| orangeboring.com/?a=10282&c=1548&s1=&s2=&s3=&s4=&s5=&ckmguid=aba7fa87-ba54-4f06-856f-046efd7c395c | 52.208.66.230 | | 240 B |
URL orangeboring.com/?a=10282&c=1548&s1=&s2=&s3=&s4=&s5=&ckmguid=aba7fa87-ba54-4f06-856f-046efd7c395c IP52.208.66.230:0
File typeHTML document, ASCII text, with CRLF line terminators Hash95929119ccbecae5f0bb65bf97299ac2 c1f91b788acc0979ad3d3864361b1863fc71c242 c2d8e4874969e33878543e1f12a8c2f0495a1b714688d1fd240186a36269cc4e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?a=10282&c=1548&s1=&s2=&s3=&s4=&s5=&ckmguid=aba7fa87-ba54-4f06-856f-046efd7c395c HTTP/1.1
Host: orangeboring.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 240
Content-Type: text/html; charset=utf-8
Date: Fri, 26 Apr 2024 17:45:57 GMT
Location: https://silence.whisperinggalaxy.com/a8409f07-d408-408c-8b41-d01e5c7af5f1?s1=&s2=&s3=&s4=&s5=&aid=10282
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=DV/76Tvs33lXMJV0cuAH/ar/r+qd73ZysKE+CwQS2uH6OGmnFvR8xw==; domain=.orangeboring.com; path=/; HttpOnly
trk=OqZ6unftIvItnxbFZN9Tlar/r+qd73ZysKE+CwQS2uH6OGmnFvR8xw==; domain=.orangeboring.com; expires=Sun, 26-Apr-2026 17:45:57 GMT; path=/; HttpOnly
c4762=DV/76Tvs33kHkTodoj0WHHmRuqLoeWU1ISpkMquK8nrbb8BKJEELeQ==; domain=.orangeboring.com; expires=Sun, 26-May-2024 17:45:57 GMT; path=/; HttpOnly
Connection: close
|
|
| silence.whisperinggalaxy.com/a8409f07-d408-408c-8b41-d01e5c7af5f1?s1=&s2=&s3=&s4=&s5=&aid=10282 | 3.126.25.249 | | 0 B |
URL silence.whisperinggalaxy.com/a8409f07-d408-408c-8b41-d01e5c7af5f1?s1=&s2=&s3=&s4=&s5=&aid=10282 IP3.126.25.249:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a8409f07-d408-408c-8b41-d01e5c7af5f1?s1=&s2=&s3=&s4=&s5=&aid=10282 HTTP/1.1
Host: silence.whisperinggalaxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 26 Apr 2024 17:45:57 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://pointsafes.com/?a=10282&c=69668&p=r&s1=&s2=&s3=&s4=&s5=
pragma: no-cache
set-cookie: a8409f07-d408-408c-8b41-d01e5c7af5f1-v4=2GKtTXZJRXW2g79M2AtYvcHY2_IGlF8NbyQrzTyBa3Q; Max-Age=86400; Expires=Sat, 27-Apr-2024 17:45:57 GMT; Domain=silence.whisperinggalaxy.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=jfylDxglxn9akxRF9lx1jJM1CB%2B0g6qJhZK8pPD2AO%2B6tj4UZEPT00Yp8jvdzjXH%2BxMX4jsMRxcC8IUKbJChodR%2FrQTbBWmdDnmmAYTn5NzPce7H8V8T5re%2BlXvyva%2BthYUjmJbqoJ9a26A4UuDnQw%3D%3D; Max-Age=31536000; Expires=Sat, 26-Apr-2025 17:45:57 GMT; Domain=silence.whisperinggalaxy.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| pointsafes.com/?a=10282&c=69668&p=r&s1=&s2=&s3=&s4=&s5= | 52.210.254.219 | | 256 B |
URL pointsafes.com/?a=10282&c=69668&p=r&s1=&s2=&s3=&s4=&s5= IP52.210.254.219:0
File typeHTML document, ASCII text, with CRLF line terminators Hashc2eb7936be5bfbd91c78fa496303c9ad 77ec2268daa7320fb426f67e7b5fbf78dd519f82 0c520db461f31eb9a3d953edf44ecba8a4cbf3d6659d5598e290ac3297eae941
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?a=10282&c=69668&p=r&s1=&s2=&s3=&s4=&s5= HTTP/1.1
Host: pointsafes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 256
Content-Type: text/html; charset=utf-8
Date: Fri, 26 Apr 2024 17:45:57 GMT
Location: https://safeclink.com/?a=10282&c=69668&p=r&s1=&s2=&s3=&s4=&s5=&ckmguid=106d61a1-2389-4a06-9e45-486c5028098b
Connection: close
|
|
| safeclink.com/?a=10282&c=69668&p=r&s1=&s2=&s3=&s4=&s5=&ckmguid=106d61a1-2389-4a06-9e45-486c5028098b | 52.210.254.219 | | 288 B |
URL safeclink.com/?a=10282&c=69668&p=r&s1=&s2=&s3=&s4=&s5=&ckmguid=106d61a1-2389-4a06-9e45-486c5028098b IP52.210.254.219:0
File typeHTML document, ASCII text, with CRLF line terminators Hash44aa3f053e06b00c6ebd63b0343584a1 427950d15005013402e243970ae703d62581e116 e55d616dd96f866297c2afecacd3856837a1d0d0005b29340dfca1c0859f6df6
GET /?a=10282&c=69668&p=r&s1=&s2=&s3=&s4=&s5=&ckmguid=106d61a1-2389-4a06-9e45-486c5028098b HTTP/1.1
Host: safeclink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 288
Content-Type: text/html; charset=utf-8
Date: Fri, 26 Apr 2024 17:45:57 GMT
Location: https://ogngqz.meyoudate.net/?utm_source=da57dc555e50572d&s1=187482&s2=1994588&s3=10282&s5=&click_id=121839923&ban=other&j5=1&j6=1&j9=1
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=yZNX4V8L28Y+OEnoHwWG+Kr/r+qd73ZyuGgRLEO365JyQc2UZx20vw==; domain=.safeclink.com; path=/; HttpOnly
trk=UJb2hvu0cMz/W9cOBOI+vqr/r+qd73ZyuGgRLEO365JyQc2UZx20vw==; domain=.safeclink.com; expires=Sun, 26-Apr-2026 17:45:57 GMT; path=/; HttpOnly
c4538=yZNX4V8L28b/JEcQ7b6QXoR1zMu4aRbD3dLCaTAoOGHbb8BKJEELeQ==; domain=.safeclink.com; expires=Sun, 26-May-2024 17:45:57 GMT; path=/; HttpOnly
Connection: close
|
|
| ogngqz.meyoudate.net/?utm_source=da57dc555e50572d&s1=187482&s2=1994588&s3=10282&s5=&click_id=121839923&ban=other&j5=1&j6=1&j9=1 | 52.19.138.177 | | 131 B |
URL ogngqz.meyoudate.net/?utm_source=da57dc555e50572d&s1=187482&s2=1994588&s3=10282&s5=&click_id=121839923&ban=other&j5=1&j6=1&j9=1 IP52.19.138.177:0
File typeHTML document, ASCII text Hash0a46caf2c1bdba84eaa75a541a3034a8 4bbd3775cb72ed326dc88fe76c4217b4509f2a44 424fc4406018be5c109a7961cba1f387902ce606ad7f39cfcd29ba9228116905
GET /?utm_source=da57dc555e50572d&s1=187482&s2=1994588&s3=10282&s5=&click_id=121839923&ban=other&j5=1&j6=1&j9=1 HTTP/1.1
Host: ogngqz.meyoudate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 26 Apr 2024 17:45:58 GMT
content-type: text/html; charset=utf-8
content-length: 131
