r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f5e46725831d8d722872bf68d752f4c5
cf37793a1b73e3f84fe6c37fb27382c83b49dbc0
0582b6180687dd95c7fd728f1b9db4495b807151e309b608ad203d69708f9da6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0582B6180687DD95C7FD728F1B9DB4495B807151E309B608AD203D69708F9DA6"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7657
Expires: Thu, 26 Jan 2023 13:55:04 GMT
Date: Thu, 26 Jan 2023 11:47:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3859
Expires: Thu, 26 Jan 2023 12:51:46 GMT
Date: Thu, 26 Jan 2023 11:47:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 11:42:53 GMT
content-type: application/json
age: 274
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12434
Expires: Thu, 26 Jan 2023 15:14:41 GMT
Date: Thu, 26 Jan 2023 11:47:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qf/lVB4PZaHC/tv52InvZcVExOW1JX9kamp2Q8PUIXFR758RFbRC+PWvsYJ1jA3j1wcOpA1vXi0=
x-amz-request-id: VG98HS4YD7RGJGGV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 11:20:04 GMT
age: 1643
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 11:47:27 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 10:49:01 GMT
age: 3506
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
lkjkui.7df2d.qx.wy5532.com/
162.210.196.168302 Found 11 B URL HTTP/1.1 lkjkui.7df2d.qx.wy5532.com/
IP 162.210.196.168:0
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: lkjkui.7df2d.qx.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Thu, 26 Jan 2023 11:47:27 GMT
location: http://orest-vlv.com/zcvisitor/34c352a1-9d6f-11ed-baad-0a324428cddd/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
server: nginx
set-cookie: sid=34bb1072-9d6f-11ed-9cac-4a1d8a9b2a1f; path=/; domain=.wy5532.com; expires=Tue, 13 Feb 2091 15:01:34 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17044
Expires: Thu, 26 Jan 2023 16:31:32 GMT
Date: Thu, 26 Jan 2023 11:47:28 GMT
Connection: keep-alive
orest-vlv.com/zcvisitor/34c352a1-9d6f-11ed-baad-0a324428cddd/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
52.7.54.238200 1.1 kB URL HTTP/1.1 orest-vlv.com/zcvisitor/34c352a1-9d6f-11ed-baad-0a324428cddd/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 758fa6cf1403a62710679c48ecf58e4a
7bd2cb0fc0c2a4c37649aa425086cb27d4a48c73
5b209abd994206da666b92ae6f7dd4954f75fc64396451b0361fa1212005dd92
GET /zcvisitor/34c352a1-9d6f-11ed-baad-0a324428cddd/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Thu, 26 Jan 2023 11:47:28 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: RfpBAoSs
push.services.mozilla.com/
34.213.53.184101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.53.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BSLkEocAwNWdjQzJE0cbMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MSDlZeI0BLqJ7oGPlGox2yPjNfI=
orest-vlv.com/zcredirect?visitid=34c352a1-9d6f-11ed-baad-0a324428cddd&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
52.7.54.238200 356 B URL HTTP/1.1 orest-vlv.com/zcredirect?visitid=34c352a1-9d6f-11ed-baad-0a324428cddd&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9d114559ed5dc381324cb32d47063d90
4b16f733768b87ec64f017f9e576275330c9dbde
dbe17731b5f728e5aed60c87ffcb6473d0c9df855bbe13f29d6f5f0dd1cb61b6
GET /zcredirect?visitid=34c352a1-9d6f-11ed-baad-0a324428cddd&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/34c352a1-9d6f-11ed-baad-0a324428cddd/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Thu, 26 Jan 2023 11:47:28 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: tALqFdcA
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d256fed996106539df0dfc34613f0cbc
8b3fe974af150dcb87e7e680aded5a411731b475
22d27141d690b427611d6e5437eafe65b050b881129522778998bfae81dc2b7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22D27141D690B427611D6E5437EAFE65B050B881129522778998BFAE81DC2B7E"
Last-Modified: Tue, 24 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5048
Expires: Thu, 26 Jan 2023 13:11:36 GMT
Date: Thu, 26 Jan 2023 11:47:28 GMT
Connection: keep-alive
clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=romeo-sic-vqpeyj59e3
78.46.197.88200 OK 353 B URL HTTP/2 clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=romeo-sic-vqpeyj59e3
IP 78.46.197.88:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (353), with no line terminators
Hash 317c167a6e1d7806c72cec18600530dd
0b270add18d3a0dfe6f77ba8759312f22339090d
d9c03a93bae576e79c61f731b29d61aac93cf0389380c25b1278836f56bfd41a
GET /s/r6?s=623619497&s2=badious-buzzard&s3=romeo-sic-vqpeyj59e3 HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://orest-vlv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
set-cookie: 59b6c714cd65df39e35b99b1cbd50de1=a296be6b0fde302e70688f34f788ce51ede211b4c7ed1c05b50396eb7770bce5a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2259b6c714cd65df39e35b99b1cbd50de1%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Fri, 27-Jan-2023 11:47:28 GMT; Max-Age=86400; path=/; HttpOnly
content-length: 353
content-type: text/html; charset=UTF-8
date: Thu, 26 Jan 2023 11:47:28 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 99a84658c960280b95a0c59c5c4f8580
30a56c751adb8eb63a72cfc6987ad4624d071604
b48c62d0508419798a7df832466488639c07db21e09392066f9134463cd449d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B48C62D0508419798A7DF832466488639C07DB21E09392066F9134463CD449D3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14214
Expires: Thu, 26 Jan 2023 15:44:22 GMT
Date: Thu, 26 Jan 2023 11:47:28 GMT
Connection: keep-alive
lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=fjellsport.no&s1=623619497&s2=badious-buzzard&s3=romeo-sic-vqpeyj59e3&s5=cf
5.9.110.29200 OK 616 B URL HTTP/1.1 lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=fjellsport.no&s1=623619497&s2=badious-buzzard&s3=romeo-sic-vqpeyj59e3&s5=cf
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document, ASCII text, with very long lines (616), with no line terminators
Hash 32ec29d5a6c6a5c26cea8ac066cde48c
574244b23bf911cc67bc1f0c875d6ee6ff8a1fbe
c2756f85b09f70c23572a8d5286e7d73b70c27351cf4d0004af117c9aeabcf9c
GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=fjellsport.no&s1=623619497&s2=badious-buzzard&s3=romeo-sic-vqpeyj59e3&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 11:47:28 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.13
Set-Cookie: 8ced0adcdc4805f3f2cbffaa6df45bb2=a678314f8a7c2deabda6cb2c37fdac6000870fb0d5b76a9df37e06f7f2488dd9a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%228ced0adcdc4805f3f2cbffaa6df45bb2%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Fri, 27-Jan-2023 11:47:28 GMT; Max-Age=86400; path=/; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DYnJVNnduazZJdThJTkxESUQyWFdYYktvWTVycUV6NnZjejlXdi9pbXhtclJjY2d3RWdDMHVyNXZmUFQraEZXMnFJUVpaMVlibmVkWjlyMEg0UDBaV2I0QzdDbzhwNWxmekJRdVB4NGVrcE5IT2JQSFN0YzZEVTZlaktjdFk1N3pQTENqd2FxS0xWcG5mcXBWNE5kV3F6aWtjNnhTeXVrQ1E0dkxpdGpFbGlDSEU4bz0%3D%26i%3DxWOlEBe4TIY5bOoG%26placementId%3D634c53d1ba06b33fd33e1e2f4388156a&h=e089d3d0f99421e37ea5463e7c5e8226
5.9.110.29200 OK 544 B URL HTTP/1.1 lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DYnJVNnduazZJdThJTkxESUQyWFdYYktvWTVycUV6NnZjejlXdi9pbXhtclJjY2d3RWdDMHVyNXZmUFQraEZXMnFJUVpaMVlibmVkWjlyMEg0UDBaV2I0QzdDbzhwNWxmekJRdVB4NGVrcE5IT2JQSFN0YzZEVTZlaktjdFk1N3pQTENqd2FxS0xWcG5mcXBWNE5kV3F6aWtjNnhTeXVrQ1E0dkxpdGpFbGlDSEU4bz0%3D%26i%3DxWOlEBe4TIY5bOoG%26placementId%3D634c53d1ba06b33fd33e1e2f4388156a&h=e089d3d0f99421e37ea5463e7c5e8226
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (544), with no line terminators
Hash 5f8554352df2ec0a604dbc598b331d55
cd2241f84cbb6beee2dec23da925b09731ac45e5
97d0dca05bdc19fd3516ee620b655a4f5070ec83a3990d938d0a93bbeab82ba3
GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DYnJVNnduazZJdThJTkxESUQyWFdYYktvWTVycUV6NnZjejlXdi9pbXhtclJjY2d3RWdDMHVyNXZmUFQraEZXMnFJUVpaMVlibmVkWjlyMEg0UDBaV2I0QzdDbzhwNWxmekJRdVB4NGVrcE5IT2JQSFN0YzZEVTZlaktjdFk1N3pQTENqd2FxS0xWcG5mcXBWNE5kV3F6aWtjNnhTeXVrQ1E0dkxpdGpFbGlDSEU4bz0%3D%26i%3DxWOlEBe4TIY5bOoG%26placementId%3D634c53d1ba06b33fd33e1e2f4388156a&h=e089d3d0f99421e37ea5463e7c5e8226 HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: 8ced0adcdc4805f3f2cbffaa6df45bb2=a678314f8a7c2deabda6cb2c37fdac6000870fb0d5b76a9df37e06f7f2488dd9a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%228ced0adcdc4805f3f2cbffaa6df45bb2%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 11:47:29 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.13
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8d3d32e090eee88650a650a4b4247d5
cdcadb8176d631aae23532febc78528e817df729
babd08f2bf42d982fe9a4ecd5f81c6f365eb0f7bc9cef7fd0628c08fe3dce6f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BABD08F2BF42D982FE9A4ECD5F81C6F365EB0F7BC9CEF7FD0628C08FE3DCE6F4"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2616
Expires: Thu, 26 Jan 2023 12:31:05 GMT
Date: Thu, 26 Jan 2023 11:47:29 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 2c0d8613f11ae609449a490f525f3c49
674bcccde23342a5987368040154d8df4a3e4c8a
