pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?sid=333.888.jp.webview-android..jp.webview-android.&k=bfb&url=go.redanemone.xyz&xrw=&lid=638e4ba6cf217a22076d0bd8
307 Temporary Redirect 164 B URL HTTP/1.1 pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?sid=333.888.jp.webview-android..jp.webview-android.&k=bfb&url=go.redanemone.xyz&xrw=&lid=638e4ba6cf217a22076d0bd8
IP
ASN #213230 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 813f9846b49c0ada805648edf1b2fdbd
caa24890460f73e6a72bb49426351e67e83b053d
8f03491247cbfa8a2e60e0f7ec62d63b5070659f60383a1c81abeb2b20221be3
GET /emw/v1/dt?sid=333.888.jp.webview-android..jp.webview-android.&k=bfb&url=go.redanemone.xyz&xrw=&lid=638e4ba6cf217a22076d0bd8 HTTP/1.1
Host: pdxx-7fmavzpxk2xlm-4-2.lowsea.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 307 Temporary Redirect
Date: Mon, 05 Dec 2022 19:51:18 GMT
Content-Type: text/html
Content-Length: 164
Connection: keep-alive
Keep-Alive: timeout=10
Set-Cookie: emwxcid_4_1=Qp9hevoGpfdcEhGB3GCqKpMMCIlkolaFsz7lTBO4I7cok5jgoF; expires=Tue, Dec 05 2023 19:51:18 GMT; Max-Age=31536000; path=/; domain=lowsea.fun; SameSite=Lax
Location: https://ron.trffclb.com/a.php?p=c:7omnig4vw718godha&d=6213b4b0ff85982fd6331e4b&s=333.888.jp.webview-android..jp.webview-android.
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5873
Expires: Mon, 05 Dec 2022 21:29:11 GMT
Date: Mon, 05 Dec 2022 19:51:18 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5954
Cache-Control: max-age=145155
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:18 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:10:33 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6369
Expires: Mon, 05 Dec 2022 21:37:27 GMT
Date: Mon, 05 Dec 2022 19:51:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 19:20:18 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1860
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xr+JALK+yy7zwu1xRDxhCUr76y20PMUavGdOTL2S7qWdfPBND2HOcph9R3kPerxvdmjxR9xpitB7ZdI2aZPZDQ==
x-amz-request-id: C55EFEKQ201FSAHS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 19:48:38 GMT
age: 160
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 19:51:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bbd0588e0648671a26977f48152be07b
4144f005c6c4c7fdf7e0fb5b74756d6bf45c3090
daa15015e8d7875c775ae2d1f4766fda070cd996ddf0a1db7a76ae2ec89cbb09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAA15015E8D7875C775AE2D1F4766FDA070CD996DDF0A1DB7A76AE2EC89CBB09"
Last-Modified: Sun, 04 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16361
Expires: Tue, 06 Dec 2022 00:23:59 GMT
Date: Mon, 05 Dec 2022 19:51:18 GMT
Connection: keep-alive
ron.trffclb.com/a.php?p=c:7omnig4vw718godha&d=6213b4b0ff85982fd6331e4b&s=333.888.jp.webview-android..jp.webview-android.
200 OK 179 B URL HTTP/1.1 ron.trffclb.com/a.php?p=c:7omnig4vw718godha&d=6213b4b0ff85982fd6331e4b&s=333.888.jp.webview-android..jp.webview-android.
IP
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 81065e8e9f9cc4612618822ebe5bd386
f6d8134a36e7da9b92d22d0099e6ca9410005588
17069962906f016eae66d600dd2e5b5bb1a8143418f87ce0f48089956edfdd17
Analyzer Verdict Alert quad9 Sinkholed
GET /a.php?p=c:7omnig4vw718godha&d=6213b4b0ff85982fd6331e4b&s=333.888.jp.webview-android..jp.webview-android. HTTP/1.1
Host: ron.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 19:51:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Round: 11hx4alk7e
Raund: 1zd
Content-Encoding: gzip
samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_333.888.jp.webview-android..jp.webview-android.
200 OK 513 B URL HTTP/1.1 samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_333.888.jp.webview-android..jp.webview-android.
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (584)
Hash 756c9b0d21e31f4c89d1c60bdc8c4b4d
4cb120c570ecd8f35e9aa620b2a8a15693fa0163
873ec04d609f3c8a34e6fb5e102b1ae28d93dba754bbaf6c91a4390bd9c4715d
Analyzer Verdict Alert quad9 Sinkholed
GET /l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_333.888.jp.webview-android..jp.webview-android. HTTP/1.1
Host: samba.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 19:51:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=638e4bb6afc95b46f62888e0; expires=Thu, 08-Dec-2022 19:51:18 GMT; Max-Age=259200; path=/; domain=samba.trffclb.com; HttpOnly
Content-Encoding: gzip
samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_333.888.jp.webview-android..jp.webview-android.&bv=1
302 Found 0 B URL HTTP/1.1 samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_333.888.jp.webview-android..jp.webview-android.&bv=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_333.888.jp.webview-android..jp.webview-android.&bv=1 HTTP/1.1
Host: samba.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_333.888.jp.webview-android..jp.webview-android.
Cookie: bt-603611c5b7eaf46891533240=638e4bb6afc95b46f62888e0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 05 Dec 2022 19:51:18 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=samba.trffclb.com; HttpOnly
Round: 119cdtswvl
Raund: 2si
Location: https://popcash.net/world/go/134600/317194
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 19:08:58 GMT
cache-control: public,max-age=3600
age: 2540
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
samba.trffclb.com/favicon.ico
200 OK 20 B URL HTTP/1.1 samba.trffclb.com/favicon.ico
IP
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: samba.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_333.888.jp.webview-android..jp.webview-android.
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 19:51:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 278 B IP
Hash 59f4c593d8c616cfeaee7bdcc59237fc
139e2e437e1476d5b442d8347a2d01c27a7288f4
009d10ac8035b7dfe299f7f81019e5eef1e393d6539c65414ffef9260e9afff0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4231
Cache-Control: max-age=116034
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:19 GMT
Etag: "638d5d72-116"
Expires: Wed, 07 Dec 2022 04:05:13 GMT
Last-Modified: Mon, 05 Dec 2022 02:54:42 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 471 B IP
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5945
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:19 GMT
Last-Modified: Mon, 05 Dec 2022 18:12:14 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
popcash.net/world/go/134600/317194
301 Moved Permanently 162 B URL HTTP/2 popcash.net/world/go/134600/317194
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /world/go/134600/317194 HTTP/1.1
Host: popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://samba.trffclb.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 05 Dec 2022 19:51:19 GMT
content-type: text/html
content-length: 162
location: http://ps.popcash.net/go/134600/317194
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufNVFKTZjHDp0sgDGbOPAdJObghe%2Beu5uhn5JBYowq9Tfvbov%2BgtMYHiF73ap%2BCQBSioZtWHfMvnjZi3wGP31aU%2FrbJc2oC6l2WLDuQuxV7NYXzCiCAO6uNTO1DJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774f50d87b570b59-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7x5X0XD1uWgzf5BHwB7mRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: erhjtqJ82VID9LEe5h9UdL4Cdlw=
ps.popcash.net/go/134600/317194
200 OK 270 B URL HTTP/1.1 ps.popcash.net/go/134600/317194
IP
File type HTML document, ASCII text
Hash 139f8e5d70a245c9c162f6f60a669d31
2ec9d5a0af105862e72aeddf6883115853e51770
b8d18c2f1586b9f560bf4e11060525cd79c646f5eee5edb0aa34e7a9de5dc051
Analyzer Verdict Alert fortinet Malware
GET /go/134600/317194 HTTP/1.1
Host: ps.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 05 Dec 2022 19:51:19 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 270
Connection: keep-alive
ps.popcash.net/ad/ad?p=134600&w=317194&t=31fee5c9d983b3df&r=&vw=1280&vh=0
303 See Other 0 B URL HTTP/1.1 ps.popcash.net/ad/ad?p=134600&w=317194&t=31fee5c9d983b3df&r=&vw=1280&vh=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ad/ad?p=134600&w=317194&t=31fee5c9d983b3df&r=&vw=1280&vh=0 HTTP/1.1
Host: ps.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ps.popcash.net/go/134600/317194
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Date: Mon, 05 Dec 2022 19:51:19 GMT
Location: http://dipaka-ead.com/zcvisitor/300969ab-74d6-11ed-936a-12dc70617eb9/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51#pc151445
Server: nginx
Content-Length: 0
Connection: keep-alive
dipaka-ead.com/zcvisitor/300969ab-74d6-11ed-936a-12dc70617eb9/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
302 0 B URL HTTP/1.1 dipaka-ead.com/zcvisitor/300969ab-74d6-11ed-936a-12dc70617eb9/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zcvisitor/300969ab-74d6-11ed-936a-12dc70617eb9/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51 HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ps.popcash.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Mon, 05 Dec 2022 19:51:19 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://shopde.pricedeals.shop/go.php?market=no&zr300969ab74d611ed936a12dc70617eb909849dd06f54401c93b15210dce24a1006949998329357f901
Server: pPizsMef
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5eb7927960ce41e3ef457eb817020b34
6f4b4b6b47d045d9948235c5635dc418c74631d6
729caa785d1fa36caca999b56682b9515cf32088c06a70ef4f3f14a93855e90b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "729CAA785D1FA36CACA999B56682B9515CF32088C06A70EF4F3F14A93855E90B"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5264
Expires: Mon, 05 Dec 2022 21:19:04 GMT
Date: Mon, 05 Dec 2022 19:51:20 GMT
Connection: keep-alive
shopde.pricedeals.shop/go.php?market=no&zr300969ab74d611ed936a12dc70617eb909849dd06f54401c93b15210dce24a1006949998329357f901
200 OK 571 B URL HTTP/1.1 shopde.pricedeals.shop/go.php?market=no&zr300969ab74d611ed936a12dc70617eb909849dd06f54401c93b15210dce24a1006949998329357f901
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (449)
Hash 707cf14f1601ed41633605a09fe51319
e98487724ac17d12e78327c9aac333bd861f7482
a657c3ce18d55f66493e984f8407feee9949e02cf17fff51ce962b9933b6e2d7
GET /go.php?market=no&zr300969ab74d611ed936a12dc70617eb909849dd06f54401c93b15210dce24a1006949998329357f901 HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ps.popcash.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:51:20 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 571
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
shopde.pricedeals.shop/favicon.ico
404 Not Found 285 B URL HTTP/1.1 shopde.pricedeals.shop/favicon.ico
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cd85cf7b8f9a014ae145681b1f5e73d
a574403ec64b443a802d0980e3bd368bafebe2d9
cb5d0086c43932c164cc6892b9f762fb4128c182d3dbdbf476036a2783f0023b
GET /favicon.ico HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zr300969ab74d611ed936a12dc70617eb909849dd06f54401c93b15210dce24a1006949998329357f901
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 05 Dec 2022 19:51:20 GMT
Server: Apache/2.4.54 (Debian)
Content-Length: 285
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6215
Expires: Mon, 05 Dec 2022 21:34:55 GMT
Date: Mon, 05 Dec 2022 19:51:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6215