location: https://my.link23456.com/click?o=7315&a=198&sub_id1=xzghz662be856000c5842&sub_id3=187482_1994588
set-cookie: unique_id=662b1fb70006de44; Path=/; Expires=Tue, 25 Jun 2024 17:45:58 GMT; Secure; SameSite=None
unique_id2=662aea8e00040130; Path=/; Expires=Thu, 25 Jul 2024 17:45:58 GMT; Secure; SameSite=None
662aea8e00040130_c=1; Path=/; Expires=Thu, 25 Jul 2024 17:45:58 GMT; Secure; SameSite=None
ref_token=209451_199931_199209_165982_145864_187482; Path=/; Expires=Sun, 26 May 2024 17:45:58 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Fri, 26 Apr 2024 17:45:58 GMT; Secure; SameSite=None
tid=xzghz662be856000c5842; Path=/; Expires=Sat, 31 Mar 2029 17:45:58 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| my.link23456.com/favicon.ico | 3.121.166.131 | | 0 B |
URL my.link23456.com/favicon.ico IP3.121.166.131:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: my.link23456.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: U-f2c5b1f06bfe59954cb2a56858c2ed98=unique; o_f2c5b1f06bfe59954cb2a56858c2ed98=ffb079aa-7364-4264-ad7a-62250ac0a176
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: awselb/2.0
date: Fri, 26 Apr 2024 17:45:58 GMT
content-type: text/plain; charset=utf-8
content-length: 0
X-Firefox-Spdy: h2
|
|
| bt.hillertal.com/click?pid=518&offer_id=7696&sub1=198&sub3=72fd3d48428af463f5a04179effb97f2 | 34.147.1.177 | | 0 B |
URL bt.hillertal.com/click?pid=518&offer_id=7696&sub1=198&sub3=72fd3d48428af463f5a04179effb97f2 IP34.147.1.177:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=518&offer_id=7696&sub1=198&sub3=72fd3d48428af463f5a04179effb97f2 HTTP/1.1
Host: bt.hillertal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 26 Apr 2024 17:45:58 GMT
content-length: 0
location: https://flirtingnearby.com/tds/ae?tdsId=s0556pod_r&tds_campaign=s0556pod&p1=b5126pod&s1=int&utm_source=int&utm_term=1&affid=65511f88&subid=518&subid2=198&clickid=662be8568d82260001959f0c
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=662be8568d82260001959f0c; expires=Sat, 26 Apr 2025 17:45:58 GMT; secure; SameSite=None
afoffers={"7696":1714153558}; expires=Sat, 26 Apr 2025 17:45:58 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-E4HT1NRVN7 | 142.250.74.168 | 200 OK | 89 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-E4HT1NRVN7 IP142.250.74.168:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Hashaa889378e45966150b09be84ca5cf04a 88218327117cdf428a79590dbcc61b0db104c109 463dbd8a3154c16a1b4115e98b0b660a701156f0b078269b0cba1d8e98ff8716
GET /gtag/js?id=G-E4HT1NRVN7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t10025.bareflort.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 17:46:00 GMT
expires: Fri, 26 Apr 2024 17:46:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88707
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| s03.ndcdn.com/promo-static/img/landing0109/_locale/nb_NO/desktop-bg.jpg?v=3.0.1.master.20240325073054 | 188.114.97.1 | 200 OK | 1.2 MB |
URL GET HTTP/2s03.ndcdn.com/promo-static/img/landing0109/_locale/nb_NO/desktop-bg.jpg?v=3.0.1.master.20240325073054 IP188.114.97.1:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerGoogle Trust Services LLC Subjectndcdn.com Fingerprint41:63:79:AD:52:D3:6C:03:5D:30:00:A4:9C:9B:48:44:3A:E0:58:B3 ValidityTue, 27 Feb 2024 16:21:45 GMT - Mon, 27 May 2024 16:21:44 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x1334, components 3 Size1.2 MB (1185281 bytes) Hash0f7e923c7450013fa079a6d52bfa884f 51a7f2b632ada5feda98d8e401a2826c25bc7543 56a22f66852f88952a194e943515f2301a28131a3f7a394c64955b501d1b25ea
GET /promo-static/img/landing0109/_locale/nb_NO/desktop-bg.jpg?v=3.0.1.master.20240325073054 HTTP/1.1
Host: s03.ndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t10025.bareflort.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:00 GMT
content-type: image/jpeg
content-length: 1185281
last-modified: Mon, 26 Sep 2022 13:11:45 GMT
etag: "6331a511-121601"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 116918
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXi3m0apdBX9E3myNnIg15zMO9ncyaLH4hinXBJCzbz6QujWAiLEjF7BVU31SlSH3oPzmgZibTz1tDcqhMTyVChJeb2u6pBVg3M1%2B2exP7F70caHb9KT95YTSZXcsa5d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a863cb69af5687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| s01.ndcdn.com/promo/node_modules/g4.font.family/fonts/Roboto-Regular.woff | 188.114.97.1 | 200 OK | 74 kB |
URL GET HTTP/3s01.ndcdn.com/promo/node_modules/g4.font.family/fonts/Roboto-Regular.woff IP188.114.97.1:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerGoogle Trust Services LLC Subjectndcdn.com Fingerprint41:63:79:AD:52:D3:6C:03:5D:30:00:A4:9C:9B:48:44:3A:E0:58:B3 ValidityTue, 27 Feb 2024 16:21:45 GMT - Mon, 27 May 2024 16:21:44 GMT
File typeWeb Open Font Format, TrueType, length 74048, version 1.-30931 Hashe391b23632ac2eef2e4d074fb0a9166c ce6a58d983bfcc7fe17a6900bfc44e7eb3104ae2 8e363031576e1d8c7d18952dd2fb30006a8acd9937bc034d24017e650e803d78
GET /promo/node_modules/g4.font.family/fonts/Roboto-Regular.woff HTTP/1.1
Host: s01.ndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://t10025.bareflort.no
DNT: 1
Connection: keep-alive
Referer: https://s01.ndcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:01 GMT
content-type: application/font-woff
content-length: 74048
last-modified: Mon, 25 Mar 2024 06:33:15 GMT