c4fa5b5566145cba3467e91ee32144cd45d23bd9f260e8b44f33c6e7c51c64d6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 11:47:29 GMT
Last-Modified: Thu, 26 Jan 2023 11:11:21 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: T6h6VK4pHBccir_EVMLM_fFtfoEJV2YZiI-Gw_m75HTBGZPBENV-rg==
Age: 2168
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6516
Expires: Thu, 26 Jan 2023 13:36:05 GMT
Date: Thu, 26 Jan 2023 11:47:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6516
Expires: Thu, 26 Jan 2023 13:36:05 GMT
Date: Thu, 26 Jan 2023 11:47:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6516
Expires: Thu, 26 Jan 2023 13:36:05 GMT
Date: Thu, 26 Jan 2023 11:47:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6516
Expires: Thu, 26 Jan 2023 13:36:05 GMT
Date: Thu, 26 Jan 2023 11:47:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6516
Expires: Thu, 26 Jan 2023 13:36:05 GMT
Date: Thu, 26 Jan 2023 11:47:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3Ke5d5WguVrF_Phnhu9ojzN5Md0VkYnFfxKNoh5HHrmHwPI90IAIdA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 10:38:20 GMT
age: 4149
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KY05WKpINERD5g9o2QLYdsNMSuuy_YKn2Tl7Qkn7YaAOaPTDfLteeA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:49:40 GMT
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
age: 50269
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3177e0c-fa06-470b-bb9e-800d246a5096.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3177e0c-fa06-470b-bb9e-800d246a5096.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e013ee2e3a5287de55de4c2437a279d
f2b0a5738ec9e3b178b2bf5513de3e604b86eadf
f174d5678154412cdbf71f93c345d28cfb8bad7c190fa31dd78e9314c510f7ca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3177e0c-fa06-470b-bb9e-800d246a5096.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8648
x-amzn-requestid: 19beb9c1-4e85-47ba-9275-7fb5d25f055f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYMlENLoAMFhIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0b6-016533de5b42b3a573a66c78;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:35:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jkExt4JNW6KtzDm8mDdb-AvXWXeyZr14XifDN_XVzKiwFAru_1HcSA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:49:13 GMT
age: 50296
etag: "f2b0a5738ec9e3b178b2bf5513de3e604b86eadf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17e1b6f3caa98b0e0972802408dd3f93
07e48bf3565e00d093d72dd4ada606f5d39a4838
7094ef64e04573bea7a81bbcc8ab59d721c5ef433e3fa9203e5861040ced549c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9285
x-amzn-requestid: 526bd945-31d8-490e-af9d-5e6fc6ea3561
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYT2HzvoAMFYYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0e5-6812fe4354bbdac4472e7e81;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QEH9CmjfV8QZFNxFz_tEk06i_ELUSNC2QjdTF4K3xc3vS651BZ3NlQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:52:28 GMT
age: 50101
etag: "07e48bf3565e00d093d72dd4ada606f5d39a4838"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 653bf5a34e9f99c9eef73a21d98d792f
c70d46aa2210c4f7c397fa20e1225b7d0734ac35
9f928ec6f194340e5543a4bf757aac31d545def67a56ae804a2039a3effd3fe0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10379
x-amzn-requestid: 77d12b56-c121-4d0a-9831-9de4151b65de
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUY8_GVUIAMFmgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a1ec-523a2d8b1028a4496a211030;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:41:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i_OHKx9OPaP8_2ydfgZwY4Dvbq208pXR2hwFTdUySwjsIwEIcv-M4g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:49:18 GMT
age: 50291
etag: "c70d46aa2210c4f7c397fa20e1225b7d0734ac35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13cd008fb3e2739ec7caadadbd427655
c4802b06b87ab97f3ccd80d1c9bbdb4fab9886c1
a300a4fde1863c8b806d0557d9f0adaed19e1c612989d7e3f79a7bb45e6e74dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8822
x-amzn-requestid: e16ae781-25f3-4b7d-b62b-85b35d6571c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYRwF2KIAMFjDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0d7-377f24bd18dea32564b148bd;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3Q-kz6GkBHp82E__crWSeqbfxme8c9y1BAAq3TW8NlwJy4eSy7gy7Q==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:49:07 GMT
age: 50302
etag: "c4802b06b87ab97f3ccd80d1c9bbdb4fab9886c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.yadore.com/v2/r/deeplink?e=YnJVNnduazZJdThJTkxESUQyWFdYYktvWTVycUV6NnZjejlXdi9pbXhtclJjY2d3RWdDMHVyNXZmUFQraEZXMnFJUVpaMVlibmVkWjlyMEg0UDBaV2I0QzdDbzhwNWxmekJRdVB4NGVrcE5IT2JQSFN0YzZEVTZlaktjdFk1N3pQTENqd2FxS0xWcG5mcXBWNE5kV3F6aWtjNnhTeXVrQ1E0dkxpdGpFbGlDSEU4bz0=&i=xWOlEBe4TIY5bOoG&placementId=634c53d1ba06b33fd33e1e2f4388156a
88.99.112.6302 Found 33 kB URL HTTP/2 api.yadore.com/v2/r/deeplink?e=YnJVNnduazZJdThJTkxESUQyWFdYYktvWTVycUV6NnZjejlXdi9pbXhtclJjY2d3RWdDMHVyNXZmUFQraEZXMnFJUVpaMVlibmVkWjlyMEg0UDBaV2I0QzdDbzhwNWxmekJRdVB4NGVrcE5IT2JQSFN0YzZEVTZlaktjdFk1N3pQTENqd2FxS0xWcG5mcXBWNE5kV3F6aWtjNnhTeXVrQ1E0dkxpdGpFbGlDSEU4bz0=&i=xWOlEBe4TIY5bOoG&placementId=634c53d1ba06b33fd33e1e2f4388156a
IP 88.99.112.6:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12878)
Hash 2305e6accc21e9421bdc64309386195b
560e1eb91f9022d91ae34ec485b9dae3508586a7
b94e867dfe7be7e7c81aa16a7cb82d92ebf6ffd84322d587b351c8d48c9959d1
GET /v2/r/deeplink?e=YnJVNnduazZJdThJTkxESUQyWFdYYktvWTVycUV6NnZjejlXdi9pbXhtclJjY2d3RWdDMHVyNXZmUFQraEZXMnFJUVpaMVlibmVkWjlyMEg0UDBaV2I0QzdDbzhwNWxmekJRdVB4NGVrcE5IT2JQSFN0YzZEVTZlaktjdFk1N3pQTENqd2FxS0xWcG5mcXBWNE5kV3F6aWtjNnhTeXVrQ1E0dkxpdGpFbGlDSEU4bz0=&i=xWOlEBe4TIY5bOoG&placementId=634c53d1ba06b33fd33e1e2f4388156a HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Thu, 26 Jan 2023 11:47:29 GMT
location: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ffjellsport.no%2F&custom1=857eb7e6cf50f44d0b35d0fb5405385bf340828d00691ae09d0cbebdc875b35e&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.27
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 48e05c604997ff95fb10dc02a63d40d8
99b3f610bea527b01e9dca0d64bc3a67e632ab93
d771a94c8d25e1c261914f86dc58f4ca931db24c4e33258f319dae6817c8819e
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6456
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:30 GMT
Last-Modified: Thu, 26 Jan 2023 09:59:54 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 48e05c604997ff95fb10dc02a63d40d8
99b3f610bea527b01e9dca0d64bc3a67e632ab93
d771a94c8d25e1c261914f86dc58f4ca931db24c4e33258f319dae6817c8819e
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6456
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:30 GMT
Last-Modified: Thu, 26 Jan 2023 09:59:54 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6bd1a7c840896ae1edb183b7d56157ac62590d72eebafef6630bc9a6f839ce96032619f7ff4fd8e93ef2de71bdd2ba4181d94405da3521ccf5da6bdae8bda1533d399b02b3959f87702e0defd0d1caa5b349f6e8ab8cf61181c416c6a69c5eff002701887c4d886dfb60ebe85cb608701e57aedcb0724a74cac3929cef95b6c12daade977986c18fabe9e3a7e50f3f2e3e52c5ebfc55189406acec0aed002f2424ce5db858b647800e2d59d437de34c99c408b8a0662d0be0b6f09cd6e89fc95482522fd7e86ba66baaaf2032d8d3c9457a1fb5ab93c9fef9a6fada4ca5450daf17c53ac13cb1ef09d52b92b8587b83c8a6175c09f2982f6d30a39edc27398dd2ff9aa2d008b0248e89f1b13eafffe7ee673c0a0e51d32474404d449c335a4f7da6405879f48df620f4f6ee2db5811e4c38ad1d05f5fa039796cec95201c3db897
95.211.116.26200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6bd1a7c840896ae1edb183b7d56157ac62590d72eebafef6630bc9a6f839ce96032619f7ff4fd8e93ef2de71bdd2ba4181d94405da3521ccf5da6bdae8bda1533d399b02b3959f87702e0defd0d1caa5b349f6e8ab8cf61181c416c6a69c5eff002701887c4d886dfb60ebe85cb608701e57aedcb0724a74cac3929cef95b6c12daade977986c18fabe9e3a7e50f3f2e3e52c5ebfc55189406acec0aed002f2424ce5db858b647800e2d59d437de34c99c408b8a0662d0be0b6f09cd6e89fc95482522fd7e86ba66baaaf2032d8d3c9457a1fb5ab93c9fef9a6fada4ca5450daf17c53ac13cb1ef09d52b92b8587b83c8a6175c09f2982f6d30a39edc27398dd2ff9aa2d008b0248e89f1b13eafffe7ee673c0a0e51d32474404d449c335a4f7da6405879f48df620f4f6ee2db5811e4c38ad1d05f5fa039796cec95201c3db897
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6bd1a7c840896ae1edb183b7d56157ac62590d72eebafef6630bc9a6f839ce96032619f7ff4fd8e93ef2de71bdd2ba4181d94405da3521ccf5da6bdae8bda1533d399b02b3959f87702e0defd0d1caa5b349f6e8ab8cf61181c416c6a69c5eff002701887c4d886dfb60ebe85cb608701e57aedcb0724a74cac3929cef95b6c12daade977986c18fabe9e3a7e50f3f2e3e52c5ebfc55189406acec0aed002f2424ce5db858b647800e2d59d437de34c99c408b8a0662d0be0b6f09cd6e89fc95482522fd7e86ba66baaaf2032d8d3c9457a1fb5ab93c9fef9a6fada4ca5450daf17c53ac13cb1ef09d52b92b8587b83c8a6175c09f2982f6d30a39edc27398dd2ff9aa2d008b0248e89f1b13eafffe7ee673c0a0e51d32474404d449c335a4f7da6405879f48df620f4f6ee2db5811e4c38ad1d05f5fa039796cec95201c3db897 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://api.kelkoogroup.net
Connection: keep-alive