Expires: Mon, 05 Dec 2022 21:34:55 GMT
Date: Mon, 05 Dec 2022 19:51:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6215
Expires: Mon, 05 Dec 2022 21:34:55 GMT
Date: Mon, 05 Dec 2022 19:51:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:01 GMT
age: 79639
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 79385
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:41 GMT
age: 79119
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PGz98Kv7xrcdfvzwMFbA9V206DdlXitB-Xk8dllnaLlk1QMhZZEs9Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:04 GMT
age: 78496
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 78499
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8ugcixaNsXG-AIHYCfoyOWa5zowv2lb4qwWc8o5_7SQc_0w5HW4mBw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:48 GMT
age: 79112
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAyMTQ0MDgyNjYmLnNpZz11SG1ram9kTUMxdXNhZElUOUpjbUZIVXBfZ0UtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTA4NDYzMjMmY291bnRyeT1ubyZvZmZlcklkPWQ5NzJhNjZmYjlhODUwNTI2NzdiZDAwYmVhYTQ5N2NlJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT0yOCY
200 OK 466 B URL HTTP/1.1 shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAyMTQ0MDgyNjYmLnNpZz11SG1ram9kTUMxdXNhZElUOUpjbUZIVXBfZ0UtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTA4NDYzMjMmY291bnRyeT1ubyZvZmZlcklkPWQ5NzJhNjZmYjlhODUwNTI2NzdiZDAwYmVhYTQ5N2NlJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT0yOCY
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (362)
Hash fd915a66c0c182a588f71734fc5923b9
6751f874a8be1e9f9d58a664d24a4153efbd2bb7
f9caa194507e698aa022f2d9ecb72508042def6424f53ec9eb20f4e23d784ffd
GET /redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAyMTQ0MDgyNjYmLnNpZz11SG1ram9kTUMxdXNhZElUOUpjbUZIVXBfZ0UtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTA4NDYzMjMmY291bnRyeT1ubyZvZmZlcklkPWQ5NzJhNjZmYjlhODUwNTI2NzdiZDAwYmVhYTQ5N2NlJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT0yOCY HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zr300969ab74d611ed936a12dc70617eb909849dd06f54401c93b15210dce24a1006949998329357f901
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:51:21 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 466
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
status.thawte.com/
200 OK 471 B IP
Hash 7e5ad4121411ba414363ddb3e423cf8c
fe08cede309cac27b94c7c99975b6cb10eea3036
6d457360466f2b57f859d0aa9c1b919329087d57f455fa6a7e81a93c0260c571
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2221
Cache-Control: max-age=166591
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:22 GMT
Etag: "638e2acc-1d7"
Expires: Wed, 07 Dec 2022 18:07:53 GMT
Last-Modified: Mon, 05 Dec 2022 17:30:52 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408266&.sig=uHmkjodMC1usadIT9JcmFHUp_gE-&affiliationId=96979714&comId=10846323&country=no&offerId=d972a66fb9a85052677bd00beaa497ce&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=28&
200 OK 28 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408266&.sig=uHmkjodMC1usadIT9JcmFHUp_gE-&affiliationId=96979714&comId=10846323&country=no&offerId=d972a66fb9a85052677bd00beaa497ce&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=28&
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash 28b010189f63f46c6ae71bf9b33249b4
15b6350290c8e94d14175bfdc464793ed2e61bbf
4b7231214708eec77a4a831900fde53bf37fed2bbf260e508b274519a5be8e7a
GET /ctl/go/offersearchGo?.ts=1670214408266&.sig=uHmkjodMC1usadIT9JcmFHUp_gE-&affiliationId=96979714&comId=10846323&country=no&offerId=d972a66fb9a85052677bd00beaa497ce&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=28& HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:51:22 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670269882302_2319225
clickId: 107698154_1670269882294_272127
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.017814S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 28127
Set-Cookie: datadome=7m6doeHO0A~6hxVwtL3j8pKKq5ngReyagwMyoCuaOxd7KqmU0eG6oujd232aq69L1HFZ_4xqxCafZh~wejD6qxJnccAAkht4QVSaZIXlFbgz0M5Vy1o77gwXSX3zAt8M; Max-Age=31536000; Expires=Tue, 05 Dec 2023 19:51:22 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c629a-184e3d7cfb6-13ece; Max-Age=31536000; Expires=Tue, 05 Dec 2023 19:51:22 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=95
Connection: Keep-Alive
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2a0325fb100a003da8b79dc9aaeb63c14cb5ff3a1f8b87e81b3a7023459bdb7af855d7ade78286c7dcf71667ebb7d99e265b0b28003df49130d13ea6a3eb6cb4d21922024dae547a0db746232da05c97a14584e2dfcb513f1ba28bce04b68a63718e5d6e91036879aa2dbf1a8c9237b2084382e9a824d17a0752c8751538db1a5a972f4c0ccac3e43c827055b002c0a28643ed5f84ecce07fa68c5b16933af566&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670269882302_2319225&clickId=107698154_1670269882294_272127
200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2a0325fb100a003da8b79dc9aaeb63c14cb5ff3a1f8b87e81b3a7023459bdb7af855d7ade78286c7dcf71667ebb7d99e265b0b28003df49130d13ea6a3eb6cb4d21922024dae547a0db746232da05c97a14584e2dfcb513f1ba28bce04b68a63718e5d6e91036879aa2dbf1a8c9237b2084382e9a824d17a0752c8751538db1a5a972f4c0ccac3e43c827055b002c0a28643ed5f84ecce07fa68c5b16933af566&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670269882302_2319225&clickId=107698154_1670269882294_272127
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2a0325fb100a003da8b79dc9aaeb63c14cb5ff3a1f8b87e81b3a7023459bdb7af855d7ade78286c7dcf71667ebb7d99e265b0b28003df49130d13ea6a3eb6cb4d21922024dae547a0db746232da05c97a14584e2dfcb513f1ba28bce04b68a63718e5d6e91036879aa2dbf1a8c9237b2084382e9a824d17a0752c8751538db1a5a972f4c0ccac3e43c827055b002c0a28643ed5f84ecce07fa68c5b16933af566&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670269882302_2319225&clickId=107698154_1670269882294_272127 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408266&.sig=uHmkjodMC1usadIT9JcmFHUp_gE-&affiliationId=96979714&comId=10846323&country=no&offerId=d972a66fb9a85052677bd00beaa497ce&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=28&
Content-Type: text/plain;charset=utf-8
Content-Length: 544
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=7m6doeHO0A~6hxVwtL3j8pKKq5ngReyagwMyoCuaOxd7KqmU0eG6oujd232aq69L1HFZ_4xqxCafZh~wejD6qxJnccAAkht4QVSaZIXlFbgz0M5Vy1o77gwXSX3zAt8M; kelkooID=a4c629a-184e3d7cfb6-13ece; _ga=GA1.2.1944108957.1670269879; _gid=GA1.2.1927211249.1670269879
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:51:22 GMT
Request-Time: PT0.005187S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=84
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2a0325fb100a003da8b79dc9aaeb63c14cb5ff3a1f8b87e81b3a7023459bdb7af855d7ade78286c7dcf71667ebb7d99e265b0b28003df49130d13ea6a3eb6cb4d21922024dae547a0db746232da05c97a14584e2dfcb513f1ba28bce04b68a63718e5d6e91036879aa2dbf1a8c9237b2084382e9a824d17a0752c8751538db1a5a972f4c0ccac3e43c827055b002c0a28643ed5f84ecce07fa68c5b16933af566&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670269882302_2319225&clickId=107698154_1670269882294_272127
200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2a0325fb100a003da8b79dc9aaeb63c14cb5ff3a1f8b87e81b3a7023459bdb7af855d7ade78286c7dcf71667ebb7d99e265b0b28003df49130d13ea6a3eb6cb4d21922024dae547a0db746232da05c97a14584e2dfcb513f1ba28bce04b68a63718e5d6e91036879aa2dbf1a8c9237b2084382e9a824d17a0752c8751538db1a5a972f4c0ccac3e43c827055b002c0a28643ed5f84ecce07fa68c5b16933af566&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670269882302_2319225&clickId=107698154_1670269882294_272127
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2a0325fb100a003da8b79dc9aaeb63c14cb5ff3a1f8b87e81b3a7023459bdb7af855d7ade78286c7dcf71667ebb7d99e265b0b28003df49130d13ea6a3eb6cb4d21922024dae547a0db746232da05c97a14584e2dfcb513f1ba28bce04b68a63718e5d6e91036879aa2dbf1a8c9237b2084382e9a824d17a0752c8751538db1a5a972f4c0ccac3e43c827055b002c0a28643ed5f84ecce07fa68c5b16933af566&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670269882302_2319225&clickId=107698154_1670269882294_272127 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408266&.sig=uHmkjodMC1usadIT9JcmFHUp_gE-&affiliationId=96979714&comId=10846323&country=no&offerId=d972a66fb9a85052677bd00beaa497ce&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=28&
Connection: keep-alive
Cookie: datadome=7m6doeHO0A~6hxVwtL3j8pKKq5ngReyagwMyoCuaOxd7KqmU0eG6oujd232aq69L1HFZ_4xqxCafZh~wejD6qxJnccAAkht4QVSaZIXlFbgz0M5Vy1o77gwXSX3zAt8M; kelkooID=a4c629a-184e3d7cfb6-13ece
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:51:22 GMT
Request-Time: PT0.001548S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=84
Connection: Keep-Alive
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2a0325fb100a003da8b79dc9aaeb63c14cb5ff3a1f8b87e81b3a7023459bdb7af855d7ade78286c7dcf71667ebb7d99e265b0b28003df49130d13ea6a3eb6cb4d21922024dae547a0db746232da05c97a14584e2dfcb513f1ba28bce04b68a63718e5d6e91036879aa2dbf1a8c9237b2084382e9a824d17a0752c8751538db1a5a972f4c0ccac3e43c827055b002c0a28643ed5f84ecce07fa68c5b16933af566&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670269882302_2319225&clickId=107698154_1670269882294_272127&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&initiator=timeout
303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2a0325fb100a003da8b79dc9aaeb63c14cb5ff3a1f8b87e81b3a7023459bdb7af855d7ade78286c7dcf71667ebb7d99e265b0b28003df49130d13ea6a3eb6cb4d21922024dae547a0db746232da05c97a14584e2dfcb513f1ba28bce04b68a63718e5d6e91036879aa2dbf1a8c9237b2084382e9a824d17a0752c8751538db1a5a972f4c0ccac3e43c827055b002c0a28643ed5f84ecce07fa68c5b16933af566&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670269882302_2319225&clickId=107698154_1670269882294_272127&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&initiator=timeout
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2a0325fb100a003da8b79dc9aaeb63c14cb5ff3a1f8b87e81b3a7023459bdb7af855d7ade78286c7dcf71667ebb7d99e265b0b28003df49130d13ea6a3eb6cb4d21922024dae547a0db746232da05c97a14584e2dfcb513f1ba28bce04b68a63718e5d6e91036879aa2dbf1a8c9237b2084382e9a824d17a0752c8751538db1a5a972f4c0ccac3e43c827055b002c0a28643ed5f84ecce07fa68c5b16933af566&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670269882302_2319225&clickId=107698154_1670269882294_272127&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&initiator=timeout HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408266&.sig=uHmkjodMC1usadIT9JcmFHUp_gE-&affiliationId=96979714&comId=10846323&country=no&offerId=d972a66fb9a85052677bd00beaa497ce&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=28&
Connection: keep-alive
Cookie: datadome=7m6doeHO0A~6hxVwtL3j8pKKq5ngReyagwMyoCuaOxd7KqmU0eG6oujd232aq69L1HFZ_4xqxCafZh~wejD6qxJnccAAkht4QVSaZIXlFbgz0M5Vy1o77gwXSX3zAt8M; kelkooID=a4c629a-184e3d7cfb6-13ece; _ga=GA1.2.1944108957.1670269879; _gid=GA1.2.1927211249.1670269879
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Mon, 05 Dec 2022 19:51:22 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670269882302_2319225
clickId: 107698154_1670269882294_272127
country: no
