAHDFcUr9wCVWfB6uFsnSEa5HhuZQx03dFBW86QL0ELRUPjPOuv4gDoMGNhYEBm/b9WrEGBZMNcuwc9lT/K; Expires=Sun, 25 Dec 2022 07:38:36 GMT; Path=/; SameSite=None
last-modified: Fri, 16 Dec 2022 12:00:38 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pI%2BWKJGbjiUwJvjL3qsaZOLBdkhjHL2kre8%2B%2FldfASh4YzZS3xjkYc2NxLMTs9%2FuKbgDXJ2S4kU9SH%2FAih3ZIlBDy3pYZwxu2gMcj7IX8OwBV%2Fr9IM0zaNTvfNBiv65J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d6c2c01b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 18 Dec 2022 06:41:08 GMT
expires: Sun, 18 Dec 2022 08:41:08 GMT
cache-control: public, max-age=7200
age: 3449
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.skousen.no/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
172.67.74.253200 OK 0 B URL HTTP/2 www.skousen.no/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 172.67.74.253:0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.skousen.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/hvitevarer/kombiskap/kjoleskap-med-fryser/product/smeg-fab28lcr5/?utm_source=adtraction&utm_medium=affiliate&utm_campaign=Price%20comparison&utm_campaign=347127093&at_gd=31F59D28D54B9DA47CE20693067967CCB16E9A88
Cookie: AWSALB=1syfKE1qibcQmDCDhVy6p4QFUbTdt0m86nLC27TRsK7FdIS/+lb/Ja479FrqqExwV+KJdjT3kpxzdjeFuKC4BmHDDQiVDc3nKESYgx07FYPutyIPhhDXDXWvUG2B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: application/javascript
last-modified: Wed, 14 Dec 2022 12:21:11 GMT
etag: W/"6399bfb7-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpB6Xg7Za3Oy5eV7jf3%2Fbyo%2FzH5%2Fw4uWKUSY7%2BqoifPsPypt5MPOFu4ACUkoizUgPcsC%2BfKqzn6WPSJTsLdwqMhEZ8s%2BSvMkGxLfPhgooBHc8pw9yv3UHBtQLRhqvgCb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b63d62dd9fb517-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 20 Dec 2022 07:38:35 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
www.skousen.no/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.74.253200 OK 0 B URL HTTP/2 www.skousen.no/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.74.253:0
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.skousen.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/hvitevarer/kombiskap/kjoleskap-med-fryser/product/smeg-fab28lcr5/?utm_source=adtraction&utm_medium=affiliate&utm_campaign=Price%20comparison&utm_campaign=347127093&at_gd=31F59D28D54B9DA47CE20693067967CCB16E9A88
Cookie: AWSALB=1syfKE1qibcQmDCDhVy6p4QFUbTdt0m86nLC27TRsK7FdIS/+lb/Ja479FrqqExwV+KJdjT3kpxzdjeFuKC4BmHDDQiVDc3nKESYgx07FYPutyIPhhDXDXWvUG2B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:35 GMT
content-type: application/javascript
last-modified: Wed, 14 Dec 2022 12:21:11 GMT
etag: W/"6399bfb7-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55g3ItEYUjsOZoh3O7kMzhuIc5%2Bc%2FObzTwl1uMnDi7Q1HuMRPSXD1cFuaavGGQlacbU9RL1gEftABi%2Bb%2BV8R%2BeaWIpHvs2n4Rt%2FqPip9NFYk1J6l8L3WjXsygvw1Fhoe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b63d62fdacb517-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 20 Dec 2022 07:38:35 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/react-dom@17.0.1/umd/react-dom.production.min.js
104.16.123.175200 OK 0 B URL HTTP/2 unpkg.com/react-dom@17.0.1/umd/react-dom.production.min.js
IP 104.16.123.175:0
GET /react-dom@17.0.1/umd/react-dom.production.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.skousen.no
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:36 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1d709-pwDuJhZSm/vzn31jDYVGmTMkuf8"
via: 1.1 fly.io
fly-request-id: 01G4XKR95Q92M5CZ5P1H0QFWDE-fra
cf-cache-status: HIT
age: 16793010
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77b63d682987b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
images2.wagcdn.com/500/500/fill/p//pimberly/FAB28LCR5-6113db318b0dec4fe3000279.png
104.26.2.210200 OK 0 B URL HTTP/2 images2.wagcdn.com/500/500/fill/p//pimberly/FAB28LCR5-6113db318b0dec4fe3000279.png
IP 104.26.2.210:0
GET /500/500/fill/p//pimberly/FAB28LCR5-6113db318b0dec4fe3000279.png HTTP/1.1
Host: images2.wagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.skousen.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 07:38:36 GMT
content-type: image/webp
content-length: 99568
cache-control: max-age=2678400, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=165959
content-disposition: inline; filename="FAB28LCR5-6113db318b0dec4fe3000279.webp"
expires: Mon, 16 Jan 2023 13:33:42 GMT
last-modified: Wed, 11 Aug 2021 14:15:44 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 151494
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5IpdzYCfE7z%2BB752%2FG7veeUdNKOCy2TxWwjHPT7807ViAfOqKeuDRR1fjfaDqJcPLGE5yUIZZXNmFool5T4NAitpjsdoILux3hD%2BxVPVyIIVTNVY7HesDWGUGWchwiRiNxL4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b63d6cdb08b50c-OSL
X-Firefox-Spdy: h2