Cookie: kelkooID=a4c6294-185ede77ec5-5f2b; _ga=GA1.2.716904829.1674733648; _gid=GA1.2.2129643118.1674733648
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1674733650128_23533
clickId: 107698148_1674733649605_105368
country: no
Request-Time: PT0.00313S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Thu, 26 Jan 2023 11:47:30 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6bd1a7c840896ae1edb183b7d56157ac62590d72eebafef6630bc9a6f839ce96032619f7ff4fd8e93ef2de71bdd2ba4181d94405da3521ccf5da6bdae8bda1533d399b02b3959f87702e0defd0d1caa5b349f6e8ab8cf61181c416c6a69c5eff002701887c4d886dfb60ebe85cb608701e57aedcb0724a74cac3929cef95b6c12daade977986c18fabe9e3a7e50f3f2e3e52c5ebfc55189406acec0aed002f2424ce5db858b647800e2d59d437de34c99c408b8a0662d0be0b6f09cd6e89fc95482522fd7e86ba66baaaf2032d8d3c9457a1fb5ab93c9fef9a6fada4ca5450daf17c53ac13cb1ef09d52b92b8587b83c8a6175c09f2982f6d30a39edc27398dd2ff9aa2d008b0248e89f1b13eafffe7ee673c0a0e51d32474404d449c335a4f7da6405879f48df620f4f6ee2db5811e4c38ad1d05f5fa039796cec95201c3db897&url=https%3A%2F%2Ffjellsport.no%2F%3Fkk%3Da4c6294-185ede77ec5-5f2b%26channable%3D01649e696400313030343532d7%26utm_medium%3Dcpc%26utm_source%3Dkelkoono
95.211.116.26303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6bd1a7c840896ae1edb183b7d56157ac62590d72eebafef6630bc9a6f839ce96032619f7ff4fd8e93ef2de71bdd2ba4181d94405da3521ccf5da6bdae8bda1533d399b02b3959f87702e0defd0d1caa5b349f6e8ab8cf61181c416c6a69c5eff002701887c4d886dfb60ebe85cb608701e57aedcb0724a74cac3929cef95b6c12daade977986c18fabe9e3a7e50f3f2e3e52c5ebfc55189406acec0aed002f2424ce5db858b647800e2d59d437de34c99c408b8a0662d0be0b6f09cd6e89fc95482522fd7e86ba66baaaf2032d8d3c9457a1fb5ab93c9fef9a6fada4ca5450daf17c53ac13cb1ef09d52b92b8587b83c8a6175c09f2982f6d30a39edc27398dd2ff9aa2d008b0248e89f1b13eafffe7ee673c0a0e51d32474404d449c335a4f7da6405879f48df620f4f6ee2db5811e4c38ad1d05f5fa039796cec95201c3db897&url=https%3A%2F%2Ffjellsport.no%2F%3Fkk%3Da4c6294-185ede77ec5-5f2b%26channable%3D01649e696400313030343532d7%26utm_medium%3Dcpc%26utm_source%3Dkelkoono
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6bd1a7c840896ae1edb183b7d56157ac62590d72eebafef6630bc9a6f839ce96032619f7ff4fd8e93ef2de71bdd2ba4181d94405da3521ccf5da6bdae8bda1533d399b02b3959f87702e0defd0d1caa5b349f6e8ab8cf61181c416c6a69c5eff002701887c4d886dfb60ebe85cb608701e57aedcb0724a74cac3929cef95b6c12daade977986c18fabe9e3a7e50f3f2e3e52c5ebfc55189406acec0aed002f2424ce5db858b647800e2d59d437de34c99c408b8a0662d0be0b6f09cd6e89fc95482522fd7e86ba66baaaf2032d8d3c9457a1fb5ab93c9fef9a6fada4ca5450daf17c53ac13cb1ef09d52b92b8587b83c8a6175c09f2982f6d30a39edc27398dd2ff9aa2d008b0248e89f1b13eafffe7ee673c0a0e51d32474404d449c335a4f7da6405879f48df620f4f6ee2db5811e4c38ad1d05f5fa039796cec95201c3db897&url=https%3A%2F%2Ffjellsport.no%2F%3Fkk%3Da4c6294-185ede77ec5-5f2b%26channable%3D01649e696400313030343532d7%26utm_medium%3Dcpc%26utm_source%3Dkelkoono HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Connection: keep-alive
Cookie: kelkooID=a4c6294-185ede77ec5-5f2b; _ga=GA1.2.716904829.1674733648; _gid=GA1.2.2129643118.1674733648
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 303 See Other
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1674733650128_23533
clickId: 107698148_1674733649605_105368
country: no
Location: https://fjellsport.no/?kk=a4c6294-185ede77ec5-5f2b&channable=01649e696400313030343532d7&utm_medium=cpc&utm_source=kelkoono
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=5otiNrr7_BubJLs5znrbYlw3yY~J_p0Ds2pkp1lPKjLPmi4YJ5MbXIPnFi4wlAh1-gtBEEIBDqKZxb61_qUq~dZKlicYlNT0509NPJLmpnbJA4FMkv_GM~5kw3KfqwFq; Max-Age=31536000; Expires=Fri, 26 Jan 2024 11:47:30 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
X-DataDome: protected
Request-Time: PT0.016792S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Thu, 26 Jan 2023 11:47:30 GMT
Content-Length: 0
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash da1d6b4faeaadd5d948b53a17d9ffaee
c01467c52f378c4d6a90bf53244afdfcd1e98a33
5e5f41e1f60ebebae0f6073417834f36462cba8436e2f668bae946c605281499
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159569
Date: Thu, 26 Jan 2023 11:47:30 GMT
Etag: "63d234a3-1d7"
Expires: Sat, 28 Jan 2023 08:06:59 GMT
Last-Modified: Thu, 26 Jan 2023 08:06:59 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ghIn7QUI75sNNOe0zyq59tS86prk6hHBpTrBR8P8qcfmYU5AnQZDng==
fjellsport.no/?kk=a4c6294-185ede77ec5-5f2b&channable=01649e696400313030343532d7&utm_medium=cpc&utm_source=kelkoono
13.51.221.191302 Found 0 B URL HTTP/2 fjellsport.no/?kk=a4c6294-185ede77ec5-5f2b&channable=01649e696400313030343532d7&utm_medium=cpc&utm_source=kelkoono
IP 13.51.221.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?kk=a4c6294-185ede77ec5-5f2b&channable=01649e696400313030343532d7&utm_medium=cpc&utm_source=kelkoono HTTP/1.1
Host: fjellsport.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 26 Jan 2023 11:47:31 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.fjellsport.no/
server: Apache/2.4.25 (Debian)
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0bf8fccb276521254634abcdcb4b3f0d
a5b7ffa58daf7d1ea3e312b68533d4d0271348f4
991b03387ddbe0b07a9aee23ea7a98863fa85035cb26e631e0d22a1b999ee487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Ffjellsport.no%252F%26custom1%3D857eb7e6cf50f44d0b35d0fb5405385bf340828d00691ae09d0cbebdc875b35e%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C7246223%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Fjellsport.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=716904829.1674733648&tid=UA-168544891-6&_gid=2129643118.1674733648&_r=1&cd1=&cd2=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1674733650128_23533&cd3=7246223&cd4=a4c6294-185ede77ec5-5f2b&cd5=&cd6=%7C7246223%7C&z=327889191
142.250.74.14200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Ffjellsport.no%252F%26custom1%3D857eb7e6cf50f44d0b35d0fb5405385bf340828d00691ae09d0cbebdc875b35e%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C7246223%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Fjellsport.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=716904829.1674733648&tid=UA-168544891-6&_gid=2129643118.1674733648&_r=1&cd1=&cd2=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1674733650128_23533&cd3=7246223&cd4=a4c6294-185ede77ec5-5f2b&cd5=&cd6=%7C7246223%7C&z=327889191
IP 142.250.74.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Ffjellsport.no%252F%26custom1%3D857eb7e6cf50f44d0b35d0fb5405385bf340828d00691ae09d0cbebdc875b35e%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C7246223%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Fjellsport.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=716904829.1674733648&tid=UA-168544891-6&_gid=2129643118.1674733648&_r=1&cd1=&cd2=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1674733650128_23533&cd3=7246223&cd4=a4c6294-185ede77ec5-5f2b&cd5=&cd6=%7C7246223%7C&z=327889191 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://api.kelkoogroup.net
Connection: keep-alive
Referer: https://api.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://api.kelkoogroup.net
date: Thu, 26 Jan 2023 11:47:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0bf8fccb276521254634abcdcb4b3f0d
a5b7ffa58daf7d1ea3e312b68533d4d0271348f4
991b03387ddbe0b07a9aee23ea7a98863fa85035cb26e631e0d22a1b999ee487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.fjellsport.no/
104.18.22.72200 OK 161 kB IP 104.18.22.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26542)
Size 161 kB (161092 bytes)
Hash 7cef95da0cee2efd3bc4198542684dc1
42c8bf339c8f4983f1d16706172fca51a9484bf9
eaf90562a5be65cb37817fdcf2eb2234c5393f783dfefa5975ebfbe25c9ad7e7
GET / HTTP/1.1
Host: www.fjellsport.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 11:47:31 GMT
content-type: text/html; charset=utf-8
cf-ray: 78f903a70e7cb4ff-OSL
age: 36
cache-control: no-store
expires: Thu, 26 Jan 2023 15:47:31 GMT
last-modified: Thu, 26 Jan 2023 11:46:55 GMT
link: </static/runtime.f862a6292d198368e920.125.nb-NO.js>; rel="modulepreload"; as="script"; crossorigin="anonymous", </static/main.3d8730af4b7fc4ddf528.125.nb-NO.js>; rel="modulepreload"; as="script"; crossorigin="anonymous", </static/vendors~main.3fee8d20617d99418eef.125.nb-NO.js>; rel="modulepreload"; as="script"; crossorigin="anonymous", </static/globals.32424bf13487e1ab89ee.css>; rel="preload"; as="style", </static/static.8e19416b216101c3bc63.css>; rel="preload"; as="style", </static/f785bde0ec212bfab70652799e038381.woff2>; rel="preload"; as="font"; crossorigin="anonymous"
vary: Accept-Encoding
cf-cache-status: HIT
request-context: appId=cid-v1:0c613cf3-3219-4402-8e44-accd6521a7dc
x-cache-load-time: 9ms
x-cache-status: REVALIDATING
x-original-cache-control: public, s-maxage=30, stale-while-revalidate=900, stale-if-error=1800
x-original-date: Thu, 26 Jan 2023 11:46:55 GMT
x-worker-time: 9ms
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.livechatinc.com/tracking.js
95.101.10.202200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP 95.101.10.202:0
ASN #20940 Akamai International B.V.