Location: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.021636S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=qZdEZK6Mdo0UWF0SdztezbTNmZ_63_yZA3NZu8reOFGFKTLhFhmHPfSN~5Z3PAyKunDwOUy1vyfBthEkZxpNL02oZGMJTDJee8HzLiERui4RsaEPCB~e4Qqn9BNi4k9; Max-Age=31536000; Expires=Tue, 05 Dec 2023 19:51:22 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=83
Connection: Keep-Alive
Content-Type: text/plain
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f81db4995a3a3344e9f8c4efc5d6b3dd
34aac916ac79ae2cc30c5bc69ff49cfd8c7af996
c31ff21faa8fac7364e22e9a66a4009c0e3a0d8951b7211d5e3b7bbeefa3b402
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C31FF21FAA8FAC7364E22E9A66A4009C0E3A0D8951B7211D5E3B7BBEEFA3B402"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9487
Expires: Mon, 05 Dec 2022 22:29:29 GMT
Date: Mon, 05 Dec 2022 19:51:22 GMT
Connection: keep-alive
evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
200 OK 29 kB URL HTTP/2 evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
IP
ASN #21119 Braathe Gruppen AS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7356), with CRLF, LF line terminators
Hash d16a96af48ce343890d8b96862316ecc
6ccecdd2bbf136cbebbdba291efbea94a59f8d2c
f31c0b792316577f7b1d33ef1e3b915813521fda3f3bdf08b9eeae84af62f66d
GET /gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: DENY, DENY
x-aspnet-version: 4.0.30319
set-cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; expires=Mon, 13-Feb-2023 06:31:22 GMT; path=/; HttpOnly; SameSite=Lax
ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; path=/; HttpOnly; SameSite=Lax
McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; expires=Tue, 05-Dec-2023 19:51:22 GMT; path=/; SameSite=Lax
McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; expires=Tue, 05-Dec-2023 19:51:22 GMT; path=/; SameSite=Lax
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 29071
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.css
200 OK 36 kB URL HTTP/2 evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.css
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (65536), with no line terminators
Hash ddb7f27fac893c0f86fdd7287c9e7bcc
28d8915e41266a9dabd9c321e1e4fefcf539d2e4
90dd0b885e1d701a2c2b4f98056fb551e06d297acc3be4b990f5dd062dd88089
GET /dist/js/5.c97c0cb1fc3aef23e7cb.bundle.css HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 35817
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/main-styles.983569736b6ec5f6a2f6.bundle.css
200 OK 5.3 kB URL HTTP/2 evenstadmusikk.no/dist/js/main-styles.983569736b6ec5f6a2f6.bundle.css
IP
ASN #21119 Braathe Gruppen AS
File type Unicode text, UTF-8 text, with very long lines (29049)
Hash fcf3559ffa9e565dab01c36d30a68ac6
bc14a55cf31dcb18672d43d53911189c7a3e0fac
8c747cd13d87d80bd397fd6f33684195100deb27520aec8b343938d5936bcfdf
GET /dist/js/main-styles.983569736b6ec5f6a2f6.bundle.css HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 5256
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css
200 OK 59 kB URL HTTP/2 evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css
IP
ASN #21119 Braathe Gruppen AS
File type Unicode text, UTF-8 text, with very long lines (65516), with no line terminators
Hash 4659df9f7cc6bb95890aa4489f5a1bb1
b6be689693a32e035b8907faa8e1c8efbcad930e
cd7c9ed05995d68c454adbdece28668912e4f008bc92cc6b680c0d7a4bf9f239
GET /dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 58637
X-Firefox-Spdy: h2
evenstadmusikk.no/scripts/specialoffers.js?v=pkgGl6kFu7beKoc6j6iZhA3Knu5xyVJxTFSnxLoSxcs1
200 OK 1.0 kB URL HTTP/2 evenstadmusikk.no/scripts/specialoffers.js?v=pkgGl6kFu7beKoc6j6iZhA3Knu5xyVJxTFSnxLoSxcs1
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (1823), with no line terminators
Hash d5cbf6e684d066ada657228d15c6a262
19b0fdbf000387738f4d461353ef690967a7c5a4
9d06e957d4ae1913a2be1fc77c90fa5caef509a1d3f985f5d59c6e642160c8c0
GET /scripts/specialoffers.js?v=pkgGl6kFu7beKoc6j6iZhA3Knu5xyVJxTFSnxLoSxcs1 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Tue, 05 Dec 2023 19:51:22 GMT
last-modified: Mon, 05 Dec 2022 19:51:22 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 1032
X-Firefox-Spdy: h2
evenstadmusikk.no/scripts/autocampaigns.js?v=n3tBbxhGbfbVv-EpRYrzDrTG2U8bHxXVzDvv_lu6DHQ1
200 OK 1.3 kB URL HTTP/2 evenstadmusikk.no/scripts/autocampaigns.js?v=n3tBbxhGbfbVv-EpRYrzDrTG2U8bHxXVzDvv_lu6DHQ1
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (3914), with no line terminators
Hash 711c5d58494443d5fd28b0209f25837c
0cd7fe531010a72cb4f52bc1aeeaa1a1f5e7e8ce
2d5668b1ebf7be16d0c436bf0c4b624d8863cda63354c710cd7b49b4aad07981
GET /scripts/autocampaigns.js?v=n3tBbxhGbfbVv-EpRYrzDrTG2U8bHxXVzDvv_lu6DHQ1 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Tue, 05 Dec 2023 19:51:22 GMT
last-modified: Mon, 05 Dec 2022 19:51:22 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 1260
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/runtime.df29bc903bd9297c5e1d.js
200 OK 998 B URL HTTP/2 evenstadmusikk.no/dist/js/runtime.df29bc903bd9297c5e1d.js
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (1501)
Hash cab9eab5b4d4eb8fcbd645b6e0bfc52b
1a7d98b4bf9a4db3aaf56c47ad726eebd89389ee
eabe0a9859ebe569ab5116574a9ac136ea385985e3883f7633c8f499eb5223c7
GET /dist/js/runtime.df29bc903bd9297c5e1d.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 998
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/2.0da3ac3e030567eb42ed.bundle.js
200 OK 17 kB URL HTTP/2 evenstadmusikk.no/dist/js/2.0da3ac3e030567eb42ed.bundle.js
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (65074)
Hash 99b90c3783ee788dccde1fe0db90ee8b
7a86c50d42c453f10f0dfb7c9606bdcb751221e7
f8ee55cf8ea6de787a60e07dd5368927ee56b7bc4ed00e78c8dddcb3081e08c3
GET /dist/js/2.0da3ac3e030567eb42ed.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 16763
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/main.ce4c6c793c2ece21ca7a.bundle.js
200 OK 11 kB URL HTTP/2 evenstadmusikk.no/dist/js/main.ce4c6c793c2ece21ca7a.bundle.js
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (43050)
Hash fcfe4a392d71570f374119d43f520470
7e53800c88831fbf22b7237c90f239e5a74fedcb
8d214b0d4a15c310485724db332b76bcd8dca354e78fa95d36f7cdef662d82b5
GET /dist/js/main.ce4c6c793c2ece21ca7a.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 10880
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.js
200 OK 324 B URL HTTP/2 evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.js
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (482)
Hash 179532837400772dd29cd25dd70e12ee
dc3f5c2a19d9883798fc9e1196cd3cf65f7fd468
d42ab38beae6428f2859a7b3a8384b6ea5cb87d273a647b1d34afccac3c518bb
GET /dist/js/5.c97c0cb1fc3aef23e7cb.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 324
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/main-styles.983569736b6ec5f6a2f6.bundle.js
200 OK 414 B URL HTTP/2 evenstadmusikk.no/dist/js/main-styles.983569736b6ec5f6a2f6.bundle.js
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (464)
Hash 209b3f0e68089d359864c983d4cb4ea5
56e758ec7b661173fa269a4759a4f4d73e26782e
21445b65e71e5206ba10634da783b06c778d805568bd966e5e85ba535379dc1b
GET /dist/js/main-styles.983569736b6ec5f6a2f6.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 414
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.js
200 OK 307 B URL HTTP/2 evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.js
IP
ASN #21119 Braathe Gruppen AS
Hash ed75b580c347abdaaf2f8e21463a19ec
a29de8f0ba99ca6c7423016f351f2d82515885d9
94ecc976175501ed960a9abf60be6bd189b6007908b48b56784e4b80ba99eac6
GET /dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 307
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/bid-banner.9963cc1778d143d9e89d.bundle.js
200 OK 1.1 kB URL HTTP/2 evenstadmusikk.no/dist/js/bid-banner.9963cc1778d143d9e89d.bundle.js
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (2901)
Hash a2eb359233bcc9e7f65d149e21ecc20a
2e661c297a24a175fc7bc6316a6c2b4b9b304fc6
f1b03dc42dc988b0bafed04d8e0578ff4909ea98f7b4277828527e128293e50a
GET /dist/js/bid-banner.9963cc1778d143d9e89d.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 1073
X-Firefox-Spdy: h2
evenstadmusikk.no/App_Themes/Demonstrare4Dummy/Images/SeperatorArrow.gif
200 OK 37 B URL HTTP/2 evenstadmusikk.no/App_Themes/Demonstrare4Dummy/Images/SeperatorArrow.gif
IP
ASN #21119 Braathe Gruppen AS
File type GIF image data, version 87a, 2 x 11\012- data
Hash 6f73aa84eb3170630d812433a7f859ae
5d6f769d44b1a26dc7659047d006310b40dc1666
18052af927c25016d55b3f4dcdf96f767536b94fb29e2713adc5080bdb220fa1
GET /App_Themes/Demonstrare4Dummy/Images/SeperatorArrow.gif HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/gif
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 37
X-Firefox-Spdy: h2
evenstadmusikk.no/App_Themes/MASTER/images/1px_transparent.png
200 OK 141 B URL HTTP/2 evenstadmusikk.no/App_Themes/MASTER/images/1px_transparent.png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 273352ef860dea665ed24eed59488efe
14fbeaca4303ceff0662c23a0d13365766db1654
38631a426e372dbe90a52ab1b1f0312d254c3d2559472ced786530f89363295f
GET /App_Themes/MASTER/images/1px_transparent.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 141
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_3-269425501_plid_312254.Jpeg
200 OK 41 kB URL HTTP/2 evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_3-269425501_plid_312254.Jpeg
IP
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 762x562, components 3\012- data
Hash e361d5e2c4f336ffca3bada416e5bb1d
e35fec3e0d472fcd2929c1077243baaf29b114aa
d5d0392df241dd68b2ee6368e835aed58762fe62b69d997b93923d1cda3801e1
GET /Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_3-269425501_plid_312254.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Fri, 13 May 2022 09:59:38 GMT
accept-ranges: bytes
etag: "51fa8628b066d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 41040
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_2251401650_plid_312254.Jpeg
200 OK 48 kB URL HTTP/2 evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_2251401650_plid_312254.Jpeg
IP
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 762x562, components 3\012- data
Hash d3f930f84af9db9571d682e26df44696
da312e9f861fe588dead07d5def31ea06c59411e
69670db083e6a3a341c879dd4491711a5d180d72e9d41cd38f64092f5170317d
GET /Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_2251401650_plid_312254.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Fri, 13 May 2022 09:59:38 GMT
accept-ranges: bytes
etag: "f85d6a28b066d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 48342
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_1432636848_plid_312254.Jpeg
200 OK 19 kB URL HTTP/2 evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_1432636848_plid_312254.Jpeg
IP
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 762x562, components 3\012- data
Hash 696143f4eb7e01d7003e432679798e5e
e5d8cc5500c0a82cdad75a0d96ceeb08e62b0e65
7b9344ca8b6f26c17d21e948bc499bed37cbc3e1937ccf23089d3033f7c9af90
GET /Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_1432636848_plid_312254.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Fri, 13 May 2022 09:59:38 GMT
accept-ranges: bytes
etag: "56e69228b066d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 19247