etag: "66011aab-12140"
expires: Sun, 26 May 2024 15:49:17 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7004
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MTdnVQ%2Bq63wlllUDCSzUW%2FuacwqacGWZDbqDvmO59frL7q5XbRPMNgCWXrDxZeEmBG5LkjB8qfOHfNwKIq1Y%2BnX6WTXutQNR9IqJhsRo1%2FU0KAOb874Mi4vkyxU905cb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a863cd6ac11bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| s01.ndcdn.com/promo/node_modules/g4.font.family/fonts/Roboto-Bold.woff | 188.114.97.1 | 200 OK | 90 kB |
URL GET HTTP/3s01.ndcdn.com/promo/node_modules/g4.font.family/fonts/Roboto-Bold.woff IP188.114.97.1:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerGoogle Trust Services LLC Subjectndcdn.com Fingerprint41:63:79:AD:52:D3:6C:03:5D:30:00:A4:9C:9B:48:44:3A:E0:58:B3 ValidityTue, 27 Feb 2024 16:21:45 GMT - Mon, 27 May 2024 16:21:44 GMT
File typeWeb Open Font Format, TrueType, length 90308, version 0.0 Hasheb43b4c3b3b6cac224f76c0a524946a1 a04489f521e6e80cee317578cc29185f255a3472 efc87488978374cb2eaf2566aaab1774c4be67ee939f6db8698b955972bf355a
GET /promo/node_modules/g4.font.family/fonts/Roboto-Bold.woff HTTP/1.1
Host: s01.ndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://t10025.bareflort.no
DNT: 1
Connection: keep-alive
Referer: https://s01.ndcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:01 GMT
content-type: application/font-woff
content-length: 90308
last-modified: Mon, 25 Mar 2024 06:33:15 GMT
etag: "66011aab-160c4"
expires: Sat, 04 May 2024 20:39:23 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1890398
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4905WsBYg7XqYeY%2F278h377qxxEv1b8aNDNn0YjNmxP2CnXrluNWJidIVLNlLK6Un9YXX1%2Bdh2LKrTl3pTnLPC3vubFV5Y4mhxJk%2F1FFGjCWUfm9FN5kYTvmTZ7FA744"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a863cd6ace1bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| s01.ndcdn.com/promo/node_modules/g4.font.family/fonts/Roboto-Medium.woff | 188.114.97.1 | 200 OK | 70 kB |
URL GET HTTP/3s01.ndcdn.com/promo/node_modules/g4.font.family/fonts/Roboto-Medium.woff IP188.114.97.1:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerGoogle Trust Services LLC Subjectndcdn.com Fingerprint41:63:79:AD:52:D3:6C:03:5D:30:00:A4:9C:9B:48:44:3A:E0:58:B3 ValidityTue, 27 Feb 2024 16:21:45 GMT - Mon, 27 May 2024 16:21:44 GMT
File typeWeb Open Font Format, TrueType, length 70276, version 1.-30931 Hash21297989cd4684c635ec8d2415626f22 df93b539d4c61a8786634d8f187d652800aa2e18 73a25b9ad1417676f420e994e387a403ed672a7a58d2f86e760e0837874a23fb
GET /promo/node_modules/g4.font.family/fonts/Roboto-Medium.woff HTTP/1.1
Host: s01.ndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://t10025.bareflort.no
DNT: 1
Connection: keep-alive
Referer: https://s01.ndcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:01 GMT
content-type: application/font-woff
content-length: 70276
last-modified: Mon, 25 Mar 2024 06:33:15 GMT
etag: "66011aab-11284"
expires: Sat, 11 May 2024 07:49:03 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1331818
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jMCjHMai%2F4iX%2BcoFsjfytxEC1oeYE5LBkdHXF3z1yRBxtFdh9BTIb96mH0gp%2B7IXO%2FMZ0%2FcrpItAt3kelA5zhH2zskx%2FbHYZWOdfPYCPdo7fp%2Bob39o9OvTVUD62Taa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a863cd7ad11bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| s01.ndcdn.com/promo/node_modules/g4.font.icons/fonts/icons0007.woff?-9ll32q | 188.114.97.1 | 200 OK | 254 kB |
URL GET HTTP/3s01.ndcdn.com/promo/node_modules/g4.font.icons/fonts/icons0007.woff?-9ll32q IP188.114.97.1:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerGoogle Trust Services LLC Subjectndcdn.com Fingerprint41:63:79:AD:52:D3:6C:03:5D:30:00:A4:9C:9B:48:44:3A:E0:58:B3 ValidityTue, 27 Feb 2024 16:21:45 GMT - Mon, 27 May 2024 16:21:44 GMT
File typeWeb Open Font Format, TrueType, length 254124, version 1.0 Size254 kB (254124 bytes) Hashffd3d0ec92954ecb70e46857cfa614db 300eb9207652c6daf740a4b4065d555a539e2b50 e247313d267dd19164c600382d5a2a62c0a319868856edb57577a904fbd6a6b7
GET /promo/node_modules/g4.font.icons/fonts/icons0007.woff?-9ll32q HTTP/1.1
Host: s01.ndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://t10025.bareflort.no
DNT: 1
Connection: keep-alive
Referer: https://s01.ndcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:01 GMT
content-type: application/font-woff
content-length: 254124
last-modified: Mon, 25 Mar 2024 06:33:18 GMT
etag: "66011aae-3e0ac"
expires: Sat, 04 May 2024 20:39:23 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1890398
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1xP%2BBEPxqAUbULfrvfdEwE7VIAxbA%2FvwFg7mz%2F7HoHm2Cynfn%2BCSz1GHe1IpJFlfL%2FX3vfdlGpBs3rJFw8S70upRUjMIDN1rWSzMqjl2hrJrZkGFnyav%2BV06uNXYE87%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a863cd7adc1bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| t10025.bareflort.no/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.18.33.129 | 302 Found | 0 B |