Hash 349345e8baec106d74b4eb289b8d2b0b
5c4a724241c19e2de9063da2c3dc0c4a3366ea7a
a69d354aa4044e3786dc89e3a46f415276b8657f0caa8c8355b12558cfde8695
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 08:47:12 GMT
x-amz-version-id: iNzmqDcn1iRKaLiTk37THrDgz9osPO8C
server: AmazonS3
content-encoding: br
etag: W/"29e075294399875f6fd4bdaa0f4a20e4"
vary: Accept-Encoding
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: 5u3S8SQ2vBURIIW1wAHlf1ewj7O-VH6XVggEm945QBhoGAgQC4G-PQ==
content-length: 25911
cache-control: max-age=28800
expires: Thu, 26 Jan 2023 19:47:31 GMT
date: Thu, 26 Jan 2023 11:47:31 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 78ed7b7d814d987601b30851546309b5
12a653dabfd738fef99fad2295eec55e4651bc7c
a55164c954f0255d6d360ac0fac8b4598f8e0e01ec646105eed2e9b0abf5e2bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-TP3749N
172.217.21.168200 OK 87 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TP3749N
IP 172.217.21.168:0
File type ASCII text, with very long lines (22756)
Hash 39a3fa950b12711ea18fda5837e3eaac
9cfe2b4df9723db0407490079c25a2c24cd4df36
42faf5b9de9825bf5748082647c2605435855578ae7660695a15ab133174a78c
GET /gtm.js?id=GTM-TP3749N HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 11:47:31 GMT
expires: Thu, 26 Jan 2023 11:47:31 GMT
cache-control: private, max-age=900
last-modified: Thu, 26 Jan 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86725
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 2.6 kB IP 93.184.220.29:0
Hash 7da90dec88d1093dad00a5ea4dac58e0
07626415cde06c3b0ce8691ea768e93130f2bf33
b22319717f1aa6d3db8c1a08d0f11c8d474fd970a1d8e6a2c4ba6d5ce78763f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4706
Cache-Control: max-age=103424
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:31 GMT
Etag: "63d146f1-1d7"
Expires: Fri, 27 Jan 2023 16:31:15 GMT
Last-Modified: Wed, 25 Jan 2023 15:12:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bca98f081c5ed57dd127da5a85140901
4f053a24409472d77be4d9922a93f357e85b70ab
e0cf2e8a986206953908c576f293dec3ccad6befb267b1f6e4bce5aa41f9599b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4706
Cache-Control: max-age=103424
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:31 GMT
Etag: "63d146f1-1d7"
Expires: Fri, 27 Jan 2023 16:31:15 GMT
Last-Modified: Wed, 25 Jan 2023 15:12:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=9240310&url=https%3A%2F%2Fwww.fjellsport.no%2F&channel_type=code&jsonp=__ec1rv1ieysr
95.101.10.202200 OK 1.6 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=9240310&url=https%3A%2F%2Fwww.fjellsport.no%2F&channel_type=code&jsonp=__ec1rv1ieysr
IP 95.101.10.202:0
ASN #20940 Akamai International B.V.
Hash fcddce9ceabd0277417a14e59ec8d5a2
d3b3faee45bdb1671fe33dfb16721c47f2562b95
d905cd735195971c8346346f898f0269e9c26b2832a9380f0f68ac0c143ac3d1
GET /v3.3/customer/action/get_dynamic_configuration?license_id=9240310&url=https%3A%2F%2Fwww.fjellsport.no%2F&channel_type=code&jsonp=__ec1rv1ieysr HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors https://www.fjellsport.no/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://www.fjellsport.no/
content-length: 274
date: Thu, 26 Jan 2023 11:47:31 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=9240310&version=1396.8.8.1640.101.193.68.8.10.17.7.152.4&group_id=1&jsonp=__lc_static_config
95.101.10.202200 OK 1.4 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=9240310&version=1396.8.8.1640.101.193.68.8.10.17.7.152.4&group_id=1&jsonp=__lc_static_config
IP 95.101.10.202:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (3880), with no line terminators
Hash c06d6a8fce1a55a63129d08a6467ad4c
417578321f33dddd2a5a0127880f9b29b20894bc
46940d36bf23d3e21a7de9ae298de8dde658290f077122c3458ecbdad3aa3a55
GET /v3.3/customer/action/get_configuration?license_id=9240310&version=1396.8.8.1640.101.193.68.8.10.17.7.152.4&group_id=1&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1418
cache-control: public, max-age=279
expires: Thu, 26 Jan 2023 11:52:10 GMT
date: Thu, 26 Jan 2023 11:47:31 GMT
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/build/embed/embed.c4e1b1fb.js
151.101.86.251200 OK 51 kB URL HTTP/2 open.spotifycdn.com/cdn/build/embed/embed.c4e1b1fb.js
IP 151.101.86.251:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 37dbdfbee400a93a745f4ed7d012d0e9
4a037f8dc33c443f2316436d3757418086f375b3
385f7ae0eb6bc60c9ae0b7571e76048285eced3574ac23e520a3f8414db3033e
GET /cdn/build/embed/embed.c4e1b1fb.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 26 Jan 2023 10:58:15 GMT
etag: "37dbdfbee400a93a745f4ed7d012d0e9"
x-goog-generation: 1674730695321255
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 50987
content-type: application/javascript
content-encoding: gzip
accept-ranges: bytes
date: Thu, 26 Jan 2023 11:47:31 GMT
age: 2681
x-served-by: cache-chi-klot8100021-CHI, cache-bma1621-BMA
x-cache: HIT, HIT
x-cache-hits: 182, 301
access-control-allow-origin: https://open.spotify.com
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 50987
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 293a89d43a7cc86373a5d54be7032070
2372ca2ed5a422b2f33268e8210143956eaaf5a8
1f08516827d89aabc1ca825ac792ca1d2fff74bba959d0e21383eec03d6affcb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5781
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:31 GMT
Last-Modified: Thu, 26 Jan 2023 10:11:10 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=9240310&version=a2fb162d3655d456397b7117a50bebbc_cb44b693ec9b26872b5b46ecda0ea338&language=nb&group_id=1&jsonp=__lc_localization
95.101.10.202200 OK 4.2 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=9240310&version=a2fb162d3655d456397b7117a50bebbc_cb44b693ec9b26872b5b46ecda0ea338&language=nb&group_id=1&jsonp=__lc_localization
IP 95.101.10.202:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (11444), with no line terminators
Hash 56e6bae866a4b31f4417017948ff4163
469f449cbf3fbd1ffa218e22087b6568f6ec4180
f458cc369e6c8cb3656394085828f78bd7f9806e72d254a81acd4bbb0fd8cae7
GET /v3.3/customer/action/get_localization?license_id=9240310&version=a2fb162d3655d456397b7117a50bebbc_cb44b693ec9b26872b5b46ecda0ea338&language=nb&group_id=1&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=402
expires: Thu, 26 Jan 2023 11:54:14 GMT
date: Thu, 26 Jan 2023 11:47:32 GMT
content-length: 4195
X-Firefox-Spdy: h2
videos.ctfassets.net/getkuj6dy7e1/2LkejH9xs7MoqdW5ux0esX/f8c0af28d02d35b32a98ca08ce918159/Hero-Video-Banner-Vinterturer-Komprimert.mp4
54.230.111.34206 Partial Content 1.9 MB URL HTTP/2 videos.ctfassets.net/getkuj6dy7e1/2LkejH9xs7MoqdW5ux0esX/f8c0af28d02d35b32a98ca08ce918159/Hero-Video-Banner-Vinterturer-Komprimert.mp4
IP 54.230.111.34:0
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 1.9 MB (1872078 bytes)
Hash 8c138d5840a66bcca3f46fd15e5eb3e2
884aefe63d27f2688faf6994dba907ef25ca39f1
cf7624de208d548e15af477105b00803e6032467f271eaebbbd66d9a7a03065f
GET /getkuj6dy7e1/2LkejH9xs7MoqdW5ux0esX/f8c0af28d02d35b32a98ca08ce918159/Hero-Video-Banner-Vinterturer-Komprimert.mp4 HTTP/1.1
Host: videos.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
content-type: video/mp4
content-length: 9148371
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
last-modified: Mon, 09 Jan 2023 14:17:32 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: WG5DUY489DfprmGc06TQ1B_917NaFpAU
accept-ranges: bytes
server: AmazonS3
date: Thu, 26 Jan 2023 03:26:23 GMT
cache-control: max-age=2592000
etag: "54a17cfba9f2ebcdd5b03d693f88463c-2"
vary: Accept-Encoding
content-range: bytes 0-9148370/9148371
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yasLtWRJhMOlNQe0a1Pkq2pA1h89QjPgLktA7To78MCrykI5Fzqe2A==
age: 30069
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/fonts/spoticon_regular_2.d728648c.woff2
151.101.86.251200 OK 58 kB URL HTTP/2 open.spotifycdn.com/cdn/fonts/spoticon_regular_2.d728648c.woff2
IP 151.101.86.251:0
Hash 46c7d0f32cb00954f41b4b980a7c4900
2933361934210ea61f62f7024dd2a24e8e3f2881
6ce0c0a639e15188ab3318bbecaf67f3707f2f91e6705ff343301eaf8fbcb0aa
GET /cdn/fonts/spoticon_regular_2.d728648c.woff2 HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 28 Nov 2022 09:18:52 GMT
etag: "3b7bbfac9ed3e75d426728e900579aa9"
x-goog-generation: 1669627132083473
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 56996
content-type: font/woff2
accept-ranges: bytes
date: Thu, 26 Jan 2023 11:47:32 GMT
age: 5106312
x-served-by: cache-chi-klot8100082-CHI, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 74, 101697
access-control-allow-origin: https://open.spotify.com
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 56996
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/generated-locales/embed/en.3251d5e9.json
151.101.86.251200 OK 786 B URL HTTP/2 open.spotifycdn.com/cdn/generated-locales/embed/en.3251d5e9.json
IP 151.101.86.251:0
File type JSON data\012- , ASCII text
Hash e2382f65dec4d0440560cacbdc428561
7bff0be2dc6880803045b4529ba8e96cb18b02db
5100fb012280146c9ff35e7b4c072f774d2269fb8a663e8b3f686e6da1c3ebe8
GET /cdn/generated-locales/embed/en.3251d5e9.json HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 00:01:31 GMT
etag: "e2382f65dec4d0440560cacbdc428561"
x-goog-generation: 1669680091216351
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 786
content-type: application/json
content-encoding: gzip
accept-ranges: bytes
date: Thu, 26 Jan 2023 11:47:32 GMT
age: 5018486
x-served-by: cache-chi-klot8100140-CHI, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 49, 45
access-control-allow-origin: https://open.spotify.com
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 786
X-Firefox-Spdy: h2
secure.livechatinc.com/customer/action/open_chat?license_id=9240310&group=1&embedded=1&widget_version=3&unique_groups=0
95.101.10.202200 OK 2.6 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=9240310&group=1&embedded=1&widget_version=3&unique_groups=0
IP 95.101.10.202:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8824), with no line terminators
Hash e73532c0c660a631b8b058705ce26d21
ac886227ce8d418692c8496201f8bc76709b1a63
0ee4d5761027247228422c7b57c6727e95d065c52b4f68501694f1a41754ac03
GET /customer/action/open_chat?license_id=9240310&group=1&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Thu, 26 Jan 2023 11:47:32 GMT
content-length: 2557
X-Firefox-Spdy: h2
encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
151.101.86.248200 OK 84 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
IP 151.101.86.248:0
File type Web Open Font Format (Version 2), TrueType, length 84088, version 1.66\012- data
Hash f7b12903dd7a2d536ceb2b7cd1dba2c1
82d12ab89c971973141475ecbefa5da97ad57195
3760e89dfff6078afcdc5404e4735e266a4799babd9fa853ff388c702e992c5f
GET /fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 84027
Last-Modified: Fri, 13 May 2022 11:38:51 GMT
ETag: "f7b12903dd7a2d536ceb2b7cd1dba2c1"
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Thu, 26 Jan 2023 11:47:32 GMT
Age: 17187040
X-Served-By: cache-ord1745-ORD, cache-chi-kigq8000169-CHI, cache-bma1680-BMA
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 11978
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
54.230.111.71200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
IP 54.230.111.71:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 730971b89ffa8b99e4157f49a4275594
7041ce872cc30e32c6b04a958b0cf810e5fc5651
da09da5b55ce65cdb58f29842d654aa637580d8c4d5d3cddfa08de6d866dcf65
GET /box-ff00c703c3bbdf54ae44ee858d64f69e.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 18 Jan 2023 10:13:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "730971b89ffa8b99e4157f49a4275594"
last-modified: Wed, 18 Jan 2023 10:12:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: y7PuhTKN74xQuvTEy032XDTtY91ztuAL7DpaVQcPJqxGFsElVdeQzQ==
age: 696866
X-Firefox-Spdy: h2
encore.scdn.co/fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2
151.101.86.248200 OK 87 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2
IP 151.101.86.248:0
File type Web Open Font Format (Version 2), TrueType, length 87350, version 1.66\012- data
Hash db1a27b35e26398fef4be920ea96078d
436a76d889fe34eaf1c213447d3d94a5dc3adedd
847a8377ef2e424408f08c04f34697edd3ceca9f8a6455678493dd69e5d0bd47
GET /fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 87344
Last-Modified: Thu, 19 May 2022 07:59:23 GMT
ETag: "db1a27b35e26398fef4be920ea96078d"
x-goog-generation: 1652947162999500
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 87344