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_4436868265_plid_312254.Jpeg
200 OK 43 kB URL HTTP/2 evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_4436868265_plid_312254.Jpeg
IP
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 762x562, components 3\012- data
Hash bad6119cf02b53a211b9e066325409f2
bc845cf480be55286d1e4e2fab7b01aceb102977
842adc6bdc5778f588219902b85232c73a55ee90f307e7d17f16dc62f501061b
GET /Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_4436868265_plid_312254.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Fri, 13 May 2022 09:59:38 GMT
accept-ranges: bytes
etag: "17d29e28b066d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 42943
X-Firefox-Spdy: h2
evenstadmusikk.no/Scripts/Web/SantanderCalcParams.js
200 OK 278 B URL HTTP/2 evenstadmusikk.no/Scripts/Web/SantanderCalcParams.js
IP
ASN #21119 Braathe Gruppen AS
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash f046c8d6f4b2694fa4da93b5559e76bc
779c1648a103d9912610c5b9dd51434ad4118439
5775685ee466510db2ba229e12128806b56f1f3b20836e03cab3558a120df453
GET /Scripts/Web/SantanderCalcParams.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 278
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_5319987240_plid_312254.Jpeg
200 OK 30 kB URL HTTP/2 evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_5319987240_plid_312254.Jpeg
IP
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 762x562, components 3\012- data
Hash 2683358bfcad0699e36310c14fcc3a6b
fbf7da2e75bf9cfae9cd02d953aeb847b031b652
c7132a21fd95190bee9cab36cd2901b2556d293d7da11e65e7d2bfd6b60a15ab
GET /Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_5319987240_plid_312254.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Fri, 13 May 2022 09:59:39 GMT
accept-ranges: bytes
etag: "4520ad28b066d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 29878
X-Firefox-Spdy: h2
evenstadmusikk.no/scripts/product-infoD4.js?v=XoJnnZ3NT3IGyy0pjUmMnkgkP4q1SxkGQkJHmqiCnmk1
200 OK 7.5 kB URL HTTP/2 evenstadmusikk.no/scripts/product-infoD4.js?v=XoJnnZ3NT3IGyy0pjUmMnkgkP4q1SxkGQkJHmqiCnmk1
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (22826), with no line terminators
Hash b33cc72c77d64105b0cf6d3fa3f5e471
c38a49aaecf198ce0f2f69baafed949647b9d26a
84e7dd07233948b7fa67f3a7ff1e552590359582d3dc7afaba59ff7776e2f36f
GET /scripts/product-infoD4.js?v=XoJnnZ3NT3IGyy0pjUmMnkgkP4q1SxkGQkJHmqiCnmk1 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Tue, 05 Dec 2023 19:51:22 GMT
last-modified: Mon, 05 Dec 2022 19:51:22 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 7464
X-Firefox-Spdy: h2
evenstadmusikk.no/css/images/flags/no.svg
200 OK 291 B URL HTTP/2 evenstadmusikk.no/css/images/flags/no.svg
IP
ASN #21119 Braathe Gruppen AS
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash b055a104cef55232e01a5ee94d3f72c9
6e43e96b74036e142b0a7270ba7a814671aa885b
2c0800132cf9e6c1a9f64d047984cd9083ccab7770f52db10899369b9f6fb9d3
GET /css/images/flags/no.svg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/svg+xml
last-modified: Fri, 04 Nov 2022 07:49:38 GMT
accept-ranges: bytes
etag: "01533fd21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 291
X-Firefox-Spdy: h2
evenstadmusikk.no/scripts/askforpriceview.js?v=rlZ5vyozOM1UtB9AJ4mR2v7PO3u6q1uvQh7D8zOIeH41
200 OK 2.5 kB URL HTTP/2 evenstadmusikk.no/scripts/askforpriceview.js?v=rlZ5vyozOM1UtB9AJ4mR2v7PO3u6q1uvQh7D8zOIeH41
IP
ASN #21119 Braathe Gruppen AS
File type Unicode text, UTF-8 text, with very long lines (5780), with no line terminators
Hash fa66d28df0716c956dc20fb9bc63a36e
819f161f4672dfd51e882a6cd8133d979ce95dd8
e6c59b3f4612e5bcc575a1e1ccc93c66817baca50629aad5d2e1340d29d65130
GET /scripts/askforpriceview.js?v=rlZ5vyozOM1UtB9AJ4mR2v7PO3u6q1uvQh7D8zOIeH41 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Tue, 05 Dec 2023 19:51:22 GMT
last-modified: Mon, 05 Dec 2022 19:51:22 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 2484
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash c0f2e44653544c31b236ab7bc136755e
334bc8c6fb8f449d245fbb6df33d7e7224d9bc24
c26c25c109ed5252473c1e29aae168cb8ea5de6a0094ecce4662f9540d11a0d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3428
Cache-Control: max-age=109510
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:22 GMT
Etag: "638d471d-1d7"
Expires: Wed, 07 Dec 2022 02:16:32 GMT
Last-Modified: Mon, 05 Dec 2022 01:19:25 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash f3c3a1b84ef6fb4ef55131abe538f11f
327af554899a6cc4ec5bdace546432086bc399c7
08cf72021829450b3360e9d01b6dd91e670c8adb748367df44a91fcfa91e4e85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=140265
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:22 GMT
Etag: "638dcca3-1d7"
Expires: Wed, 07 Dec 2022 10:49:07 GMT
Last-Modified: Mon, 05 Dec 2022 10:49:07 GMT
Server: nginx
Content-Length: 471
extranet.santanderconsumer.no/ExternalPages/JavaScript/GECalculator.js
200 OK 2.0 kB URL HTTP/1.1 extranet.santanderconsumer.no/ExternalPages/JavaScript/GECalculator.js
IP
File type ASCII text, with very long lines (316), with CRLF line terminators
Hash 6ba3e51c6e96d4685de648418689806d
b7bc891e2a582229588821dbe481c0d1916300a5
3a9062851a0f49cd8bec856c3e6f7d3417d80123cfd243bbd79782d3885af590
GET /ExternalPages/JavaScript/GECalculator.js HTTP/1.1
Host: extranet.santanderconsumer.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store
Pragma: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 23 Sep 2016 09:32:36 GMT
Accept-Ranges: bytes
ETag: "052276b7d15d21:0"
Vary: Accept-Encoding
Server:
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://partner.santanderconsumer.no
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; img-src 'self'; connect-src 'self'
X-Powered-By: ARR/2.5, ASP.NET
Date: Mon, 05 Dec 2022 19:51:22 GMT
Content-Length: 1988
evenstadmusikk.no/api/ProductInfo/IsBuyButtonVisible?plid=312254&_=1670269880237
200 OK 4 B URL HTTP/2 evenstadmusikk.no/api/ProductInfo/IsBuyButtonVisible?plid=312254&_=1670269880237
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /api/ProductInfo/IsBuyButtonVisible?plid=312254&_=1670269880237 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 4
X-Firefox-Spdy: h2
evenstadmusikk.no/App_Themes/Demonstrare2MASTER/Images/Flags/United-Kingdom.png
200 OK 1.1 kB URL HTTP/2 evenstadmusikk.no/App_Themes/Demonstrare2MASTER/Images/Flags/United-Kingdom.png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 8e58fcd8722c906510f344d0b7223d93
31a534aca1b0094344c8d87450e7066e3139b614
8a387d8558f49244c17766a18c27cacebdf97e8135ae386fa8e6aacca8aaa636
GET /App_Themes/Demonstrare2MASTER/Images/Flags/United-Kingdom.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 1132
X-Firefox-Spdy: h2
evenstadmusikk.no/App_Themes/Demonstrare2MASTER/Images/Flags/Norway.png
200 OK 626 B URL HTTP/2 evenstadmusikk.no/App_Themes/Demonstrare2MASTER/Images/Flags/Norway.png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash 0114e6aac48ec2f163429219fe36a42e
6908b2a4a82c1ac33d40a906ff65780c9b5c60ea
2ff81c8bf1be911f9f376f64b8f7f97e230b96adf6e95892a6a43e1de6a32265
GET /App_Themes/Demonstrare2MASTER/Images/Flags/Norway.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 626
X-Firefox-Spdy: h2
evenstadmusikk.no/userfiles/image/theme/EvenstadD4/logo-ny.png
200 OK 10 kB URL HTTP/2 evenstadmusikk.no/userfiles/image/theme/EvenstadD4/logo-ny.png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 295 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e4465aedb678084dec217680cffcc6a
03be16aa6f66a059090ef5aa5445633e4f55d2bc
5744489b7ff9864d5d64834d7efbd373712e29acabdd75fff06abf32d255fe91
GET /userfiles/image/theme/EvenstadD4/logo-ny.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/api/stylesheet/combined/EvenstadD4.css?version=60
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Mon, 17 Jan 2022 11:42:53 GMT
accept-ranges: bytes
etag: "21ddab5c97bd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 10352
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/fonts/multicase-icons.woff2?19959973
200 OK 9.0 kB URL HTTP/2 evenstadmusikk.no/fonts/multicase-icons.woff2?19959973
IP
ASN #21119 Braathe Gruppen AS
File type Web Open Font Format (Version 2), TrueType, length 9000, version 1.0\012- data
Hash ae9297c781988524286f15cc0d4523ad
a0cb1b8403f21e6d52ecf39b0f6405932bb69b71
dc06cd9132370d5fe97173d66d4eef4ae4419353ba2eb0f2cd75a530e0441c3b
GET /fonts/multicase-icons.woff2?19959973 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.css
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/font-woff2
last-modified: Fri, 04 Nov 2022 07:49:38 GMT
accept-ranges: bytes
etag: "01533fd21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 9000
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670214408266%26.sig%3DuHmkjodMC1usadIT9JcmFHUp_gE-%26affiliationId%3D96979714%26comId%3D10846323%26country%3Dno%26offerId%3Dd972a66fb9a85052677bd00beaa497ce%26service%3D37%26tokenId%3D32f34312-f203-4070-8685-542fb127b110%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D28%26&dr=https%3A%2F%2Fshopde.pricedeals.shop%2F&dp=%2F96979714%7C10846323%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Evenstad%20Musikk&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1944108957.1670269879&tid=UA-168544891-6&_gid=1927211249.1670269879&_r=1&cd1=96979714&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670269882302_2319225&cd3=10846323&cd4=a4c629a-184e3d7cfb6-13ece&cd5=&cd6=96979714%7C10846323%7C&z=249314720
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670214408266%26.sig%3DuHmkjodMC1usadIT9JcmFHUp_gE-%26affiliationId%3D96979714%26comId%3D10846323%26country%3Dno%26offerId%3Dd972a66fb9a85052677bd00beaa497ce%26service%3D37%26tokenId%3D32f34312-f203-4070-8685-542fb127b110%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D28%26&dr=https%3A%2F%2Fshopde.pricedeals.shop%2F&dp=%2F96979714%7C10846323%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Evenstad%20Musikk&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1944108957.1670269879&tid=UA-168544891-6&_gid=1927211249.1670269879&_r=1&cd1=96979714&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670269882302_2319225&cd3=10846323&cd4=a4c629a-184e3d7cfb6-13ece&cd5=&cd6=96979714%7C10846323%7C&z=249314720
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670214408266%26.sig%3DuHmkjodMC1usadIT9JcmFHUp_gE-%26affiliationId%3D96979714%26comId%3D10846323%26country%3Dno%26offerId%3Dd972a66fb9a85052677bd00beaa497ce%26service%3D37%26tokenId%3D32f34312-f203-4070-8685-542fb127b110%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D28%26&dr=https%3A%2F%2Fshopde.pricedeals.shop%2F&dp=%2F96979714%7C10846323%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Evenstad%20Musikk&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1944108957.1670269879&tid=UA-168544891-6&_gid=1927211249.1670269879&_r=1&cd1=96979714&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670269882302_2319225&cd3=10846323&cd4=a4c629a-184e3d7cfb6-13ece&cd5=&cd6=96979714%7C10846323%7C&z=249314720 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Mon, 05 Dec 2022 19:51:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
evenstadmusikk.no/favicon.ico?dev=abcdefgh