URL GET HTTP/2t10025.bareflort.no/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.18.33.129:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerLet's Encrypt Subjectbareflort.no Fingerprint2F:48:C4:08:E1:1D:42:6C:27:4D:7D:44:09:97:FF:29:19:FC:3F:62 ValidityMon, 18 Mar 2024 11:05:15 GMT - Sun, 16 Jun 2024 11:05:14 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: t10025.bareflort.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=MnA3T6wtNn27jAf55rcSjqIakWEquhihKG3cBW3nmUA-1714153560-1.0.1.1-R4EyHyBCe_hCG8oR0kuPfhPVQmM7c7N2SAl7Dfz6T6irecrUxQNk394t_mSXQSN8mSkI.JnhMbNY_8KLDFVBHQ; PHPSESSID=mrfthu148bb7it0cj6av57b2pt; pc_aff=g40gak3Kmlem8LKToQxFVmkOP28uzFBkh0WACsDpdPVLsAzkKjTJerC0yyPJiXvPaMg7Ysof3WPE_0CUALYdWRAyg2XEg4yaVt9uEZFRpfpm-gzlOuyYPnOLqtG6b_t-Y31zkEkDggv5mkf8IfOer6dup32bQutLCFklZ5PptG8TRKi6XdU-z3TkDVXGISPePW_ChFnWh_IyqeeBQohoCv7ewxKDncgtlA3xn-0PHfokiAAcqWEmZG2oeXos_qUX26jTPl-wRoZgI8LJ0o60zlpDvQBAM8xeNmg4NGbK4RHp7vbkN5_YmoPc5r6V1sck8I5ToXLVurakwg7godSSMkVTiqH17XtNAq9vk1D9JkukC0sNHkdGobmo_zN2DCtPajufz7sVCved0olYFz1lABFeqsT5PaFCpJ6yQAjVUH-vJ8ZfQkDNO3BNDywViJPXNyEtgVS6lqyFkFxLIBn83c4a_x5vAGm_XhF6AVA0lGk7kE_I6QXdHhfY_YKWfWVm; promo_code=103657; ev=xc17141535596740c662be857b47cc384351520; keyword=2166; APPID=promo; SERVERID=wbs09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Fri, 26 Apr 2024 17:46:01 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a863cdef6eb4f3-OSL
X-Firefox-Spdy: h2
|
|
| s03.ndcdn.com/sites/bareflort.no/favicon.png | 188.114.97.1 | 200 OK | 1.2 kB |
URL GET HTTP/3s03.ndcdn.com/sites/bareflort.no/favicon.png IP188.114.97.1:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerGoogle Trust Services LLC Subjectndcdn.com Fingerprint41:63:79:AD:52:D3:6C:03:5D:30:00:A4:9C:9B:48:44:3A:E0:58:B3 ValidityTue, 27 Feb 2024 16:21:45 GMT - Mon, 27 May 2024 16:21:44 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hash3642ee9f8d1a035281262a81edb1907d d5c3b692ec2600473a0078255b901663231f9a8c fd164481fa4a3308dbfbfc3cbbc208ef9cd0e88f900a2a266026f254c9e1dde1
GET /sites/bareflort.no/favicon.png HTTP/1.1
Host: s03.ndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t10025.bareflort.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:01 GMT
content-type: image/png
content-length: 1163
last-modified: Mon, 23 Oct 2017 07:50:17 GMT
etag: "59ed9f39-48b"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 101076
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bL5pUGjEYNV3jBFkldiNFcwkUE22GsxENWjmAyqJPC2wb5dfd%2Fy8ly%2FnS2NMYpbK5bjiQBYXd22fp2F9b5tlB5PlhtUz9IgVlSKUGQ38tAS4Dh5aXVsdUtFSFoEJBc9T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a863cdea24b500-OSL
alt-svc: h3=":443"; ma=86400
|
|
| t10025.bareflort.no/js/dist/landing.js?v=3.0.1.master.20240325073054 | 104.18.33.129 | 200 OK | 252 kB |
URL GET HTTP/2t10025.bareflort.no/js/dist/landing.js?v=3.0.1.master.20240325073054 IP104.18.33.129:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerLet's Encrypt Subjectbareflort.no Fingerprint2F:48:C4:08:E1:1D:42:6C:27:4D:7D:44:09:97:FF:29:19:FC:3F:62 ValidityMon, 18 Mar 2024 11:05:15 GMT - Sun, 16 Jun 2024 11:05:14 GMT
File typeJavaScript source, ASCII text Size252 kB (251929 bytes) Hash9a84b741575e9c66e8df621938237a5e 0f8e131bf3ab1193458f1e714965231eb422e3df 6979ea1978a1117bc3f168b384680463fc828e73cd3b93e31fe6db93c3ec83cc
GET /js/dist/landing.js?v=3.0.1.master.20240325073054 HTTP/1.1
Host: t10025.bareflort.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name=
Cookie: __cf_bm=MnA3T6wtNn27jAf55rcSjqIakWEquhihKG3cBW3nmUA-1714153560-1.0.1.1-R4EyHyBCe_hCG8oR0kuPfhPVQmM7c7N2SAl7Dfz6T6irecrUxQNk394t_mSXQSN8mSkI.JnhMbNY_8KLDFVBHQ; PHPSESSID=mrfthu148bb7it0cj6av57b2pt; pc_aff=g40gak3Kmlem8LKToQxFVmkOP28uzFBkh0WACsDpdPVLsAzkKjTJerC0yyPJiXvPaMg7Ysof3WPE_0CUALYdWRAyg2XEg4yaVt9uEZFRpfpm-gzlOuyYPnOLqtG6b_t-Y31zkEkDggv5mkf8IfOer6dup32bQutLCFklZ5PptG8TRKi6XdU-z3TkDVXGISPePW_ChFnWh_IyqeeBQohoCv7ewxKDncgtlA3xn-0PHfokiAAcqWEmZG2oeXos_qUX26jTPl-wRoZgI8LJ0o60zlpDvQBAM8xeNmg4NGbK4RHp7vbkN5_YmoPc5r6V1sck8I5ToXLVurakwg7godSSMkVTiqH17XtNAq9vk1D9JkukC0sNHkdGobmo_zN2DCtPajufz7sVCved0olYFz1lABFeqsT5PaFCpJ6yQAjVUH-vJ8ZfQkDNO3BNDywViJPXNyEtgVS6lqyFkFxLIBn83c4a_x5vAGm_XhF6AVA0lGk7kE_I6QXdHhfY_YKWfWVm; promo_code=103657; ev=xc17141535596740c662be857b47cc384351520; keyword=2166; APPID=promo; SERVERID=wbs09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 25 Mar 2024 06:32:48 GMT
vary: Accept-Encoding
etag: W/"66011a90-132a9d"
expires: Sun, 26 May 2024 17:46:01 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 107324
server: cloudflare
cf-ray: 87a863ce3ff4b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| s03.ndcdn.com/promo-static/img/landing0109/icons/message.svg?v=3.0.1.master.20240325073054 | 188.114.97.1 | 200 OK | 836 B |
URL GET HTTP/2s03.ndcdn.com/promo-static/img/landing0109/icons/message.svg?v=3.0.1.master.20240325073054 IP188.114.97.1:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerGoogle Trust Services LLC Subjectndcdn.com Fingerprint41:63:79:AD:52:D3:6C:03:5D:30:00:A4:9C:9B:48:44:3A:E0:58:B3 ValidityTue, 27 Feb 2024 16:21:45 GMT - Mon, 27 May 2024 16:21:44 GMT
File typeSVG Scalable Vector Graphics image Hash830a06c42f545eb97349b20cf00bf0ec 7d0cd30310f9bd8143e8a9e7d8a671ffb519aa15 d306ddea41d363a775af7344e836519b771aef28ecca59635d067ec1b199626b
GET /promo-static/img/landing0109/icons/message.svg?v=3.0.1.master.20240325073054 HTTP/1.1
Host: s03.ndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t10025.bareflort.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:00 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Dec 2020 09:07:41 GMT
vary: Accept-Encoding