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Thu, 26 Jan 2023 11:47:32 GMT
Age: 17632140
X-Served-By: cache-ord1746-ORD, cache-chi-klot8100076-CHI, cache-bma1658-BMA
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 71861
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
151.101.86.248200 OK 90 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
IP 151.101.86.248:0
File type Web Open Font Format (Version 2), TrueType, length 89536, version 1.66\012- data
Hash 216b12b5a9657850b1b324e158454f8e
b02b14e1ed70d323167efa295ceb8ba156a37fab
81c0ae5eb7c7ea1bca274d51be67818e3f2577e63c9f2ee766b20e8964335db9
GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89529
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: "216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Thu, 26 Jan 2023 11:47:32 GMT
Age: 11811690
X-Served-By: cache-chi-kigq8000140-CHI, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 192582
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
encore.scdn.co/fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
151.101.86.248200 OK 86 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
IP 151.101.86.248:0
File type Web Open Font Format (Version 2), TrueType, length 85622, version 1.66\012- data
Hash 0e196bce574e01f42fc686e3e6dc4f76
330b633667a9533638955e725e53a760904170eb
94591008ecb9d40b575e52b72bd30dc31bab0b064ba132766fb80f95f85d27aa
GET /fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 85585
Last-Modified: Thu, 19 May 2022 07:59:22 GMT
ETag: "0e196bce574e01f42fc686e3e6dc4f76"
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Thu, 26 Jan 2023 11:47:32 GMT
Age: 17632143
X-Served-By: cache-ord1740-ORD, cache-chi-kigq8000179-CHI, cache-bma1671-BMA
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 104852
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js
95.101.10.202200 OK 15 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js
IP 95.101.10.202:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (47599), with no line terminators
Hash f790030a4058f34f76fa8b0e0e4285cf
955ed12553baf05025f6f19f9079bad07af10bc3
5a57474ecc2a44ecf94ceae42e672745f900749479012ee2ba9eea180ee2a265
GET /widget/static/js/0.d619df13.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 11 Jan 2023 08:35:01 GMT
x-amz-version-id: fr6Gz9d8KXQbrJuaQVT4sDUpSqjnuR9Q
server: AmazonS3
content-encoding: br
etag: W/"10a3d7ac1ed37325d3341c379ee0de69"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: M5BEPnK3INOuxV-Zd5EkJqKhsnyIsA6pc5CcKg9GF8ozNzaNoBaR7Q==
content-length: 14885
cache-control: max-age=31536000
expires: Fri, 26 Jan 2024 11:47:32 GMT
date: Thu, 26 Jan 2023 11:47:32 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
95.101.10.202200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
IP 95.101.10.202:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12852, version 1.0\012- data
Hash 3b5df7e947d77201eaf22f3dbdac08cc
21989ca07e4afe32d48982b816b8fac85ce3e668
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
GET /widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12852
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: KM8abeyaVeSEIxlLTJcUkoNH7_q4l1PlUQolOkL0_K8Ml-Hn8lULcg==
cache-control: max-age=31536000
expires: Fri, 26 Jan 2024 11:47:32 GMT
date: Thu, 26 Jan 2023 11:47:32 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
54.230.111.93200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
IP 54.230.111.93:0
File type Unicode text, UTF-8 text, with very long lines (48015)
Hash e45ceb77c1a47254136f1ef733de65df
7cc640ca25ac5232038a02fbaf6d2677871ebaf0
25e950716f031b1000c0fc674457836b68ad60912f265f7efc190f6a93a71a2d
GET /modules.ea0a6d6a741d5de8308e.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68675
date: Fri, 20 Jan 2023 11:10:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "e45ceb77c1a47254136f1ef733de65df"
last-modified: Fri, 20 Jan 2023 11:09:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -T72UDwGw_GuBBQtA96fxPDlPiu7bDw4NIM7ckdnLelXrkaZzYz00Q==
age: 520647
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/1.242d30c5.chunk.js
95.101.10.202200 OK 70 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/1.242d30c5.chunk.js
IP 95.101.10.202:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash 88298c1f3a966d806ce3dd802d2cfdb5
e19a54d47ddc9bd3ed805f6e5471ae2de613404b
9373f82e3b877dd04122dacfd587cb7f62562b53744142a734210c8af0a61dbf
GET /widget/static/js/1.242d30c5.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 16 Jan 2023 07:45:14 GMT
x-amz-version-id: Px6texczRRdv2H_bvm87pAIOH7z7Z.qa
server: AmazonS3
content-encoding: gzip
etag: W/"6cc6a8d0a347434070e1ae1406714b63"
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: BpmGXFPk1aGvtFzUfSPoO8bfNDP06kQHquXkuVVoPBldkY4nhooSMA==
content-length: 69814
cache-control: max-age=31536000
expires: Fri, 26 Jan 2024 11:47:32 GMT
date: Thu, 26 Jan 2023 11:47:32 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js
95.101.10.202200 OK 229 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js
IP 95.101.10.202:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65457)
Size 229 kB (228662 bytes)
Hash 22d99950eb1ce5bb0a2c6446dae6c974
ec8de58f1c45c7c19fd8e7de7e467105ce4479b2
9165bcba316d9b153ac6e81c63b46bbb2f530516a31d7e9628e18b9cfa2ff711
GET /widget/static/js/iframe.73879adc.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 08:47:14 GMT
x-amz-version-id: DWqeOBaonG9oWcxGU0ZIpqeLsqrYCT6x
server: AmazonS3
content-encoding: gzip
etag: W/"90cad0f1a20bbe0c7b70af650ab7491a"
vary: Accept-Encoding
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: MgLZ1iZ8LpNw3GUGmXeMSFOx05M7e3xvuc4-Sud2VVDGYvBOPceAhQ==
content-length: 228662
cache-control: max-age=31536000
expires: Fri, 26 Jan 2024 11:47:32 GMT
date: Thu, 26 Jan 2023 11:47:32 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
i.scdn.co/image/ab67656300005f1f70edda4950509274c9dea50a
151.101.86.248200 OK 65 kB URL HTTP/1.1 i.scdn.co/image/ab67656300005f1f70edda4950509274c9dea50a
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 48a3f9a3eadeb1be9c04be813c76f004
44562c40d60077d4afc30a677e71f0ecade39dcd
05a08415a389bfac823cabc527e88f2d7da83993aaf61431192e28e080d6a6f2
GET /image/ab67656300005f1f70edda4950509274c9dea50a HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 64952
Last-Modified: Mon, 19 Dec 2022 06:30:32 GMT
ETag: "48a3f9a3eadeb1be9c04be813c76f004"
x-goog-generation: 1671431432313203
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 64952
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Thu, 26 Jan 2023 11:47:32 GMT
Age: 277235
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100127-CHI, cache-bma1654-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 97, 2
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ad6ca83fa714b59451f41ae307a4278f
5b3071f1dc44316a4c30a49865d05098fbdc8c42
e3ac206c09e7f63b01a947a4df48b30189430250500b18afe6a117e4c86c4d92
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3AC206C09E7F63B01A947A4DF48B30189430250500B18AFE6A117E4C86C4D92"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13596
Expires: Thu, 26 Jan 2023 15:34:09 GMT
Date: Thu, 26 Jan 2023 11:47:33 GMT
Connection: keep-alive
o22381.ingest.sentry.io/api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.31.1
34.120.195.249200 OK 2 B URL HTTP/2 o22381.ingest.sentry.io/api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.31.1
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.31.1 HTTP/1.1
Host: o22381.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://open.spotify.com
Content-Length: 432
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 11:47:33 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ad6ca83fa714b59451f41ae307a4278f
5b3071f1dc44316a4c30a49865d05098fbdc8c42
e3ac206c09e7f63b01a947a4df48b30189430250500b18afe6a117e4c86c4d92
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3AC206C09E7F63B01A947A4DF48B30189430250500B18AFE6A117E4C86C4D92"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13596
Expires: Thu, 26 Jan 2023 15:34:09 GMT
Date: Thu, 26 Jan 2023 11:47:33 GMT
Connection: keep-alive
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 111 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a5eab0a2ae95967a8eecc66371556d9e
b07ec7ce0c2d43a69a1b8a8ee69d258eba8d04fc
f66266f2d86cb4b23750d550bb89ccda61ca109c234ed97f799b772329f46b0d
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 111
date: Thu, 26 Jan 2023 11:47:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.livechatinc.com/customer/token
95.101.10.202200 OK 138 B URL HTTP/2 accounts.livechatinc.com/customer/token
IP 95.101.10.202:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text
Hash 843a543fa0168a539481f91d528103ac
2e995aee5e1b19b02fcfaaff780fe5ffbc4300fe
8200c291ac4a28b668824204d37e3d4c8535f2bf5fa17bbef4cbaafad77c048b
POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 189
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Thu, 26 Jan 2023 11:47:33 GMT
set-cookie: __lc_cid=b45c4821-2936-49ad-46a2-58abe172e66d; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Sun, 26 Jan 2025 11:47:33 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=ebb02cb185263f73260bce7be2d7ccb306096f74dbe68f8816892db1bf2103f94408bbb70d35270dd5938e780823f727ea274df4406fa2468cd3f6c5a11c; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Sun, 26 Jan 2025 11:47:33 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=b45c4821-2936-49ad-46a2-58abe172e66d; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Sun, 26 Jan 2025 11:47:33 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=ebb02cb185263f73260bce7be2d7ccb306096f74dbe68f8816892db1bf2103f94408bbb70d35270dd5938e780823f727ea274df4406fa2468cd3f6c5a11c; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Sun, 26 Jan 2025 11:47:33 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1674733683&tag=6c4514b477f4eecba56f08ae705462ad395edffe; Path=/; Expires=Thu, 26 Jan 2023 11:48:03 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/rtm/ws?license_id=9240310
95.101.10.171101 Switching Protocols 0 B URL HTTP/1.1 api.livechatinc.com/v3.3/customer/rtm/ws?license_id=9240310
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.3/customer/rtm/ws?license_id=9240310 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NsWJWphP/pWt6rs1C4ORKw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
sec-websocket-accept: msViav+7UCcM8K16/hVytbl0IJg=
legacy: 2023-06-30
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
Date: Thu, 26 Jan 2023 11:47:33 GMT
Upgrade: websocket
Connection: Upgrade
s.kk-resources.com/leadtag.js
54.230.111.34200 OK 2.6 kB URL HTTP/1.1 s.kk-resources.com/leadtag.js
IP 54.230.111.34:0
File type C source, ASCII text, with very long lines (6910)
Hash b9c7aa9898d0e7b5d8dfa27c81eda1ac
3e22a4f4ac1fd469128de60e1a80433513242071
980531f0a81016e3a7a4c3fa56f75e7b791f1f4c09296992221bd766b91a53a0
GET /leadtag.js HTTP/1.1
Host: s.kk-resources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2595
Connection: keep-alive
X-Gravitee-Transaction-Id: 19f8a9b2-3c53-413f-b8a9-b23c53913fef
X-Gravitee-Request-Id: 19f8a9b2-3c53-413f-b8a9-b23c53913fef
ETag: "a6f24d16883e371c590c11db7a51d76d23714eef"
Request-Time: 6
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Thu, 05 Jan 2023 14:34:45 GMT
Content-Encoding: gzip
Date: Thu, 26 Jan 2023 11:34:54 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5kYJBA5Ex138_0Wxcf1q11UdAG0BzL7BghKF3D69ri80m1xIr_QV8Q==
Age: 759
sc-static.net/scevent.min.js
54.230.82.240200 OK 13 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (30923), with no line terminators
Hash 957d65dfa972893511879b4d2abce54b
a0106f59c171c72c527a88cc3b06263af186a5c4
24cae1a14856e2642826fe9d960b0e61ae60fa45a778ec61f2b7d862dc3af603
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13270
server: CloudFront
date: Thu, 26 Jan 2023 11:47:33 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Fri, 27 Jan 2023 10:59:41 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p4miKjcab8CQLSqHkT0KWw0dlF6jkspJcpJTzE97LzeiC9-FV7ArAA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f5748fe61285ac561342d29f791caa95
590c2a121202a33abc837dd6210aaf0c8f54d3fd
69003e7446655b4935fb38652b1552e4763eab5bede555e53eba97ee304d61e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
11203568.fls.doubleclick.net/activityi;src=11203568;type=all-p0;cat=visit0;ord=4412608723157;gtm=2wg1p0;auiddc=1284840033.1674733650;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F?