200 OK 326 B URL HTTP/2 evenstadmusikk.no/favicon.ico?dev=abcdefgh
IP
ASN #21119 Braathe Gruppen AS
File type MS Windows icon resource - 1 icon, 32x32, 2 colors\012- data
Hash 5a4d24568f6a92a0cacfe2f05ba3ae82
aaa07e287c68effb8a81615a19948203609cc54b
e734a7e810d7d2b2e915e621f2e3611fce849940db563fa44829b3aac3df6cdb
GET /favicon.ico?dev=abcdefgh HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/x-icon
last-modified: Thu, 21 Aug 2014 08:17:10 GMT
accept-ranges: bytes
etag: "8d42234e18bdcf1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 326
X-Firefox-Spdy: h2
evenstadmusikk.no/css/cust/favicon/apple-touch-icon.png?v=dLmbbyaK80
200 OK 6.5 kB URL HTTP/2 evenstadmusikk.no/css/cust/favicon/apple-touch-icon.png?v=dLmbbyaK80
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 76 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash f799e68bcb69dabe8939d2556f0c9bd6
88b49665766539945d9220965a8c0a4889099571
3bf946e26f8b8e155021f2d0ffbc0423a8ec667f084a69526c3b8f92157199c9
GET /css/cust/favicon/apple-touch-icon.png?v=dLmbbyaK80 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Thu, 01 Mar 2018 12:37:56 GMT
accept-ranges: bytes
etag: "0aaa51f5ab1d31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
content-length: 6483
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 04:38:14 GMT
expires: Thu, 30 Nov 2023 04:38:14 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 486789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194-1766544141_plid_312254.Jpeg
200 OK 1.5 kB URL HTTP/2 evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194-1766544141_plid_312254.Jpeg
IP
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 65518609d2f3945e09db781824c0e0fd
81fbdbd13f501b8b88677c605063e3e20ffc5ddf
fd743a26c2c24bf3b72430af06092ec7cc279d70513b75740f94c95fc55015f6
GET /Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194-1766544141_plid_312254.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Wed, 26 Jan 2022 10:31:10 GMT
accept-ranges: bytes
etag: "a8c6e9d59f12d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 1532
X-Firefox-Spdy: h2
evenstadmusikk.no/api/stylesheet/combined/EvenstadD4.css?version=60
200 OK 15 kB URL HTTP/2 evenstadmusikk.no/api/stylesheet/combined/EvenstadD4.css?version=60
IP
ASN #21119 Braathe Gruppen AS
Hash 91f1d8606572874d3728a4e00b1d9dbd
e0ed33ba9369140725b47c222959b7398042d47e
5a3beef9ac08fd64f0515b90659694057efb71b2e07d8492c38f89c47b2ff16d
GET /api/stylesheet/combined/EvenstadD4.css?version=60 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
X-Firefox-Spdy: h2
evenstadmusikk.no/css/Demonstrare4/images/royalslider/rs-default.png
200 OK 1.5 kB URL HTTP/2 evenstadmusikk.no/css/Demonstrare4/images/royalslider/rs-default.png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 197 x 133, 8-bit colormap, non-interlaced\012- data
Hash 681c1acdf3b644425e5cca45dd78a675
98c3b4a42100bf1f165ddf5d23d0e3768ca4454e
5ea1a728dcf8b49df966750696ae4c0b11d2273cfed529425df78fb9898e7abe
GET /css/Demonstrare4/images/royalslider/rs-default.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 04 Nov 2022 07:49:38 GMT
accept-ranges: bytes
etag: "01533fd21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 1509
X-Firefox-Spdy: h2
evenstadmusikk.no/scripts/web-4.0.js?v=UT230Hepij_Kq8SEtin6YFsQVg5zgW3vFEE3RJV2x_41
200 OK 99 kB URL HTTP/2 evenstadmusikk.no/scripts/web-4.0.js?v=UT230Hepij_Kq8SEtin6YFsQVg5zgW3vFEE3RJV2x_41
IP
ASN #21119 Braathe Gruppen AS
Hash 6394e2b72fdd6962add709cb2340a5a8
d31a99bddce9b666501e43f984a7eb3df6db2b1f
9932153171b86923637714f44569310fc25a1caf5c1bdde23576fe4571f74245
GET /scripts/web-4.0.js?v=UT230Hepij_Kq8SEtin6YFsQVg5zgW3vFEE3RJV2x_41 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Tue, 05 Dec 2023 19:51:22 GMT
last-modified: Mon, 05 Dec 2022 19:51:22 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_1-777523184_plid_312254.Jpeg
200 OK 1.4 kB URL HTTP/2 evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_1-777523184_plid_312254.Jpeg
IP
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash ec3a4050777bdbf5fd1e269df53b7ad4
019d35577fc8f8fdead7cbf2f71b231084388eb4
83cde3776e69ea4964442e81ba8c97dca7496f21eccb7eb5d937d24e7c5e3970
GET /Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_1-777523184_plid_312254.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Mon, 21 Mar 2022 12:46:09 GMT
accept-ranges: bytes
etag: "278da1a3213dd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 1419
X-Firefox-Spdy: h2
evenstadmusikk.no/scripts/web-defered-4.0.js?v=fN0WFA_YErzDhsWH4WrlY8lI1cQt512_kP0y-_N2FxI1
200 OK 135 kB URL HTTP/2 evenstadmusikk.no/scripts/web-defered-4.0.js?v=fN0WFA_YErzDhsWH4WrlY8lI1cQt512_kP0y-_N2FxI1
IP
ASN #21119 Braathe Gruppen AS
Size 135 kB (134815 bytes)
Hash 9ef25dd9f504d06dc7cfa543a280c50b
2a77c5fa182edd8d3740c1386fbaa043e040909b
742a91baff15254584f1ebc9a68ad6fcd90d223074b8c5590012a21f3d534891
GET /scripts/web-defered-4.0.js?v=fN0WFA_YErzDhsWH4WrlY8lI1cQt512_kP0y-_N2FxI1 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Tue, 05 Dec 2023 19:51:22 GMT
last-modified: Mon, 05 Dec 2022 19:51:22 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:22 GMT
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_5772939464_plid_312254.Jpeg
200 OK 1.7 kB URL HTTP/2 evenstadmusikk.no/Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_5772939464_plid_312254.Jpeg
IP
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 4cccf0711275a3c4f3f5ba7185401f07
9991445901351b5d4d025b888aa9dda792ea6ae6
fab3cb37d12b36ea5400896af7db90acc0b3bfa70cdd3f4828d77e0c486b5441
GET /Media/Cache/Images/3/4/WEB_Image_Gretsch_G2622_Streamliner_Center_Block_V_1157194_5772939464_plid_312254.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Wed, 26 Jan 2022 10:31:14 GMT
accept-ranges: bytes
etag: "8a13fbd79f12d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 1685
X-Firefox-Spdy: h2
evenstadmusikk.no/css/Demonstrare4/images/royalslider/preloader.gif
200 OK 2.0 kB URL HTTP/2 evenstadmusikk.no/css/Demonstrare4/images/royalslider/preloader.gif
IP
ASN #21119 Braathe Gruppen AS
File type GIF image data, version 89a, 20 x 20\012- data
Hash 5695f03663b39ed4b9436d789f0b27ec
62be0d1e5848a717a52ea0b923a47f0d0d6086e3
04c9abd7ff30a71e2e308f76c509c325b099ab6e3667859df6ede4b9aebf6c4c
GET /css/Demonstrare4/images/royalslider/preloader.gif HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/gif
last-modified: Fri, 04 Nov 2022 07:49:38 GMT
accept-ranges: bytes
etag: "01533fd21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 1986
X-Firefox-Spdy: h2
evenstadmusikk.no/css/Demonstrare4/images/royalslider/slider-left.png
200 OK 1.2 kB URL HTTP/2 evenstadmusikk.no/css/Demonstrare4/images/royalslider/slider-left.png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 44 x 44, 8-bit colormap, non-interlaced\012- data
Hash 60f073c1b01abeefb1303111a4998205
e227b7f93246b3b94f7cfbc50063af67bf82f373
1e594cea1ef10f1145f4d2053797655a09ca9b6e31d7ae8b2d9674be8defec60
GET /css/Demonstrare4/images/royalslider/slider-left.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 04 Nov 2022 07:49:38 GMT
accept-ranges: bytes
etag: "01533fd21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 1157
X-Firefox-Spdy: h2
evenstadmusikk.no/css/Demonstrare4/images/royalslider/slider-right.png
200 OK 659 B URL HTTP/2 evenstadmusikk.no/css/Demonstrare4/images/royalslider/slider-right.png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 44 x 44, 8-bit colormap, non-interlaced\012- data
Hash dae4fd6d05ab5f8de893ca495781a470
aa7272fa8cdd34428da676b3af06ff238722640d
9e0c734a184fa8d90b888f49ee72b00baa4bd0fc7d2e81c4f9acb202b35da7c1
GET /css/Demonstrare4/images/royalslider/slider-right.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 04 Nov 2022 07:49:38 GMT
accept-ranges: bytes
etag: "01533fd21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 659
X-Firefox-Spdy: h2
evenstadmusikk.no/api/Campaign/LoadSpecialOffers?_=1670269880238
200 OK 41 B URL HTTP/2 evenstadmusikk.no/api/Campaign/LoadSpecialOffers?_=1670269880238
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- , ASCII text, with no line terminators
Hash 869a8c7b1da5af6130726896dc38da10
393c31667a6b2a37462994d42e01c7db1efd653b
a823eabc48c16d9fa3176bcda6e8788956b4c7eff3b709f11f63458cab894dbb
GET /api/Campaign/LoadSpecialOffers?_=1670269880238 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 41
X-Firefox-Spdy: h2
evenstadmusikk.no/api/AreaRenderer/GetPriceDataAsync
200 OK 368 B URL HTTP/2 evenstadmusikk.no/api/AreaRenderer/GetPriceDataAsync
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- , ASCII text, with very long lines (368), with no line terminators
Hash 3452792c98136c2e8b0291eae4851083
670338305541a960fde705c668a0c4e67f06a1a0
846a0917f6e7cd8b4525e5bfc288db6a888e635d42c6641fcade914b3a710203
POST /api/AreaRenderer/GetPriceDataAsync HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 159
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 368
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/api/AreaRenderer/RenderFields
200 OK 11 kB URL HTTP/2 evenstadmusikk.no/api/AreaRenderer/RenderFields
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (11404), with no line terminators
Hash da8e04b2df6e95b6150697e1235da505
bd1cbba0566f68c73e31b33cd34bea97668f066a
3718f07dfec98d42593ed1df93ab88b85ab861def9984cac5023bb54be84bbce
POST /api/AreaRenderer/RenderFields HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 2270
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
set-cookie: McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; expires=Tue, 05-Dec-2023 19:51:22 GMT; path=/; SameSite=Lax
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 11426
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/api/TinyPopup/RenderTinyPopup
200 OK 977 B URL HTTP/2 evenstadmusikk.no/api/TinyPopup/RenderTinyPopup
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- HTML document, ASCII text, with very long lines (977), with no line terminators
Hash 5a91e9a5dd231efcda1b0e443d374db2
1b0a78777e3352edb6e54c52607573d12c85abbe
82902e2c642af193113b73b451bdfe31c7cda5b3d7192e3b10a0ce9e932b4cbf
POST /api/TinyPopup/RenderTinyPopup HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 11
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 977
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 3522
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Web/ImageNotFound.gif
200 OK 1.3 kB URL HTTP/2 evenstadmusikk.no/Media/Web/ImageNotFound.gif
IP
ASN #21119 Braathe Gruppen AS
File type GIF image data, version 89a, 320 x 320\012- data
Hash 614b97f22314f54ee79c9d4760f67708
e09504820eecfcf78e6a5d528959b17aa1f70953
34822960f798e8f9351dea6596eeed407cf705e59d244f8d124f4fb3249e5976
GET /Media/Web/ImageNotFound.gif HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/gif
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 1348
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/Media/Publisher/ArticleImages/evenstadlogo%20bw1318232963_scaled_3201644415965_scaled_320.Jpeg
200 OK 2.0 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/evenstadlogo%20bw1318232963_scaled_3201644415965_scaled_320.Jpeg
IP