etag: W/"5fe308dd-344"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 44324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G0YRYn3Op0n4lt9g5VzC7RBhmEMaqenkt61G%2BMDcSoVJ55Z3%2BeIaGITGBhCiPVao1H%2FkPyGbej3VfFAgaR5314ZiwWNSMm0Bsq%2Fy5QItWv7AKMPXzYp2fiPi9RPoqpqU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a863cb69ac5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| s03.ndcdn.com/promo-static/img/landing0109/icons/search.svg?v=3.0.1.master.20240325073054 | 188.114.97.1 | 200 OK | 258 B |
URL GET HTTP/2s03.ndcdn.com/promo-static/img/landing0109/icons/search.svg?v=3.0.1.master.20240325073054 IP188.114.97.1:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerGoogle Trust Services LLC Subjectndcdn.com Fingerprint41:63:79:AD:52:D3:6C:03:5D:30:00:A4:9C:9B:48:44:3A:E0:58:B3 ValidityTue, 27 Feb 2024 16:21:45 GMT - Mon, 27 May 2024 16:21:44 GMT
File typeSVG Scalable Vector Graphics image Hash9c1ba59c4f52bb7edf573f5fbddb8e42 a0350cb8346161eb721877747c1e15939208f65f cf259fddef34f1cf7e0bd3d3baedb3453d988dda29022905aadc022176ea5a37
GET /promo-static/img/landing0109/icons/search.svg?v=3.0.1.master.20240325073054 HTTP/1.1
Host: s03.ndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t10025.bareflort.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:00 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Dec 2020 09:07:39 GMT
vary: Accept-Encoding
etag: W/"5fe308db-102"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 353157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GRv1YWcMi250XGIL4jKWNyCRoUgTmS%2BAfinEGL5%2FFvEFYILs2U2ldT74ZJ5XAXavJe0sBilvdpDjZDKa8%2FLtHjk1ZgQbPtJYS25LifKi3%2B8pWP6I1FhIgLs%2Fej5nwNJ1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a863cb69ae5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| t10025.bareflort.no/node_modules/requirejs/require.js | 104.18.33.129 | 200 OK | 86 kB |
URL GET HTTP/2t10025.bareflort.no/node_modules/requirejs/require.js IP104.18.33.129:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerLet's Encrypt Subjectbareflort.no Fingerprint2F:48:C4:08:E1:1D:42:6C:27:4D:7D:44:09:97:FF:29:19:FC:3F:62 ValidityMon, 18 Mar 2024 11:05:15 GMT - Sun, 16 Jun 2024 11:05:14 GMT
File typeJavaScript source, ASCII text Hashf0cc8bbb2fcef87fc194fecbb632fcfa 33bc97e78f4905e72b4c1eb2ca0a4662588443e3 9485f0917f97fcf4f63a5ea365200ffd57f123f451382a2f9a1ad2e2fd51ac9b
GET /node_modules/requirejs/require.js HTTP/1.1
Host: t10025.bareflort.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name=
Cookie: __cf_bm=MnA3T6wtNn27jAf55rcSjqIakWEquhihKG3cBW3nmUA-1714153560-1.0.1.1-R4EyHyBCe_hCG8oR0kuPfhPVQmM7c7N2SAl7Dfz6T6irecrUxQNk394t_mSXQSN8mSkI.JnhMbNY_8KLDFVBHQ; PHPSESSID=mrfthu148bb7it0cj6av57b2pt; pc_aff=g40gak3Kmlem8LKToQxFVmkOP28uzFBkh0WACsDpdPVLsAzkKjTJerC0yyPJiXvPaMg7Ysof3WPE_0CUALYdWRAyg2XEg4yaVt9uEZFRpfpm-gzlOuyYPnOLqtG6b_t-Y31zkEkDggv5mkf8IfOer6dup32bQutLCFklZ5PptG8TRKi6XdU-z3TkDVXGISPePW_ChFnWh_IyqeeBQohoCv7ewxKDncgtlA3xn-0PHfokiAAcqWEmZG2oeXos_qUX26jTPl-wRoZgI8LJ0o60zlpDvQBAM8xeNmg4NGbK4RHp7vbkN5_YmoPc5r6V1sck8I5ToXLVurakwg7godSSMkVTiqH17XtNAq9vk1D9JkukC0sNHkdGobmo_zN2DCtPajufz7sVCved0olYFz1lABFeqsT5PaFCpJ6yQAjVUH-vJ8ZfQkDNO3BNDywViJPXNyEtgVS6lqyFkFxLIBn83c4a_x5vAGm_XhF6AVA0lGk7kE_I6QXdHhfY_YKWfWVm; promo_code=103657; ev=xc17141535596740c662be857b47cc384351520; keyword=2166; APPID=promo; SERVERID=wbs09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 27 Aug 2018 06:00:39 GMT
vary: Accept-Encoding
etag: W/"5b839387-151d3"
expires: Sun, 26 May 2024 17:46:00 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 107323
server: cloudflare
cf-ray: 87a863cb0b19b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| trk.bareflort.no/a/ff10025/?promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0|0|0|0&email={ext_email_passing}&email_prefill={ext_email_prefill}&email_encoded={ext_email_passing_encoded}&email_prefill_encoded={ext_email_prefill_encoded}&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= | 104.18.33.129 | 302 Found | 81 kB |
URL User Request GET HTTP/2trk.bareflort.no/a/ff10025/?promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0|0|0|0&email={ext_email_passing}&email_prefill={ext_email_prefill}&email_encoded={ext_email_passing_encoded}&email_prefill_encoded={ext_email_prefill_encoded}&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= IP104.18.33.129:443
CertificateIssuerLet's Encrypt Subjectbareflort.no Fingerprint2F:48:C4:08:E1:1D:42:6C:27:4D:7D:44:09:97:FF:29:19:FC:3F:62 ValidityMon, 18 Mar 2024 11:05:15 GMT - Sun, 16 Jun 2024 11:05:14 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/ff10025/?promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0|0|0|0&email={ext_email_passing}&email_prefill={ext_email_prefill}&email_encoded={ext_email_passing_encoded}&email_prefill_encoded={ext_email_prefill_encoded}&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= HTTP/1.1
Host: trk.bareflort.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 26 Apr 2024 17:46:00 GMT
content-type: text/html; charset=UTF-8
location: https://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name=
cf-cache-status: DYNAMIC
set-cookie: SERVERID=wbs11; path=/
__cf_bm=MnA3T6wtNn27jAf55rcSjqIakWEquhihKG3cBW3nmUA-1714153560-1.0.1.1-R4EyHyBCe_hCG8oR0kuPfhPVQmM7c7N2SAl7Dfz6T6irecrUxQNk394t_mSXQSN8mSkI.JnhMbNY_8KLDFVBHQ; path=/; expires=Fri, 26-Apr-24 18:16:00 GMT; domain=.bareflort.no; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87a863c79e7db4f3-OSL
X-Firefox-Spdy: h2