142.250.74.134200 OK 240 B URL HTTP/2 11203568.fls.doubleclick.net/activityi;src=11203568;type=all-p0;cat=visit0;ord=4412608723157;gtm=2wg1p0;auiddc=1284840033.1674733650;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F?
IP 142.250.74.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (456), with no line terminators
Hash 4acdb4b06eb3df5b9f3e87eb8855c188
9bd4966b301ffbb1ee7871a744b401756a10605d
373c24de1b290ed8674923fa8856f1ec4778caf9d7e57052414036d202148a39
GET /activityi;src=11203568;type=all-p0;cat=visit0;ord=4412608723157;gtm=2wg1p0;auiddc=1284840033.1674733650;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F? HTTP/1.1
Host: 11203568.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 11:47:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 240
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Jan-2023 12:02:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e42c4bc3eb1dde3e47013119de155096
ee735e961b5844018da0625bfd2476ab70500926
689f2b20a0cac8f0b3ad9fcc34ffb152ab8e935a0fb322d8e9fcb21f1a0ae151
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 0 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Thu, 26 Jan 2023 11:47:33 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 0 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Thu, 26 Jan 2023 11:47:33 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 04cb7fc8b1e2a65a0b198cc53eb5e5cd
6d04611612d81108e856467f0e4b0479cbb37d33
1c745d8ace7ea6f8e5d7da5e9c067b7b3427ce9c5a5e2c5c35d1c345266de518
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=4412608723157;gtm=2wg1p0;auiddc=1284840033.1674733650;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F
142.250.74.162200 OK 240 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=4412608723157;gtm=2wg1p0;auiddc=1284840033.1674733650;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (455), with no line terminators
Hash 4183724e0b3a6f10ff535b3973c11b13
cdbfb24af9b196a099e69bc956ceb7682044e3cd
2377f87f806bdb382fc4225ff6179dda580bcb523544e59d08a8bdedd99d50f9
GET /ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=4412608723157;gtm=2wg1p0;auiddc=1284840033.1674733650;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11203568.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 11:47:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 240
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3295d3058141b2ed6e7eeaed9c42ecca
edd6774f3c676940d6acdebc428a3d8097c07f3e
e9342908ebad694375eefc306084a3af973b934526ffd363f46dd76718664ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5373
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Last-Modified: Thu, 26 Jan 2023 10:18:01 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 858
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Thu, 26 Jan 2023 11:47:33 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3295d3058141b2ed6e7eeaed9c42ecca
edd6774f3c676940d6acdebc428a3d8097c07f3e
e9342908ebad694375eefc306084a3af973b934526ffd363f46dd76718664ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5373
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Last-Modified: Thu, 26 Jan 2023 10:18:01 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3295d3058141b2ed6e7eeaed9c42ecca
edd6774f3c676940d6acdebc428a3d8097c07f3e
e9342908ebad694375eefc306084a3af973b934526ffd363f46dd76718664ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6341
Cache-Control: max-age=161238
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Etag: "63d22267-1d7"
Expires: Sat, 28 Jan 2023 08:34:52 GMT
Last-Modified: Thu, 26 Jan 2023 06:49:11 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 04cb7fc8b1e2a65a0b198cc53eb5e5cd
6d04611612d81108e856467f0e4b0479cbb37d33
1c745d8ace7ea6f8e5d7da5e9c067b7b3427ce9c5a5e2c5c35d1c345266de518
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tr.snapchat.com/cm/i?pid=f4a91d9d-8e61-456b-92af-60615a1d4785&u_scsid=853b68f2-24bb-46b6-873d-b8e46804b4b5&u_sclid=18e07c39-e473-45d6-bebc-7cf6cc633740
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=f4a91d9d-8e61-456b-92af-60615a1d4785&u_scsid=853b68f2-24bb-46b6-873d-b8e46804b4b5&u_sclid=18e07c39-e473-45d6-bebc-7cf6cc633740
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=f4a91d9d-8e61-456b-92af-60615a1d4785&u_scsid=853b68f2-24bb-46b6-873d-b8e46804b4b5&u_sclid=18e07c39-e473-45d6-bebc-7cf6cc633740 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 11:47:34 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/p?pid=f4a91d9d-8e61-456b-92af-60615a1d4785&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fwww.fjellsport.no%2F&bt=1d53c387&if=false&m_dcl=912&m_fcps=863&m_pi=732&m_pl=2697&m_pv=v2&m_rd=3452&m_sl=3448&rf=https%3A%2F%2Fapi.kelkoogroup.net%2F&trackId=90c6009d-be4b-46bc-8f6b-6fe9e7e8de99&ts=1674733651835&u_c1=5e475177-da85-4a2e-bff6-c623ecb1f0e5&u_sclid=18e07c39-e473-45d6-bebc-7cf6cc633740&u_scsid=853b68f2-24bb-46b6-873d-b8e46804b4b5&v=2.0.0
35.190.43.134200 OK 94 B URL HTTP/2 tr.snapchat.com/p?pid=f4a91d9d-8e61-456b-92af-60615a1d4785&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fwww.fjellsport.no%2F&bt=1d53c387&if=false&m_dcl=912&m_fcps=863&m_pi=732&m_pl=2697&m_pv=v2&m_rd=3452&m_sl=3448&rf=https%3A%2F%2Fapi.kelkoogroup.net%2F&trackId=90c6009d-be4b-46bc-8f6b-6fe9e7e8de99&ts=1674733651835&u_c1=5e475177-da85-4a2e-bff6-c623ecb1f0e5&u_sclid=18e07c39-e473-45d6-bebc-7cf6cc633740&u_scsid=853b68f2-24bb-46b6-873d-b8e46804b4b5&v=2.0.0
IP 35.190.43.134:0
Hash 3e8b551f4e6865cbbf04c8b8625b9758
47750ed40f02eb686ec4a65554190abe82e54b25
2a5c977db1105ecae853588135669b35b4699c92fe48b15f3bf4d915af400fe1
GET /p?pid=f4a91d9d-8e61-456b-92af-60615a1d4785&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fwww.fjellsport.no%2F&bt=1d53c387&if=false&m_dcl=912&m_fcps=863&m_pi=732&m_pl=2697&m_pv=v2&m_rd=3452&m_sl=3448&rf=https%3A%2F%2Fapi.kelkoogroup.net%2F&trackId=90c6009d-be4b-46bc-8f6b-6fe9e7e8de99&ts=1674733651835&u_c1=5e475177-da85-4a2e-bff6-c623ecb1f0e5&u_sclid=18e07c39-e473-45d6-bebc-7cf6cc633740&u_scsid=853b68f2-24bb-46b6-873d-b8e46804b4b5&v=2.0.0 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 11:47:34 GMT
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBiQ0AIQgEwIpIYJdHyzHKVUHxNwPUhm8KOo44n8o6GtL2FOn3a+OMZXmRGT76A2kL3C0yAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 1
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 1143
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Thu, 26 Jan 2023 11:47:34 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3295d3058141b2ed6e7eeaed9c42ecca
edd6774f3c676940d6acdebc428a3d8097c07f3e
e9342908ebad694375eefc306084a3af973b934526ffd363f46dd76718664ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5373
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Last-Modified: Thu, 26 Jan 2023 10:18:01 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fdded3d5e68d5358634880be3d3f2d04
6a02176ed7735b46393d51bd142e0deace6a5007
7077e5a7a6aeee95ad600ca2a943f7062f593e12fa61e74bbb860f6019bf67b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8127133a6d1c10ce4e3cbf6028b3e555
ce62fc282eee1a28e8bff5bd677cb0a63edea598
a411d44ecbe5c57bc81fca6c3c80a8de98cf82594bdb84dbef6e541e4df8d347
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3561
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Last-Modified: Thu, 26 Jan 2023 10:48:13 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 26 Jan 2023 11:45:20 GMT
expires: Thu, 26 Jan 2023 13:45:20 GMT
cache-control: public, max-age=7200
age: 134
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7a9d8afdc2039e3c57f2978289bc61f8
6a8bacef90357fbe21dce445a5551e861ccec8db
fd8a85970e5e9a2705e30e9879eb66509f29cc450ae0e183e802438da2c74186
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1240
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Last-Modified: Thu, 26 Jan 2023 11:26:54 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
adservice.google.no/ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=4412608723157;gtm=2wg1p0;auiddc=1284840033.1674733650;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F
142.250.74.34200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=4412608723157;gtm=2wg1p0;auiddc=1284840033.1674733650;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=4412608723157;gtm=2wg1p0;auiddc=1284840033.1674733650;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 11:47:34 GMT
expires: Thu, 26 Jan 2023 11:47:34 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39395), with no line terminators
Hash 4f378a725368a42971cd69e29f75db89
2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e
6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1068C5BD2EFC4472B3DD9E379A71ABA1 Ref B: OSL30EDGE0216 Ref C: 2023-01-26T11:47:34Z
date: Thu, 26 Jan 2023 11:47:34 GMT
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 9ba458c0d3060a442f3094daf58ec05d
fc35d487d0dd81e6855f1b02367b755609d9608d
17087257ea25c2232c025f338b9f3153d35c3d953cb382b7b6e01728a643bc0b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: cGjM64RtsyDEYmGBvEK3y7AoD1R5CTHxeyVhOQtZMxUS0M1BmQyz5QUssPZoi0bzWf6N4ByiuUHkTf3qd4uS3g==
priority: u=3,i
content-length: 27859
x-fb-trip-id: 1904183273
date: Thu, 26 Jan 2023 11:47:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8127133a6d1c10ce4e3cbf6028b3e555
ce62fc282eee1a28e8bff5bd677cb0a63edea598
a411d44ecbe5c57bc81fca6c3c80a8de98cf82594bdb84dbef6e541e4df8d347
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3561
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Last-Modified: Thu, 26 Jan 2023 10:48:13 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 955
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Thu, 26 Jan 2023 11:47:34 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.criteo.net/js/ld/ld.js
178.250.2.130200 OK 15 kB URL HTTP/2 static.criteo.net/js/ld/ld.js
IP 178.250.2.130:0