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 68x67, components 3\012- data
Hash a1465910a001ee5c10bdbb468a945d03
8372b7a8073459dd598478586e50b4f00aed85e6
3b77d4ec27723324fe864c362001b5263f6a5e6c3c9b9b194148a4bd91fe0191
GET /Media/Publisher/ArticleImages/evenstadlogo%20bw1318232963_scaled_3201644415965_scaled_320.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Mon, 04 Apr 2022 09:38:27 GMT
accept-ranges: bytes
etag: "858f91bc748d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 2027
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/facebook1644415965_scaled_320.Png
200 OK 851 B URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/facebook1644415965_scaled_320.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b3bab07d4e9d123055aaaf2df5a212e
0bc878c327e7b5f6fcf2f652cc93b5583ce3641d
418af470f0be5746d7391db907c658d9c4b74bc7b10bdd27fe245807043f338d
GET /Media/Publisher/ArticleImages/facebook1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "eed36467bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 851
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/instagram1644415965_scaled_320.Png
200 OK 1.1 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/instagram1644415965_scaled_320.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 673f78118abb9a568a6fe579b8349149
a068caa12bbdbc88fec8b39bd7e82ce34c0ea94b
d67d8e824be7bc112f7c094f103eac4179848fbb584d217b7324f2ea6bd27a27
GET /Media/Publisher/ArticleImages/instagram1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "45366767bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 1102
X-Firefox-Spdy: h2
fonts.gstatic.com/s/yanonekaffeesatz/v24/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2
200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/yanonekaffeesatz/v24/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25540, version 1.0\012- data
Hash 3dc72cae1a32e87b38144a702ba627e0
bfbc729a34b987cd06d20842c5049ac275ea4139
1c57101bb57275c8c8cafc5d6216131a378c4388a52656ed3770068cd0ab10b9
GET /s/yanonekaffeesatz/v24/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25540
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 23:44:48 GMT
expires: Wed, 29 Nov 2023 23:44:48 GMT
cache-control: public, max-age=31536000
age: 504395
last-modified: Tue, 23 Aug 2022 18:11:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/twitter1644415965_scaled_320.Png
200 OK 891 B URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/twitter1644415965_scaled_320.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 8736afd5ed0a28ed6175615d0ec9abf3
d9f28966fa4e2af8a85197f59792da857b109dd9
b2050927a90edc5a9b9fe86fbdaf28e9483d34df614e266aca9d653516cc4ef3
GET /Media/Publisher/ArticleImages/twitter1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "45366767bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 891
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/youtube1644415965_scaled_320.Png
200 OK 2.4 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/youtube1644415965_scaled_320.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 96 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fc0a4417800592af0662b12e57cbfe3
e3a00dafcf326d847a360b4d2c3453fad461436b
04dbb85c3e4fce945cefc48d4700a8b7f9290caef7771f8b93396298bf908930
GET /Media/Publisher/ArticleImages/youtube1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "45366767bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 2420
X-Firefox-Spdy: h2
evenstadmusikk.no/api/Responsive/SetScreenSizeMatched?matched=true&_=1670269880239
200 OK 6 B URL HTTP/2 evenstadmusikk.no/api/Responsive/SetScreenSizeMatched?matched=true&_=1670269880239
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with no line terminators
Hash ebc576222020c2a2ae2fc769169f1d2a
0e1cdc4ff179fdf17f6cc1de1f04f79e3ba63503
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee
GET /api/Responsive/SetScreenSizeMatched?matched=true&_=1670269880239 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 6
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/api/SlideOverBox/RenderSlideOverBox
200 OK 920 B URL HTTP/2 evenstadmusikk.no/api/SlideOverBox/RenderSlideOverBox
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- HTML document, ASCII text, with very long lines (920), with no line terminators
Hash aa4319af842e781d8ef78c6fac1194c4
923cbcb23020323bc4909e6ab91c1f5a82da7882
ea2d8a500bc9d8ee170aae8af5986203069291079869fe9e8b3cb005a84ccf9e
POST /api/SlideOverBox/RenderSlideOverBox HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 11
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 920
X-Firefox-Spdy: h2
evenstadmusikk.no/api/Cart/LoadCart?cartName=&hasCarrier=false&guid=&favGuid=&_=1670269880240
200 OK 1.9 kB URL HTTP/2 evenstadmusikk.no/api/Cart/LoadCart?cartName=&hasCarrier=false&guid=&favGuid=&_=1670269880240
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- , ASCII text, with very long lines (1889), with no line terminators
Hash 5d0f07b192a7b41a55b7f17bd81829ab
a079308a424323a269ebe0b66f69975a07a923ca
c23993b6582e1540dde2801808c2a6698dcc14bff9432be692cb901cdc66de2a
GET /api/Cart/LoadCart?cartName=&hasCarrier=false&guid=&favGuid=&_=1670269880240 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 1889
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/api/AreaRenderer/RenderFields
200 OK 5.9 kB URL HTTP/2 evenstadmusikk.no/api/AreaRenderer/RenderFields
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (5856), with no line terminators
Hash 1db740a5f2dea27b61b64a7c93d5b6fd
09f6991bea10ae3e348989e4d20164f019cc38c0
96c5f75da1d0c685669f02a9d8539b6341853c4b717c83e9b968a4d55a47e34a
POST /api/AreaRenderer/RenderFields HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 1139
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 5859
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-M4PR24
200 OK 88 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M4PR24
IP
File type ASCII text, with very long lines (11328)
Hash 68eea3eb74953fb3a7a1a1991b94ad49
76af774605114a0e664e41f9e26ac9757d228e1c
a2aea3b42e911e0b9fea669c4d727003647a7e3bbc1f96c51bfb10e92c424594
GET /gtm.js?id=GTM-M4PR24 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 19:51:23 GMT
expires: Mon, 05 Dec 2022 19:51:23 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87960
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
evenstadmusikk.no/api/OrderbookManagement/GetFavouriteSettings?_=1670269880242
200 OK 29 B URL HTTP/2 evenstadmusikk.no/api/OrderbookManagement/GetFavouriteSettings?_=1670269880242
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- , ASCII text, with no line terminators
Hash efa5e4ce7d2d30bd853f5e49f3390727
e79e5f66d448ebd9a4177b5cbdae7266486b7590
95b096eaa4a28e8d1bd5d14eb376a69087c17d8eb4f85bd2843f194fd2da9b6f
GET /api/OrderbookManagement/GetFavouriteSettings?_=1670269880242 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 29
X-Firefox-Spdy: h2
evenstadmusikk.no/api/Stats/CheckForPopupAfterProductVisit
200 OK 5 B URL HTTP/2 evenstadmusikk.no/api/Stats/CheckForPopupAfterProductVisit
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
POST /api/Stats/CheckForPopupAfterProductVisit HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 32
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 5
X-Firefox-Spdy: h2
evenstadmusikk.no/api/Menu/GetHtmlMenu?nodeId=2004432&screensize=lg&screensizePixels=1200&width=1280&height=1024&showMobileMenuCollapsed=false&_=1670269880241
200 OK 6.1 kB URL HTTP/2 evenstadmusikk.no/api/Menu/GetHtmlMenu?nodeId=2004432&screensize=lg&screensizePixels=1200&width=1280&height=1024&showMobileMenuCollapsed=false&_=1670269880241
IP
ASN #21119 Braathe Gruppen AS
Hash d8bcbae1c99e69e9951bafde133949ca
5f396cbf3697a3af33d9e7430394a565a1f55dfb
59279a0f447e7f92d8bd4ce53afe4800477723eb592cc2fb76d9506669b49671
GET /api/Menu/GetHtmlMenu?nodeId=2004432&screensize=lg&screensizePixels=1200&width=1280&height=1024&showMobileMenuCollapsed=false&_=1670269880241 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: text/plain; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
X-Firefox-Spdy: h2
evenstadmusikk.no/api/ImageRenderer/ListImageTagsAsync
200 OK 1.3 kB URL HTTP/2 evenstadmusikk.no/api/ImageRenderer/ListImageTagsAsync
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- HTML document, ASCII text, with very long lines (1324), with no line terminators
Hash c9b491202bee75c0c3d338db86eb6da8
796d48f0e1a38b04ce28d25a7ec57af12c2dde9c
3d033545dbe485bf8142a7d95b116d19c00c1e977acf1a082f26d5e3b9a420ce
POST /api/ImageRenderer/ListImageTagsAsync HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 859
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 1324
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Cache/Images/2/5/WEB_Image_Gretsch_G2622T_Case__Black_Streamliner_C_1135130120899952.Jpeg
200 OK 2.2 kB URL HTTP/2 evenstadmusikk.no/Media/Cache/Images/2/5/WEB_Image_Gretsch_G2622T_Case__Black_Streamliner_C_1135130120899952.Jpeg
IP
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 120x120, components 3\012- data
Hash 02d4ee91ac7ef35a95f081d44f0c0ca7
07a175607eda54c9fc605befaf702a089ebe2955
63b32541b3cb8f49b22236fa7ae225e1497db3c524f292e241c81a4aa3e233a1
GET /Media/Cache/Images/2/5/WEB_Image_Gretsch_G2622T_Case__Black_Streamliner_C_1135130120899952.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Sun, 02 May 2021 12:49:12 GMT
accept-ranges: bytes
etag: "ea1418d513fd71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 2161
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Cache/Images/2/0/WEB_Image_Gretsch_G2162_Gig_Bag__Black_Hollow_Body_1135115-621058189.Jpeg
200 OK 2.1 kB URL HTTP/2 evenstadmusikk.no/Media/Cache/Images/2/0/WEB_Image_Gretsch_G2162_Gig_Bag__Black_Hollow_Body_1135115-621058189.Jpeg
IP
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 120x120, components 3\012- data
Hash 22062780da9257a234d1468c601dd8c7
1cbe3e83f337b924931e3e67aad3efae66b0767e
ec165d416130671cf27eb883553ac8f81156bb2aa6f228d0f833b38c236c850e
GET /Media/Cache/Images/2/0/WEB_Image_Gretsch_G2162_Gig_Bag__Black_Hollow_Body_1135115-621058189.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Thu, 29 Apr 2021 18:43:20 GMT
accept-ranges: bytes
etag: "a5abfa86273dd71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 2084
X-Firefox-Spdy: h2
evenstadmusikk.no/api/ProductInfo/HasMultipleFavouriteCarts?_=1670269880243
200 OK 5 B URL HTTP/2 evenstadmusikk.no/api/ProductInfo/HasMultipleFavouriteCarts?_=1670269880243
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /api/ProductInfo/HasMultipleFavouriteCarts?_=1670269880243 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/gretsch/1157194/gretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple?kk=a4c629a-184e3d7cfb6-13ece&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Gretsch+G2622+Streamliner+Center+Block+V
Cookie: .ASPXANONYMOUS=WHNBynQ_2QEkAAAAZmU4MjViYzgtOGQ1ZC00NGRhLTk4YzUtZDQ2NjNiNTIzNDll9Q6QmJJC7kmWubxsEMhd4LIQGZQ1; ASP.NET_SessionId=rorymmhpkidppatczxn3mftj; McWeb3.15.2-1=SPCId=2597597&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%22ea47401b-51ce-481a-bbe8-761efbebcb0c%22%2C%22lw%22:%2212-5-19-51%22%2C%22rf%22:%22https://no-go.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Mon, 05 Dec 2022 19:51:23 GMT