|
|
| s03.ndcdn.com/promo-static/img/landing0109/icons/like.svg?v=3.0.1.master.20240325073054 | 188.114.97.1 | 200 OK | 464 B |
URL GET HTTP/2s03.ndcdn.com/promo-static/img/landing0109/icons/like.svg?v=3.0.1.master.20240325073054 IP188.114.97.1:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerGoogle Trust Services LLC Subjectndcdn.com Fingerprint41:63:79:AD:52:D3:6C:03:5D:30:00:A4:9C:9B:48:44:3A:E0:58:B3 ValidityTue, 27 Feb 2024 16:21:45 GMT - Mon, 27 May 2024 16:21:44 GMT
File typeSVG Scalable Vector Graphics image Hash8f1fa00cf5dd9486768081ffcd94134b 1a322c503d41d2901c834ecdecada1c475bd6b86 cdc1d146249c4eabc9f791271eba979f7f4020fa94c1cca300fec1ebf279461e
GET /promo-static/img/landing0109/icons/like.svg?v=3.0.1.master.20240325073054 HTTP/1.1
Host: s03.ndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t10025.bareflort.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:00 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Dec 2020 09:07:39 GMT
vary: Accept-Encoding
etag: W/"5fe308db-1d0"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 353157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8DIWowC%2BVgPQuxU3p%2FHBhqiEU31tkwaATy4s%2BRnlMh6YcgiEdkyKnTR%2FU04jrYn5wOai3BoyEMw%2BcSoU7%2FtWQ1SqBzXmIsiCESBFxu6WOPnjhg5JCMmj73rtM9Urx007"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a863cb89e15687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| t10025.bareflort.no/js/dist/config.js | 104.18.33.129 | 200 OK | 1.8 kB |
URL GET HTTP/2t10025.bareflort.no/js/dist/config.js IP104.18.33.129:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerLet's Encrypt Subjectbareflort.no Fingerprint2F:48:C4:08:E1:1D:42:6C:27:4D:7D:44:09:97:FF:29:19:FC:3F:62 ValidityMon, 18 Mar 2024 11:05:15 GMT - Sun, 16 Jun 2024 11:05:14 GMT
File typeJavaScript source, ASCII text, with very long lines (1924), with no line terminators Hash33ebe39e8a0d2e480a94d02df2d8623a 009d813a6e8cf174b8cd9f6d19814b23ab492f1d be37e991b3317409921c3645c599b05357241278df14cf2c7f6cf90ad8823136
GET /js/dist/config.js HTTP/1.1
Host: t10025.bareflort.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name=
Cookie: __cf_bm=MnA3T6wtNn27jAf55rcSjqIakWEquhihKG3cBW3nmUA-1714153560-1.0.1.1-R4EyHyBCe_hCG8oR0kuPfhPVQmM7c7N2SAl7Dfz6T6irecrUxQNk394t_mSXQSN8mSkI.JnhMbNY_8KLDFVBHQ; PHPSESSID=mrfthu148bb7it0cj6av57b2pt; pc_aff=g40gak3Kmlem8LKToQxFVmkOP28uzFBkh0WACsDpdPVLsAzkKjTJerC0yyPJiXvPaMg7Ysof3WPE_0CUALYdWRAyg2XEg4yaVt9uEZFRpfpm-gzlOuyYPnOLqtG6b_t-Y31zkEkDggv5mkf8IfOer6dup32bQutLCFklZ5PptG8TRKi6XdU-z3TkDVXGISPePW_ChFnWh_IyqeeBQohoCv7ewxKDncgtlA3xn-0PHfokiAAcqWEmZG2oeXos_qUX26jTPl-wRoZgI8LJ0o60zlpDvQBAM8xeNmg4NGbK4RHp7vbkN5_YmoPc5r6V1sck8I5ToXLVurakwg7godSSMkVTiqH17XtNAq9vk1D9JkukC0sNHkdGobmo_zN2DCtPajufz7sVCved0olYFz1lABFeqsT5PaFCpJ6yQAjVUH-vJ8ZfQkDNO3BNDywViJPXNyEtgVS6lqyFkFxLIBn83c4a_x5vAGm_XhF6AVA0lGk7kE_I6QXdHhfY_YKWfWVm; promo_code=103657; ev=xc17141535596740c662be857b47cc384351520; keyword=2166; APPID=promo; SERVERID=wbs09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 25 Mar 2024 06:27:37 GMT
vary: Accept-Encoding
etag: W/"66011959-738"
expires: Sun, 26 May 2024 17:46:00 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 107323
server: cloudflare
cf-ray: 87a863cafb0fb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| t10025.bareflort.no/GeoIp | 104.18.33.129 | 200 OK | 275 B |
URL GET HTTP/2t10025.bareflort.no/GeoIp IP104.18.33.129:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerLet's Encrypt Subjectbareflort.no Fingerprint2F:48:C4:08:E1:1D:42:6C:27:4D:7D:44:09:97:FF:29:19:FC:3F:62 ValidityMon, 18 Mar 2024 11:05:15 GMT - Sun, 16 Jun 2024 11:05:14 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (323), with no line terminators Hash7d1e5b19aff7e3d81e52b520dbef10f3 ac4bebe90599672536507e24ed87aa920e685cff 2b9c2e1d63ef5a7e5fa5c44fc94cdb3f81b1f802d7181b678e6aa2c906a3993e
GET /GeoIp HTTP/1.1
Host: t10025.bareflort.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VQUAUV5RCRABXVNRDgUCU1Y=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjEzNzA4MjEiLCJhcCI6IjE5MjM5NDU3NCIsImlkIjoiNDJkZGJiNGMzZTJlNjQzMSIsInRyIjoiNjBkNGY5ZTgwNzkyOWUxYWU4NDY2ZmQzZDFiMTIyYTMiLCJ0aSI6MTcxNDE1MzU2MTY4OH19
traceparent: 00-60d4f9e807929e1ae8466fd3d1b122a3-42ddbb4c3e2e6431-01
tracestate: 1370821@nr=0-1-1370821-192394574-42ddbb4c3e2e6431----1714153561688
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name=
Cookie: __cf_bm=MnA3T6wtNn27jAf55rcSjqIakWEquhihKG3cBW3nmUA-1714153560-1.0.1.1-R4EyHyBCe_hCG8oR0kuPfhPVQmM7c7N2SAl7Dfz6T6irecrUxQNk394t_mSXQSN8mSkI.JnhMbNY_8KLDFVBHQ; PHPSESSID=mrfthu148bb7it0cj6av57b2pt; pc_aff=g40gak3Kmlem8LKToQxFVmkOP28uzFBkh0WACsDpdPVLsAzkKjTJerC0yyPJiXvPaMg7Ysof3WPE_0CUALYdWRAyg2XEg4yaVt9uEZFRpfpm-gzlOuyYPnOLqtG6b_t-Y31zkEkDggv5mkf8IfOer6dup32bQutLCFklZ5PptG8TRKi6XdU-z3TkDVXGISPePW_ChFnWh_IyqeeBQohoCv7ewxKDncgtlA3xn-0PHfokiAAcqWEmZG2oeXos_qUX26jTPl-wRoZgI8LJ0o60zlpDvQBAM8xeNmg4NGbK4RHp7vbkN5_YmoPc5r6V1sck8I5ToXLVurakwg7godSSMkVTiqH17XtNAq9vk1D9JkukC0sNHkdGobmo_zN2DCtPajufz7sVCved0olYFz1lABFeqsT5PaFCpJ6yQAjVUH-vJ8ZfQkDNO3BNDywViJPXNyEtgVS6lqyFkFxLIBn83c4a_x5vAGm_XhF6AVA0lGk7kE_I6QXdHhfY_YKWfWVm; promo_code=103657; ev=xc17141535596740c662be857b47cc384351520; keyword=2166; APPID=promo; SERVERID=wbs09; _ga_E4HT1NRVN7=GS1.1.1714153561.1.0.1714153561.0.0.0; _ga=GA1.1.258162159.1714153561; cf_clearance=Bn2CA8UbL4B4ULXdmgEy17oKRo.ypprZAhnw8_hkC6c-1714153561-1.0.1.1-xUBt7n8YGh.fhbPYDxsfTWH97vpF9sN4krdfW0ParaVjCH2dJddFJH30GzujHcFKDX5rZvXaxkRWG9jWW7i88A