Hash aa8a74e819c5382f86be969ec9e47d4b
c2dd1226b920d57b8a130a1475f312f52febcb2a
a519463e376b6acf71ab93ecd3914d44f8284ca0cd7c6f59efdc920c5591490a
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 11:47:34 GMT
content-type: text/javascript
last-modified: Mon, 02 Jan 2023 16:36:54 GMT
etag: W/"63b30826-aae4"
expires: Fri, 27 Jan 2023 11:47:34 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 04fb584bf5028a3fb1f115ed9f529ace
22f06ccfe863a5c8a695d23de11681dc3d4835e9
c7243dabf66c180561ecc8e8a49ae109768641b51357bff356d0bb5331930b19
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 91
Cache-Control: max-age=86945
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Etag: "63d1189c-139"
Expires: Fri, 27 Jan 2023 11:56:39 GMT
Last-Modified: Wed, 25 Jan 2023 11:55:08 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
region1.google-analytics.com/g/collect?v=2&tid=G-8LCQQ72GE4>m=2oe1p0&_p=997996168&cid=1651207885.1674733652&ul=en-us&sr=1280x1024&uaW=1&_s=1&dl=%2F&dt=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&sid=1674733651&sct=1&seg=0&dr=https%3A%2F%2Fapi.kelkoogroup.net%2F&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-8LCQQ72GE4>m=2oe1p0&_p=997996168&cid=1651207885.1674733652&ul=en-us&sr=1280x1024&uaW=1&_s=1&dl=%2F&dt=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&sid=1674733651&sct=1&seg=0&dr=https%3A%2F%2Fapi.kelkoogroup.net%2F&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8LCQQ72GE4>m=2oe1p0&_p=997996168&cid=1651207885.1674733652&ul=en-us&sr=1280x1024&uaW=1&_s=1&dl=%2F&dt=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&sid=1674733651&sct=1&seg=0&dr=https%3A%2F%2Fapi.kelkoogroup.net%2F&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fjellsport.no
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.fjellsport.no
date: Thu, 26 Jan 2023 11:47:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5820557&tm=gtm002&Ver=2&mid=3ca9f574-9c46-43aa-8d6d-3cae112f966d&sid=37ec8bb09d6f11edb47c49b8a021d7e0&vid=37ecaf309d6f11ed998575e9bf3fcd4f&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&p=https%3A%2F%2Fwww.fjellsport.no%2F&r=https%3A%2F%2Fapi.kelkoogroup.net%2F<=2696&evt=pageLoad&sv=1&rn=766381
204.79.197.200204 No Content 239 B URL HTTP/2 bat.bing.com/action/0?ti=5820557&tm=gtm002&Ver=2&mid=3ca9f574-9c46-43aa-8d6d-3cae112f966d&sid=37ec8bb09d6f11edb47c49b8a021d7e0&vid=37ecaf309d6f11ed998575e9bf3fcd4f&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&p=https%3A%2F%2Fwww.fjellsport.no%2F&r=https%3A%2F%2Fapi.kelkoogroup.net%2F<=2696&evt=pageLoad&sv=1&rn=766381
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type gzip compressed data, from Unix\012- data
Hash f9736f5d0c3f36cde642023404e4af92
9bd85e5292515f9e6d7837a986a9a27eef9224a8
738d3ed5a801555cd79fcbe7fe2d88c84b69665487630d170715f8db174a274f
GET /action/0?ti=5820557&tm=gtm002&Ver=2&mid=3ca9f574-9c46-43aa-8d6d-3cae112f966d&sid=37ec8bb09d6f11edb47c49b8a021d7e0&vid=37ecaf309d6f11ed998575e9bf3fcd4f&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&p=https%3A%2F%2Fwww.fjellsport.no%2F&r=https%3A%2F%2Fapi.kelkoogroup.net%2F<=2696&evt=pageLoad&sv=1&rn=766381 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=078E85482E766F32298E97ED2F836EB1; domain=.bing.com; expires=Tue, 20-Feb-2024 11:47:34 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D190511F54FA4EF691CCEFC88EF3FEC6 Ref B: OSL30EDGE0216 Ref C: 2023-01-26T11:47:34Z
date: Thu, 26 Jan 2023 11:47:34 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 190a3bc280ae77bcdd9d5404a4827845
7a87ca451b0fa21d44faace1c2ddbb4dede06133
95988c13b98d7164f7bf530e59b411a3ba26eab34bfb0898191e96ee29704ab0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1379067-1&cid=1651207885.1674733652&jid=26854271&gjid=179592777&_gid=149748825.1674733652&_u=YCDAgEABAAAAAEgCI~&z=1215171652
173.194.73.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1379067-1&cid=1651207885.1674733652&jid=26854271&gjid=179592777&_gid=149748825.1674733652&_u=YCDAgEABAAAAAEgCI~&z=1215171652
IP 173.194.73.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1379067-1&cid=1651207885.1674733652&jid=26854271&gjid=179592777&_gid=149748825.1674733652&_u=YCDAgEABAAAAAEgCI~&z=1215171652 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.fjellsport.no
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.fjellsport.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 26 Jan 2023 11:47:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/p/action/5820557.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5820557.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5820557.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AC71A871D91B4794A25A0D2B230DBD80 Ref B: OSL30EDGE0216 Ref C: 2023-01-26T11:47:34Z
date: Thu, 26 Jan 2023 11:47:34 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 18 kB IP 142.250.74.131:0
Hash 06bc13c9c6fa0fdd76e075946d74556b
9bc09550f39a64630ade90548015c44c0ecfa430
3294ad49905de29aa00ec85b69eb0c9d0ae98488dfcfed161b7d8cd7e8280e73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1379067-1&cid=1651207885.1674733652&jid=26854271&_u=YCDAgEABAAAAAEgCI~&z=1754761560
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1379067-1&cid=1651207885.1674733652&jid=26854271&_u=YCDAgEABAAAAAEgCI~&z=1754761560
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1379067-1&cid=1651207885.1674733652&jid=26854271&_u=YCDAgEABAAAAAEgCI~&z=1754761560 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 11:47:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 810bf2bf9f302d0a65b1e0b447b549ef
d6ddcc1e64a1392f5942c0fc45864a282a93854e
f61096b63e6f62872d6d30aac7671c72403bba82f4f5c555add8e0997675f712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1379067-1&cid=1651207885.1674733652&jid=26854271&_u=YCDAgEABAAAAAEgCI~&z=1754761560
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1379067-1&cid=1651207885.1674733652&jid=26854271&_u=YCDAgEABAAAAAEgCI~&z=1754761560
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1379067-1&cid=1651207885.1674733652&jid=26854271&_u=YCDAgEABAAAAAEgCI~&z=1754761560 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 11:47:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=3072056353006498&ev=PageView&dl=https%3A%2F%2Fwww.fjellsport.no%2F&rl=https%3A%2F%2Fapi.kelkoogroup.net%2F&if=false&ts=1674733652586&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674733652586.1569349507&it=1674733652344&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=3072056353006498&ev=PageView&dl=https%3A%2F%2Fwww.fjellsport.no%2F&rl=https%3A%2F%2Fapi.kelkoogroup.net%2F&if=false&ts=1674733652586&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674733652586.1569349507&it=1674733652344&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=3072056353006498&ev=PageView&dl=https%3A%2F%2Fwww.fjellsport.no%2F&rl=https%3A%2F%2Fapi.kelkoogroup.net%2F&if=false&ts=1674733652586&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674733652586.1569349507&it=1674733652344&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Jan 2023 11:47:34 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 726f79ed38626e3b7ea4f051cfddd9ce
018c66d36d3db07220b55c1c41b973b3d5cd99aa
4b75473f5c012f09c9ed5303a179cbf3fd526043913687ba1977b223daf73b0b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5424
Cache-Control: max-age=98355
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Etag: "63d13059-13a"
Expires: Fri, 27 Jan 2023 15:06:49 GMT
Last-Modified: Wed, 25 Jan 2023 13:36:25 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 314
gum.criteo.com/syncframe?topUrl=www.fjellsport.no&origin=onetag
178.250.2.146200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=www.fjellsport.no&origin=onetag
IP 178.250.2.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash bd5e9f459a0c4293b61ddd653ecd0c55
6a37172a4e2236f082db2997d4fdea441adf4256
18d03d62191e1f2740f8c55c47f03bd33395e34668bdcefd72cdf1cbba2951c0
GET /syncframe?topUrl=www.fjellsport.no&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 11:47:34 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=fbcc201c-3269-4b82-b24c-361740fa1f73; expires=Tue, 20 Feb 2024 11:47:34 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 501087
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash c3fa0acd495f7caf6e73cd7d11915aa1
68214131a41d142e3f8cb2fc73fbc9a0d7ab5040
d343cb2efb8921f99f1acef382f5296d9f582fb8ad8d79b80d49e23bd7606a8c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5059
Cache-Control: max-age=151323
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Etag: "63d200ae-139"
Expires: Sat, 28 Jan 2023 05:49:37 GMT
Last-Modified: Thu, 26 Jan 2023 04:25:18 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash c3fa0acd495f7caf6e73cd7d11915aa1
68214131a41d142e3f8cb2fc73fbc9a0d7ab5040
d343cb2efb8921f99f1acef382f5296d9f582fb8ad8d79b80d49e23bd7606a8c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5125
Cache-Control: max-age=151389
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:34 GMT
Etag: "63d200ae-139"
Expires: Sat, 28 Jan 2023 05:50:43 GMT
Last-Modified: Thu, 26 Jan 2023 04:25:18 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 61ed808df18aaee0930bf2b833b2e814
96f45c743bc1790e3eb55092acd7e58d5a7819ad
74ed4feb1cf30336a7a8fb71293a7332e3ffd86c0039e6a312c59042216ea6ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "74ED4FEB1CF30336A7A8FB71293A7332E3FFD86C0039E6A312C59042216EA6AD"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2673
Expires: Thu, 26 Jan 2023 12:32:08 GMT
Date: Thu, 26 Jan 2023 11:47:35 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 4b4d556361d4b33b10e6a298b8b04231
b2fc8f6cba942967f609b46486e0d63d66daadc8
3eaa5cea118a9e6580c0355d86939e7e4afcdbe1dc442674c7ecad366a8bf294
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136202
Date: Thu, 26 Jan 2023 11:47:35 GMT