content-length: 5
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash c81ed25794ec8bb433ce22bfc4d0d4b3
3722daf40ed61492786e0050814f2623e4f7b87f
b85a723509f5a620445fd3f9a9cdc443f1bca31bcaabef42f7108a481576b41a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B85A723509F5A620445FD3F9A9CDC443F1BCA31BCAABEF42F7108A481576B41A"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8397
Expires: Mon, 05 Dec 2022 22:11:20 GMT
Date: Mon, 05 Dec 2022 19:51:23 GMT
Connection: keep-alive
instore.prisjakt.no/in.js
200 OK 1.0 kB URL HTTP/2 instore.prisjakt.no/in.js
IP
File type ASCII text, with CRLF line terminators
Hash fb418ac27bb48675b4803917790b3982
f6c7dcf10618bd0c2d40efe053397999ca9f6c98
7893b875a76fd8e460ebe49c174610b89b1fac032b399e39c6a2520bbee70257
GET /in.js HTTP/1.1
Host: instore.prisjakt.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:23 GMT
content-type: application/javascript
content-length: 1031
last-modified: Fri, 06 Feb 2015 07:12:58 GMT
etag: "a9f-50e662671d280-gzip"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 2381
accept-ranges: bytes
set-cookie: __cf_bm=MAcbW2yveM3w6Xcmy9PnVRqi52orW5HvdHriKnbc5Zg-1670269883-0-AZ3VaSbKM/OrIGQY0wm90wek7tBUxtDRCSXpCNrDnizy19cjjlil3EP1IKYAiiLUz2mR4MDukApQG26VjlHiVSg=; path=/; expires=Mon, 05-Dec-22 20:21:23 GMT; domain=.prisjakt.no; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 774f50f52cdbb500-OSL
X-Firefox-Spdy: h2
s.kk-resources.com/leadtag.js
200 OK 2.6 kB URL HTTP/1.1 s.kk-resources.com/leadtag.js
IP
File type C source, ASCII text, with very long lines (6910)
Hash b9c7aa9898d0e7b5d8dfa27c81eda1ac
3e22a4f4ac1fd469128de60e1a80433513242071
980531f0a81016e3a7a4c3fa56f75e7b791f1f4c09296992221bd766b91a53a0
GET /leadtag.js HTTP/1.1
Host: s.kk-resources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2595
Connection: keep-alive
X-Gravitee-Transaction-Id: 0b9d83c7-db97-48e8-9d83-c7db9758e8d2
X-Gravitee-Request-Id: 0b9d83c7-db97-48e8-9d83-c7db9758e8d2
ETag: "05e089e0c08fd98ee6b4f6497ec87752b123fc2f"
Request-Time: 5
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 12 Jul 2022 13:51:05 GMT
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 19:01:37 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xanmU3qWlA_immY_MQ0A9y4BPU-XyNy0tIm_0CDRhzRO10LnBV15Lg==
Age: 2986
ocsp.digicert.com/
200 OK 314 B IP
Hash 7d6fc12b56a98cf23a1ffc768497aea2
9c4b8f5a3332d37a08a9cc0aaa73e13318fbadba
f793f10b9b4276c9b38dc2752938f50937208e94b7f9d76e180003e80d9d6700
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5798
Cache-Control: max-age=98914
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:23 GMT
Etag: "638d1477-13a"
Expires: Tue, 06 Dec 2022 23:19:57 GMT
Last-Modified: Sun, 04 Dec 2022 21:43:19 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 314
cdn.spinnaker-js.com/rc/34349/scripts/s.js
200 OK 23 kB URL HTTP/2 cdn.spinnaker-js.com/rc/34349/scripts/s.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6a10755cd2b4f6f29dcd3631c8d96c87
c206e155940f7b465cc3f9606b705cbc2f01bd99
2f2ab9cac1c0a8dda0ef746b2d82b95bc3c9426b35cbaf326bb4388372914085
GET /rc/34349/scripts/s.js HTTP/1.1
Host: cdn.spinnaker-js.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 18 Apr 2022 09:57:52 GMT
x-amz-meta-version: 6.19.18-1.5.0
x-amz-meta-previous: rc/34349/scripts/s-1650275870.js
x-amz-meta-deployeddate: 2022-04-18 09:57:50
server: AmazonS3
content-encoding: br
date: Mon, 05 Dec 2022 01:59:52 GMT
etag: W/"bc4303ad7fe6e07dff443f7b21cf3d0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b862e3687b36a4ee0dbc1b9352fbfbb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: ivP0tyMyf0nOP9ieq-wyKxyFE4a_J5phlL74iojuJ2dFZFCjYfFvHA==
age: 64292
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 05 Dec 2022 18:41:08 GMT
expires: Mon, 05 Dec 2022 20:41:08 GMT
cache-control: public, max-age=7200
age: 4215
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 471 B IP
Hash c174a8460fc91e0fa77ad52a7e8ae593
6ba0d1078d0c938a50210fa1c0f34f07b64f2e75
b525786005fcac6a7db51cb0e792c8d56e76f41c8094240e8cfed32f14fb1b19
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:51:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 06:02:17 GMT
Expires: Sun, 11 Dec 2022 06:02:16 GMT
Etag: "6ba0d1078d0c938a50210fa1c0f34f07b64f2e75"
Cache-Control: max-age=468052,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f50f5aedcb50c-OSL
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: QlrMDIHDc2fThb0mITpMdVVO83NYtV/o7lZDJql8L8EkqHKNzr6By9eKI3e0CfwId2CccwImUHEVziKSIesHKg==
content-length: 27340
x-fb-trip-id: 1904183273
date: Mon, 05 Dec 2022 19:51:23 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025019056/?random=1670269880934&cv=11&fst=1670269880934&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=ecomm_prodid%3D1157194%3Becomm_pagetype%3DProductPage%3Becomm_pvalue%3D5925%3Becomm_pcat%3D-%3Becomm_pname%3DGretsch%20G2622%20Streamliner%20Center%20Block&rfmt=3&fmt=4
200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1025019056/?random=1670269880934&cv=11&fst=1670269880934&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=ecomm_prodid%3D1157194%3Becomm_pagetype%3DProductPage%3Becomm_pvalue%3D5925%3Becomm_pcat%3D-%3Becomm_pname%3DGretsch%20G2622%20Streamliner%20Center%20Block&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2903), with no line terminators
Hash 7abe2b0b3d138a0d941d02ae980746f0
36d80a9d6e9e17a5011af373fcd09533e4ab25c4
b066d1b5dc39a468ba08634f80b22356f0f4d02faa4db7570c063b9812e8945c
GET /pagead/viewthroughconversion/1025019056/?random=1670269880934&cv=11&fst=1670269880934&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=ecomm_prodid%3D1157194%3Becomm_pagetype%3DProductPage%3Becomm_pvalue%3D5925%3Becomm_pcat%3D-%3Becomm_pname%3DGretsch%20G2622%20Streamliner%20Center%20Block&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:51:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1143
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 20:06:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
services14.itxuc.com/plugins/plugin.js?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141
200 OK 24 kB URL HTTP/1.1 services14.itxuc.com/plugins/plugin.js?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141
IP
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (24258), with no line terminators
Hash 0da3d3058534e4d49b0cb9c126cec1b6
f77ff3c77bfb8bfa3ddb9f8c003ab41b333856e2
81bd0932d9a581b15b7a2e7784301bf8da61468a194493ef5a1b1e31fd663270
GET /plugins/plugin.js?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141 HTTP/1.1
Host: services14.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 19:51:24 GMT
Content-Type: application/javascript;charset=utf-8
Content-Length: 24258
Connection: keep-alive
Set-Cookie: JSESSIONID=71DBB419E6C6AD6C6C0CD08453545802; Path=/; Secure; HttpOnly; SameSite=None
ITXVOS: true
Cache-Control: public, max-age=300, must-revalidate
Expires: Mon, 05 Dec 2022 19:56:24 GMT
Last-Modified: Mon, 05 Dec 2022 14:19:43 GMT
ETag: W/"r1012010211670249983419"
Access-Control-Expose-Headers: ETag,Vary
Vary: Origin, Range
ITXVOS-Action: no.itx.portal.web.servletv2.plugins.PluginServlet
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025019056/?random=1670269880920&cv=11&fst=1670269880920&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&rfmt=3&fmt=4
200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1025019056/?random=1670269880920&cv=11&fst=1670269880920&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2569), with no line terminators
Hash d1c3e79ff2d8a110e3ac7d4e1b2b7156
53136667ff429953c1b1ee0a265330025e442d58
bf08e55a74478d48ae4bfa861940419f7b66ea9f216ea1aa8a337829031d5c32
GET /pagead/viewthroughconversion/1025019056/?random=1670269880920&cv=11&fst=1670269880920&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:51:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1082
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 20:06:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1933
Cache-Control: max-age=154786
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:24 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 14:51:10 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/signals/config/1303440676530456?v=2.9.89&r=stable
200 OK 86 kB URL HTTP/2 connect.facebook.net/signals/config/1303440676530456?v=2.9.89&r=stable
IP
File type ASCII text, with very long lines (64471)
Hash 8ab5ed40b63335aea45d2df32d19ef6c
3dce328ee3193e180b461477899a6947a6344bc7
c3d31fbe574e570d4b4487926a186149ea2594bd203120d90e82d6a4a9b08e65
GET /signals/config/1303440676530456?v=2.9.89&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ho+5F0tkQP+NF1gxdJgBjFyhX5+dEy3j02syic7G7NerGncBW8fZl58VLyHzJVrVRnnNsdrXdLmV77hYXrhX4w==
content-length: 86014
x-fb-trip-id: 1904183273
date: Mon, 05 Dec 2022 19:51:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.itxuc.com/r10120.10.2.1/jsv2/lib/babel/regeneratorRuntime.js
200 OK 7.0 kB URL HTTP/2 static.itxuc.com/r10120.10.2.1/jsv2/lib/babel/regeneratorRuntime.js
IP
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (6995), with no line terminators
Hash 65afb5c3ff3838e9f91c3b8f083c41e9
82846d481a92a6738ed8496f724aaf97b9efa148
688e51c1099e0876f57f5d13a105544fcf076f2cb267462104576762457e4213
GET /r10120.10.2.1/jsv2/lib/babel/regeneratorRuntime.js HTTP/1.1
Host: static.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 19:51:24 GMT
content-type: application/javascript
content-length: 6995
last-modified: Mon, 05 Dec 2022 14:17:33 GMT
etag: "638dfd7d-1b53"
expires: Thu, 30 Nov 2023 19:51:24 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-expose-headers: Content-Length
pragma: public
cache-control: max-age=31104000, public
vary: Origin
accept-ranges: bytes
X-Firefox-Spdy: h2
static.itxuc.com/r10120.10.2.1/jsv2/lib/portalPolyfill.js
200 OK 15 kB URL HTTP/2 static.itxuc.com/r10120.10.2.1/jsv2/lib/portalPolyfill.js
IP
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (14558), with no line terminators
Hash 7635320ef1aad608d965da49107b3790
15dae88b9aff31d5c1e4e6a32522ec4168bcdd21
3b31518219d8fa1d0c2fb7cbe9dea153cdd5c2bdda5a4d85a296a7951a563d2a
GET /r10120.10.2.1/jsv2/lib/portalPolyfill.js HTTP/1.1
Host: static.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 19:51:24 GMT
content-type: application/javascript
content-length: 14558
last-modified: Mon, 05 Dec 2022 14:17:38 GMT
etag: "638dfd82-38de"
expires: Thu, 30 Nov 2023 19:51:24 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-expose-headers: Content-Length
pragma: public
cache-control: max-age=31104000, public
vary: Origin
accept-ranges: bytes
X-Firefox-Spdy: h2
static.itxuc.com/r10120.10.2.1/jsv2/lib/itx.js
200 OK 30 kB URL HTTP/2 static.itxuc.com/r10120.10.2.1/jsv2/lib/itx.js
IP
ASN #2116 Globalconnect As
File type Unicode text, UTF-8 text, with very long lines (29485), with no line terminators
Hash d95df38c9816f455aba6cd7b04cf90c0
ab51c120c0402e85217c78e93b9716b474e041b3
849ddc3b541aa63b9011e907495ff56a76a9d263b0113d5c7d4d3c5c397dd880
GET /r10120.10.2.1/jsv2/lib/itx.js HTTP/1.1