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:01 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: APPID=promo
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87a863d09b6bb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= | 104.18.33.129 | 200 OK | 81 kB |
URL User Request GET HTTP/2t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= IP104.18.33.129:443
CertificateIssuerLet's Encrypt Subjectbareflort.no Fingerprint2F:48:C4:08:E1:1D:42:6C:27:4D:7D:44:09:97:FF:29:19:FC:3F:62 ValidityMon, 18 Mar 2024 11:05:15 GMT - Sun, 16 Jun 2024 11:05:14 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= HTTP/1.1
Host: t10025.bareflort.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=MnA3T6wtNn27jAf55rcSjqIakWEquhihKG3cBW3nmUA-1714153560-1.0.1.1-R4EyHyBCe_hCG8oR0kuPfhPVQmM7c7N2SAl7Dfz6T6irecrUxQNk394t_mSXQSN8mSkI.JnhMbNY_8KLDFVBHQ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=mrfthu148bb7it0cj6av57b2pt; path=/; domain=bareflort.no
pc_aff=g40gak3Kmlem8LKToQxFVmkOP28uzFBkh0WACsDpdPVLsAzkKjTJerC0yyPJiXvPaMg7Ysof3WPE_0CUALYdWRAyg2XEg4yaVt9uEZFRpfpm-gzlOuyYPnOLqtG6b_t-Y31zkEkDggv5mkf8IfOer6dup32bQutLCFklZ5PptG8TRKi6XdU-z3TkDVXGISPePW_ChFnWh_IyqeeBQohoCv7ewxKDncgtlA3xn-0PHfokiAAcqWEmZG2oeXos_qUX26jTPl-wRoZgI8LJ0o60zlpDvQBAM8xeNmg4NGbK4RHp7vbkN5_YmoPc5r6V1sck8I5ToXLVurakwg7godSSMkVTiqH17XtNAq9vk1D9JkukC0sNHkdGobmo_zN2DCtPajufz7sVCved0olYFz1lABFeqsT5PaFCpJ6yQAjVUH-vJ8ZfQkDNO3BNDywViJPXNyEtgVS6lqyFkFxLIBn83c4a_x5vAGm_XhF6AVA0lGk7kE_I6QXdHhfY_YKWfWVm; expires=Sun, 26-May-2024 17:46:00 GMT; Max-Age=2592000; path=/; domain=.bareflort.no
promo_code=103657; expires=Sun, 26-May-2024 17:46:00 GMT; Max-Age=2592000; path=/; domain=.bareflort.no
ev=xc17141535596740c662be857b47cc384351520; expires=Sun, 26-May-2024 17:46:00 GMT; Max-Age=2592000; path=/; domain=.bareflort.no
keyword=2166; expires=Sun, 26-May-2024 17:46:00 GMT; Max-Age=2592000; path=/; domain=.bareflort.no
APPID=promo
SERVERID=wbs09; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87a863c85f9cb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| s03.ndcdn.com/promo-static/img/landing0109/icons/heart.svg?v=3.0.1.master.20240325073054 | 188.114.97.1 | 200 OK | 413 B |
URL GET HTTP/2s03.ndcdn.com/promo-static/img/landing0109/icons/heart.svg?v=3.0.1.master.20240325073054 IP188.114.97.1:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerGoogle Trust Services LLC Subjectndcdn.com Fingerprint41:63:79:AD:52:D3:6C:03:5D:30:00:A4:9C:9B:48:44:3A:E0:58:B3 ValidityTue, 27 Feb 2024 16:21:45 GMT - Mon, 27 May 2024 16:21:44 GMT
File typeSVG Scalable Vector Graphics image Hash93d118c75ffec4dd71d641c3d83a21ca 112715f57bad48c4062b215389a1fa21e8d6aed7 50ebf9162330fd66f76ce24dbc7375ce71869191a7fb1435959fcdf4763a6999
GET /promo-static/img/landing0109/icons/heart.svg?v=3.0.1.master.20240325073054 HTTP/1.1
Host: s03.ndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t10025.bareflort.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:00 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Dec 2020 09:07:42 GMT
vary: Accept-Encoding
etag: W/"5fe308de-19d"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 353157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z25bi0dDROUfe3o1POSNDQkSdNw%2BMGaXSNK2Y4JUOM%2Fci0HzHdUOytlRrV5seZej7FPjajnrSRMwtpzMDZd2LXRpv%2Faukk%2FdQTyXKKrZi4ScN8jVkrUxXHcbF8zDiRf6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a863cb89e25687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| t10025.bareflort.no/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js | 104.18.33.129 | 200 OK | 8.0 kB |
URL GET HTTP/2t10025.bareflort.no/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js IP104.18.33.129:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerLet's Encrypt Subjectbareflort.no Fingerprint2F:48:C4:08:E1:1D:42:6C:27:4D:7D:44:09:97:FF:29:19:FC:3F:62 ValidityMon, 18 Mar 2024 11:05:15 GMT - Sun, 16 Jun 2024 11:05:14 GMT
File typeJavaScript source, ASCII text, with very long lines (7951), with no line terminators Hash8d3eff6b95c78d4a8793c41682de4af0 479311d8a0fcf5d760d45ac735084f1e708ed4f4 e4836d0c0a6b4c4778f8e22a072d28c0bfb7f92de39517207af9764db4474a73
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: t10025.bareflort.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=MnA3T6wtNn27jAf55rcSjqIakWEquhihKG3cBW3nmUA-1714153560-1.0.1.1-R4EyHyBCe_hCG8oR0kuPfhPVQmM7c7N2SAl7Dfz6T6irecrUxQNk394t_mSXQSN8mSkI.JnhMbNY_8KLDFVBHQ; PHPSESSID=mrfthu148bb7it0cj6av57b2pt; pc_aff=g40gak3Kmlem8LKToQxFVmkOP28uzFBkh0WACsDpdPVLsAzkKjTJerC0yyPJiXvPaMg7Ysof3WPE_0CUALYdWRAyg2XEg4yaVt9uEZFRpfpm-gzlOuyYPnOLqtG6b_t-Y31zkEkDggv5mkf8IfOer6dup32bQutLCFklZ5PptG8TRKi6XdU-z3TkDVXGISPePW_ChFnWh_IyqeeBQohoCv7ewxKDncgtlA3xn-0PHfokiAAcqWEmZG2oeXos_qUX26jTPl-wRoZgI8LJ0o60zlpDvQBAM8xeNmg4NGbK4RHp7vbkN5_YmoPc5r6V1sck8I5ToXLVurakwg7godSSMkVTiqH17XtNAq9vk1D9JkukC0sNHkdGobmo_zN2DCtPajufz7sVCved0olYFz1lABFeqsT5PaFCpJ6yQAjVUH-vJ8ZfQkDNO3BNDywViJPXNyEtgVS6lqyFkFxLIBn83c4a_x5vAGm_XhF6AVA0lGk7kE_I6QXdHhfY_YKWfWVm; promo_code=103657; ev=xc17141535596740c662be857b47cc384351520; keyword=2166; APPID=promo; SERVERID=wbs09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:01 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