Etag: "63d1cb3c-1d7"
Expires: Sat, 28 Jan 2023 01:37:37 GMT
Last-Modified: Thu, 26 Jan 2023 00:37:16 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ctr6ml5ZZ2IdmJ_8l4T3cQ3A57qankVSsX2knalz4jW9k5g0iaNG5g==
Age: 3621
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash ba60dfe4fb88caab6398734acabde793
f1fe492140068113a4f6284f49e175b93636b49f
f7f1f2ff4f97d2602a25ddfbc247cacf0c82bf94409ea393d9df6324cde92751
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 11:47:35 GMT
Last-Modified: Thu, 26 Jan 2023 10:36:29 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aLvFnpkcGzayr7Tx9IlZq95mKsQz_olZAoKR5XpYhVOolX-UJsWmrQ==
Age: 4266
matching.ivitrack.com/sync?realm=criteo&uid=k-qPj93Wo_sBszyksYF12usbr9NFIj6q_SripwoA
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-qPj93Wo_sBszyksYF12usbr9NFIj6q_SripwoA
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-qPj93Wo_sBszyksYF12usbr9NFIj6q_SripwoA HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Thu, 26 Jan 2023 11:47:35 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 22
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-2S_jJGo_sBszyksYF12usbr9NFISn8DCHjAaFA
18.195.73.173302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-2S_jJGo_sBszyksYF12usbr9NFISn8DCHjAaFA
IP 18.195.73.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-2S_jJGo_sBszyksYF12usbr9NFISn8DCHjAaFA HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 26 Jan 2023 11:47:35 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-2S_jJGo_sBszyksYF12usbr9NFISn8DCHjAaFA
set-cookie: tuuid=748bf66b-3103-4dc4-aa0d-4ef920cecc6b; Expires=Wed, 26 Apr 2023 11:47:35 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1674733655; Expires=Wed, 26 Apr 2023 11:47:35 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-vpe4tmo_sBszyksYF12usbr9NFJfHZcuMi-qlG-Ay-4phO8C
18.197.252.47200 OK 523 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-vpe4tmo_sBszyksYF12usbr9NFJfHZcuMi-qlG-Ay-4phO8C
IP 18.197.252.47:0
Hash acf193db2326b917b2665e6f706319b7
95bbc3bca737b84d35eda3a5fde7b346110568dc
a5c1324f386761d5cbe7aac90226c5b6f6bcc64e200ffdb1e79296b7c4c1edad
GET /usersync/push?partner=criteo&partnerId=k-vpe4tmo_sBszyksYF12usbr9NFJfHZcuMi-qlG-Ay-4phO8C HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 11:47:35 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%2239c4c180-9d6f-11ed-b65b-ed34aeb483fd%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 09 Feb 2023 11:47:35 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%2239c4c180-9d6f-11ed-b65b-ed34aeb483fd%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 09 Feb 2023 11:47:35 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%2239c4c180-9d6f-11ed-b65b-ed34aeb483fd%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 09 Feb 2023 11:47:35 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%2239c4c180-9d6f-11ed-b65b-ed34aeb483fd%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 09 Feb 2023 11:47:35 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-vpe4tmo_sBszyksYF12usbr9NFJfHZcuMi-qlG-Ay-4phO8C%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Thu, 09 Feb 2023 11:47:35 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 26 Jan 2023 11:47:34 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 929236
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-2S_jJGo_sBszyksYF12usbr9NFISn8DCHjAaFA
18.195.73.173200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-2S_jJGo_sBszyksYF12usbr9NFISn8DCHjAaFA
IP 18.195.73.173:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-2S_jJGo_sBszyksYF12usbr9NFISn8DCHjAaFA HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 11:47:35 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 34c6c87358e04f2487a4fcb466d2ad17
2e99bb20b81b80930471f736676e4dd3a093a9cd
db58d2601ad2308da96f8998b9b5e39c3c48b910c0f141230a757b9985b536fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2892ad526c4f55ae4025bf28c7461281
baf83f9b89b7c1d2c6dd0342058d444657da256e
cab8f28b37a5d5a2063f860fe8560631729b0da700bfe6cb60c7894a0144ebfe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3925
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:35 GMT
Last-Modified: Thu, 26 Jan 2023 10:42:10 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 8d8c78e0f8489123b947ef59de71c4e9
0e2522b86720a568ef6e22672be698f5f52d1f54
90e0d90736d59a7b885b91c0ca566731deceba8b97c6a09682ebb04a78cb6045
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 11:47:35 GMT
Last-Modified: Thu, 26 Jan 2023 11:32:25 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: A2VTlB4vOlFHgUncJfP18AFcLJ5iKb0u2QKDzw-0KWPL6TAkmCW8Xg==
Age: 910
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4fed69565ceab3f7d13caae0921dcbc7
6619cd41cc183cbebd9eb0de90105bd7437fd8a3
06339124aa4a93d8811614cac0418fdbdc60cad00afc74ad798e257d10990e90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06339124AA4A93D8811614CAC0418FDBDC60CAD00AFC74AD798E257D10990E90"
Last-Modified: Wed, 25 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19345
Expires: Thu, 26 Jan 2023 17:10:00 GMT
Date: Thu, 26 Jan 2023 11:47:35 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash debb9dfabd1a821241ec043c314e0714
39a7d341a0b700932390456fff4cfc21ededd955
31a5325ae7db20eef29f49ffbeca46a3dbb4a6a107a51e2f190bc8875a17c2b4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5554
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:35 GMT
Last-Modified: Thu, 26 Jan 2023 10:15:01 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3b05228636da1895c006b9c830835800
76e3923baa6b83f65f6ceba9498d5c122fed11ce
ccd03a68186aa3eb631df6b57e4159f506bd0ec1aee6b4d5654a28c0ef48681d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2826
Cache-Control: max-age=101514
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 11:47:35 GMT
Etag: "63d146d7-1d7"
Expires: Fri, 27 Jan 2023 15:59:29 GMT
Last-Modified: Wed, 25 Jan 2023 15:12:23 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
open.spotify.com/embed/episode/6MfBgdQhmQzI1Iv9MJfrsR?utm_source=generator&theme=0
35.186.224.25200 OK 0 B URL HTTP/2 open.spotify.com/embed/episode/6MfBgdQhmQzI1Iv9MJfrsR?utm_source=generator&theme=0
IP 35.186.224.25:0
GET /embed/episode/6MfBgdQhmQzI1Iv9MJfrsR?utm_source=generator&theme=0 HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 11:47:31 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding,Accept-Encoding
set-cookie: sp_t=43dd5fc5b9c1d28e26a1b8b6a981153c; path=/; expires=Fri, 26 Jan 2024 11:47:31 GMT; domain=.spotify.com; samesite=none; secure
sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fepisode%2F6MfBgdQhmQzI1Iv9MJfrsR%3Fsp_cid%3D43dd5fc5b9c1d28e26a1b8b6a981153c%26device%3Ddesktop%26utm_source%3Dgenerator; path=/; expires=Fri, 27 Jan 2023 11:47:31 GMT; domain=.spotify.com; samesite=none; secure; httponly
content-encoding: gzip
x-envoy-upstream-service-time: 39
sp-trace-id: e0c338d0fa9000a5
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tr.snapchat.com/config/no/f4a91d9d-8e61-456b-92af-60615a1d4785.js
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/config/no/f4a91d9d-8e61-456b-92af-60615a1d4785.js
IP 35.190.43.134:0
GET /config/no/f4a91d9d-8e61-456b-92af-60615a1d4785.js HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fjellsport.no
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 11:47:34 GMT
access-control-allow-origin: https://www.fjellsport.no
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-75470.js?sv=7
54.230.111.39200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-75470.js?sv=7
IP 54.230.111.39:0
GET /c/hotjar-75470.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 26 Jan 2023 11:47:13 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/39af1d35257b6a1d67bc54e586be91b3
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C8-x2XqAqmKqLVzc2EDAAqTTwzFpz4nOUWmeZErxjLZFJaWDCjkT7A==
age: 18
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=Qf63CF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czljd2ROOVo2RkNrMGhnTlFpMzdSTHE1Y0dzYkFqRlFPJTJCbWIxeW12bFluSA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 11:47:34 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=E0dsA180M0RITmhlJTJCZkMwOUJGQlhaMUN2czljd2ROOVo2RkNrMGhnTlFpMzdSTHJDMzl6VXBkZE1ScnZKTjNjNEJSWGE; expires=Tue, 20 Feb 2024 11:47:34 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 252587
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.21200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.21:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 11:47:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 85940
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.71200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.71:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 11:47:34 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 91712
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=fjellsport.no&sn=FirefoxSyncframe&so=0&topUrl=www.fjellsport.no&info=E0dsA180M0RITmhlJTJCZkMwOUJGQlhaMUN2czljd2ROOVo2RkNrMGhnTlFpMzdSTHJDMzl6VXBkZE1ScnZKTjNjNEJSWGE&idsd=-198099438,-1036980388&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=fjellsport.no&sn=FirefoxSyncframe&so=0&topUrl=www.fjellsport.no&info=E0dsA180M0RITmhlJTJCZkMwOUJGQlhaMUN2czljd2ROOVo2RkNrMGhnTlFpMzdSTHJDMzl6VXBkZE1ScnZKTjNjNEJSWGE&idsd=-198099438,-1036980388&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=onetag&domain=fjellsport.no&sn=FirefoxSyncframe&so=0&topUrl=www.fjellsport.no&info=E0dsA180M0RITmhlJTJCZkMwOUJGQlhaMUN2czljd2ROOVo2RkNrMGhnTlFpMzdSTHJDMzl6VXBkZE1ScnZKTjNjNEJSWGE&idsd=-198099438,-1036980388&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=www.fjellsport.no&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 11:47:34 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1320714
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2