content-encoding: br
vary: accept-encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a863ce3ff0b4f3-OSL
X-Firefox-Spdy: h2
|
|
| s01.ndcdn.com/promo/css/pages/landing0109.css?v=3.0.1.master.20240325073054 | 188.114.97.1 | 200 OK | 37 kB |
URL GET HTTP/2s01.ndcdn.com/promo/css/pages/landing0109.css?v=3.0.1.master.20240325073054 IP188.114.97.1:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerGoogle Trust Services LLC Subjectndcdn.com Fingerprint41:63:79:AD:52:D3:6C:03:5D:30:00:A4:9C:9B:48:44:3A:E0:58:B3 ValidityTue, 27 Feb 2024 16:21:45 GMT - Mon, 27 May 2024 16:21:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /promo/css/pages/landing0109.css?v=3.0.1.master.20240325073054 HTTP/1.1
Host: s01.ndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t10025.bareflort.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:00 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=37492
cache-control: max-age=2592000
etag: W/"66011aaf-9274"
expires: Sat, 11 May 2024 07:49:03 GMT
last-modified: Mon, 25 Mar 2024 06:33:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1331817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9FXwG3yq8mZG%2F9Taab7m9TD3Bti4KC6zvQLHALoFyqoOGrroOV9f4TeUF0EcUOd0Q%2Bt%2ByLH7PzBoARmrIrlSkHIwyCbWl0vBNJjXpjrjpv9SrkN6ukI53FwTXr09MuRw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a863cbca245687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| t10025.bareflort.no/cdn-cgi/challenge-platform/h/b/jsd/r/87a863c85f9cb4f3 | 104.18.33.129 | 200 OK | 0 B |
URL POST HTTP/2t10025.bareflort.no/cdn-cgi/challenge-platform/h/b/jsd/r/87a863c85f9cb4f3 IP104.18.33.129:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerLet's Encrypt Subjectbareflort.no Fingerprint2F:48:C4:08:E1:1D:42:6C:27:4D:7D:44:09:97:FF:29:19:FC:3F:62 ValidityMon, 18 Mar 2024 11:05:15 GMT - Sun, 16 Jun 2024 11:05:14 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/87a863c85f9cb4f3 HTTP/1.1
Host: t10025.bareflort.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12669
Origin: https://t10025.bareflort.no
DNT: 1
Connection: keep-alive
Referer: https://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name=
Cookie: __cf_bm=MnA3T6wtNn27jAf55rcSjqIakWEquhihKG3cBW3nmUA-1714153560-1.0.1.1-R4EyHyBCe_hCG8oR0kuPfhPVQmM7c7N2SAl7Dfz6T6irecrUxQNk394t_mSXQSN8mSkI.JnhMbNY_8KLDFVBHQ; PHPSESSID=mrfthu148bb7it0cj6av57b2pt; pc_aff=g40gak3Kmlem8LKToQxFVmkOP28uzFBkh0WACsDpdPVLsAzkKjTJerC0yyPJiXvPaMg7Ysof3WPE_0CUALYdWRAyg2XEg4yaVt9uEZFRpfpm-gzlOuyYPnOLqtG6b_t-Y31zkEkDggv5mkf8IfOer6dup32bQutLCFklZ5PptG8TRKi6XdU-z3TkDVXGISPePW_ChFnWh_IyqeeBQohoCv7ewxKDncgtlA3xn-0PHfokiAAcqWEmZG2oeXos_qUX26jTPl-wRoZgI8LJ0o60zlpDvQBAM8xeNmg4NGbK4RHp7vbkN5_YmoPc5r6V1sck8I5ToXLVurakwg7godSSMkVTiqH17XtNAq9vk1D9JkukC0sNHkdGobmo_zN2DCtPajufz7sVCved0olYFz1lABFeqsT5PaFCpJ6yQAjVUH-vJ8ZfQkDNO3BNDywViJPXNyEtgVS6lqyFkFxLIBn83c4a_x5vAGm_XhF6AVA0lGk7kE_I6QXdHhfY_YKWfWVm; promo_code=103657; ev=xc17141535596740c662be857b47cc384351520; keyword=2166; APPID=promo; SERVERID=wbs09; _ga_E4HT1NRVN7=GS1.1.1714153561.1.0.1714153561.0.0.0; _ga=GA1.1.258162159.1714153561
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:01 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=Bn2CA8UbL4B4ULXdmgEy17oKRo.ypprZAhnw8_hkC6c-1714153561-1.0.1.1-xUBt7n8YGh.fhbPYDxsfTWH97vpF9sN4krdfW0ParaVjCH2dJddFJH30GzujHcFKDX5rZvXaxkRWG9jWW7i88A; path=/; expires=Sat, 26-Apr-25 17:46:01 GMT; domain=.bareflort.no; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87a863cf7a12b4f3-OSL
X-Firefox-Spdy: h2
|
|
| s03.ndcdn.com/promo-static/img/landing0109/icons/video.svg?v=3.0.1.master.20240325073054 | 188.114.97.1 | 200 OK | 599 B |
URL GET HTTP/2s03.ndcdn.com/promo-static/img/landing0109/icons/video.svg?v=3.0.1.master.20240325073054 IP188.114.97.1:443
Requested byhttps://t10025.bareflort.no/?q=%2Fa%2Fff10025%2F&promo_code=103657&ev=xc17141535596740c662be857b47cc384351520&keyword=2166&pass=xc17141535596740c662be857b47cc384351520&m=0%7C0%7C0%7C0&email_prefill=%7Bext_email_prefill%7D&email_encoded=%7Bext_email_passing_encoded%7D&email_prefill_encoded=%7Bext_email_prefill_encoded%7D&flow=52&fb_pixel=&ptid=41162&session_id=a2404430a1eac9c92408e2d51a7cd235c40a80ea&subaffiliate_id=dir_65511f88&external_campaign_id=&external_campaign_name= CertificateIssuerGoogle Trust Services LLC Subjectndcdn.com Fingerprint41:63:79:AD:52:D3:6C:03:5D:30:00:A4:9C:9B:48:44:3A:E0:58:B3 ValidityTue, 27 Feb 2024 16:21:45 GMT - Mon, 27 May 2024 16:21:44 GMT
File typeSVG Scalable Vector Graphics image Hashdf14d0c524b864a3eb05bd93ffda0f00 23e4a08b7991f90c9bf6917bf891b0e24e989364 95f6968618dbb6660c85f0ea956f901da981edea38f8f0cf13e3fe36888180f4
GET /promo-static/img/landing0109/icons/video.svg?v=3.0.1.master.20240325073054 HTTP/1.1
Host: s03.ndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t10025.bareflort.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:00 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Dec 2020 09:07:41 GMT
vary: Accept-Encoding
etag: W/"5fe308dd-257"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 353157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49S%2FMRoRKzvv8YjCFzj0O1BVx%2FtcrtGHV7QuW82xh3QlXncV2IjQZMB1Djhzeeho9JyzmeQJt%2Ba4OYNBUIxBrGHWhdnXFyXJUzELU26CL0WuJ6usaYy8%2FqhEDqf1bMm3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a863cb69ad5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|