Host: static.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 19:51:24 GMT
content-type: application/javascript
content-length: 29486
last-modified: Mon, 05 Dec 2022 14:17:34 GMT
etag: "638dfd7e-732e"
expires: Thu, 30 Nov 2023 19:51:24 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-expose-headers: Content-Length
pragma: public
cache-control: max-age=31104000, public
vary: Origin
accept-ranges: bytes
X-Firefox-Spdy: h2
status.thawte.com/
200 OK 471 B IP
Hash 7e5ad4121411ba414363ddb3e423cf8c
fe08cede309cac27b94c7c99975b6cb10eea3036
6d457360466f2b57f859d0aa9c1b919329087d57f455fa6a7e81a93c0260c571
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1005
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:24 GMT
Last-Modified: Mon, 05 Dec 2022 19:34:39 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
200 OK 471 B IP
Hash 7e5ad4121411ba414363ddb3e423cf8c
fe08cede309cac27b94c7c99975b6cb10eea3036
6d457360466f2b57f859d0aa9c1b919329087d57f455fa6a7e81a93c0260c571
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6423
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:24 GMT
Etag: "638cd943-1d7"
Last-Modified: Mon, 05 Dec 2022 18:04:21 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 314 B IP
Hash bc85173a64c2da746ac450cbe9e6a805
bdd92c2a5f1fc77e14a39b38220978c0d42b8805
a2a2f82af6d38cafab65857261082c96317b708bd1ee11bf12c7199d8290048d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5885
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:24 GMT
Etag: "638dd0c7-13a"
Last-Modified: Mon, 05 Dec 2022 18:13:19 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 314
s.kelkoogroup.net/k.gif
200 OK 0 B IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: etag
Referer: https://evenstadmusikk.no/
Origin: https://evenstadmusikk.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 43d5a41d-fe14-49b4-95a4-1dfe14b9b49c
X-Gravitee-Request-Id: 43d5a41d-fe14-49b4-95a4-1dfe14b9b49c
Vary: Origin
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://evenstadmusikk.no
Access-Control-Allow-Headers: etag
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Date: Mon, 05 Dec 2022 19:51:24 GMT
content-length: 0
s.kelkoogroup.net/k.gif
200 OK 43 B IP
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
ETag: a2Vsa29vSWQ9YTRjNjI5YS0xODRlM2Q3Y2ZiNi0xM2VjZQ==
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: d185f90a-9e30-49e3-85f9-0a9e3039e3b3
X-Gravitee-Request-Id: d185f90a-9e30-49e3-85f9-0a9e3039e3b3
ETag: a2Vsa29vSWQ9YTRjNjI5YS0xODRlM2Q3Y2ZiNi0xM2VjZQ==
Vary: *,Origin
Pragma: no-cache
Expires: 0
Request-Time: 0
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Last-Modified: Fri, 01 Jan 2010 00:00:00 GMT
Access-Control-Allow-Origin: https://evenstadmusikk.no
Access-Control-Expose-Headers: ETag
Access-Control-Allow-Credentials: true
Date: Mon, 05 Dec 2022 19:51:24 GMT
Content-Type: image/gif
content-length: 43
services14-node2.itxuc.com/rest/uc/chat/plugin/anonconfig?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141&hostname=evenstadmusikk.no
200 OK 5.7 kB URL HTTP/1.1 services14-node2.itxuc.com/rest/uc/chat/plugin/anonconfig?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141&hostname=evenstadmusikk.no
IP
ASN #2116 Globalconnect As
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5668)
Hash e7205756221e92952da7a20be06eb6f7
ca1298428ef3b58557a45144c5508c524f95c3f4
20502ca33bc0d829f15a734a017815d125950d3698ee8c6418075edd0a4da2e7
GET /rest/uc/chat/plugin/anonconfig?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141&hostname=evenstadmusikk.no HTTP/1.1
Host: services14-node2.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 19:51:24 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
ITXVOS: true
Cache-Control: public, max-age=300, must-revalidate
Pragma: cache
Expires: Mon, 05 Dec 2022 19:56:24 GMT
Access-Control-Allow-Headers: Content-Type,ITXVOS-Frontend-Version,Content-Length,Content-Disposition,ITXVOS-Mobile-App-Version,Iwp-User-Agent,Date,Object-Map-Response,ITX-Ensure-User
Access-Control-Expose-Headers: Content-Type,ITXVOS-Frontend-Version,Content-Length,Content-Disposition,ITXVOS-Mobile-App-Version,ETag,Date,ITX-Ensure-User-Failure,Vary
Access-Control-Allow-Origin: https://evenstadmusikk.no
Access-Control-Allow-Credentials: true
ITXVOS-Action: no.itx.portal.web.uc.action.ChatPluginConfigAnonActionGet
ITXVOS-Action-ID: 41011
ITXVOS-Frontend-Version: r10120.10.2.1
ITXVOS-Mobile-App-Version: 1.4.6/1.4.6
ITXVOS-Cached-Resource: No
Last-Modified: Sun, 04 Dec 2022 21:20:39 GMT
ETag: W/"1670188839617C60000141"
Vary: Origin, Range
Set-Cookie: JSESSIONID=447001091CE012FB69B6BCF088F0F92D; Path=/; Secure; HttpOnly; SameSite=None
iwpsessioncookie=iwpsess; Expires=Tue, 06-Dec-2022 19:51:24 GMT; Path=/; Secure; SameSite=None
bat.bing.com/action/0?ti=142000613&tm=gtm002&Ver=2&mid=eb6a5141-89c6-4c13-9923-9409d0b30295&sid=31120f1074d611edb63c438cc266dfcd&vid=311222a074d611eda6fc9d43144b06ef&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail,%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&kw=Gretsch%20G2622%20Streamliner%20Center%20Block,V-Stoptail,%20Forge%20Glow%20Maple,El-gitar,Gitar%20%2F%20Bass,Produkter,Instrumenter,Evenstad%20Musikk&p=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&r=https%3A%2F%2Fno-go.kelkoogroup.net%2F<=700&evt=pageLoad&sv=1&rn=420347
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=142000613&tm=gtm002&Ver=2&mid=eb6a5141-89c6-4c13-9923-9409d0b30295&sid=31120f1074d611edb63c438cc266dfcd&vid=311222a074d611eda6fc9d43144b06ef&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail,%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&kw=Gretsch%20G2622%20Streamliner%20Center%20Block,V-Stoptail,%20Forge%20Glow%20Maple,El-gitar,Gitar%20%2F%20Bass,Produkter,Instrumenter,Evenstad%20Musikk&p=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&r=https%3A%2F%2Fno-go.kelkoogroup.net%2F<=700&evt=pageLoad&sv=1&rn=420347
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=142000613&tm=gtm002&Ver=2&mid=eb6a5141-89c6-4c13-9923-9409d0b30295&sid=31120f1074d611edb63c438cc266dfcd&vid=311222a074d611eda6fc9d43144b06ef&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail,%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&kw=Gretsch%20G2622%20Streamliner%20Center%20Block,V-Stoptail,%20Forge%20Glow%20Maple,El-gitar,Gitar%20%2F%20Bass,Produkter,Instrumenter,Evenstad%20Musikk&p=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&r=https%3A%2F%2Fno-go.kelkoogroup.net%2F<=700&evt=pageLoad&sv=1&rn=420347 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=15C36CBE9A6E642B04697ECF9B9B65E5; domain=.bing.com; expires=Sat, 30-Dec-2023 19:51:24 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 691927C9D0FD4FC7BD129406E9C340E5 Ref B: OSL30EDGE0514 Ref C: 2022-12-05T19:51:24Z
date: Mon, 05 Dec 2022 19:51:23 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.itxuc.com/r10120.10.2.1/plugins/uc/chat/active_chat_helper.html?hostname=evenstadmusikk.no&endpoint=https:%2F%2Fservices14-node2.itxuc.com&token=%3Ftokenv2%3Dcac3710d0da4768b2cf7339cd3fd9d19%26rcntrl%3D1406233%26ccntrl%3D60000141%26useCorp%3D60000141
200 OK 1.2 kB URL HTTP/2 static.itxuc.com/r10120.10.2.1/plugins/uc/chat/active_chat_helper.html?hostname=evenstadmusikk.no&endpoint=https:%2F%2Fservices14-node2.itxuc.com&token=%3Ftokenv2%3Dcac3710d0da4768b2cf7339cd3fd9d19%26rcntrl%3D1406233%26ccntrl%3D60000141%26useCorp%3D60000141
IP
ASN #2116 Globalconnect As
Hash 755e6c8e1ac509f39cbf27df56ded595
cf52ac931c2973f88e48f94565c842d68e03a1e4
2d599974d83ba7b31292df9ef49156ee065335c92ac3d633ebd260f0d6e71cb8
GET /r10120.10.2.1/plugins/uc/chat/active_chat_helper.html?hostname=evenstadmusikk.no&endpoint=https:%2F%2Fservices14-node2.itxuc.com&token=%3Ftokenv2%3Dcac3710d0da4768b2cf7339cd3fd9d19%26rcntrl%3D1406233%26ccntrl%3D60000141%26useCorp%3D60000141 HTTP/1.1
Host: static.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 19:51:24 GMT
content-type: text/html
last-modified: Mon, 05 Dec 2022 14:17:02 GMT
etag: W/"638dfd5e-bad"
expires: Thu, 30 Nov 2023 19:51:24 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-expose-headers: Content-Length
pragma: public
cache-control: max-age=31104000, public
vary: Origin
content-encoding: gzip
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1303440676530456&ev=ViewContent&dl=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1670269881500&cd[content_type]=product&cd[content_ids]=1157194&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670269881495.1777992086&it=1670269881310&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1303440676530456&ev=ViewContent&dl=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1670269881500&cd[content_type]=product&cd[content_ids]=1157194&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670269881495.1777992086&it=1670269881310&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1303440676530456&ev=ViewContent&dl=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1670269881500&cd[content_type]=product&cd[content_ids]=1157194&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670269881495.1777992086&it=1670269881310&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 05 Dec 2022 19:51:24 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/833441087/?random=1670269881466&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=508718721&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/833441087/?random=1670269881466&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=508718721&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/833441087/?random=1670269881466&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=508718721&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:51:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/833441087/?random=1670269881475&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=event%3Dview_item%3Bid%3D1157194&fmt=3&is_vtc=1&random=3681635240&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/833441087/?random=1670269881475&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=event%3Dview_item%3Bid%3D1157194&fmt=3&is_vtc=1&random=3681635240&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/833441087/?random=1670269881475&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=event%3Dview_item%3Bid%3D1157194&fmt=3&is_vtc=1&random=3681635240&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:51:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1025019056/?random=1670269880920&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&fmt=3&is_vtc=1&random=1485217334&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1025019056/?random=1670269880920&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&fmt=3&is_vtc=1&random=1485217334&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1025019056/?random=1670269880920&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&fmt=3&is_vtc=1&random=1485217334&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:51:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/142000613.js
200 OK 1.4 kB URL HTTP/2 bat.bing.com/p/action/142000613.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 17c4dfe7f1fa39275cfde67ad185e9d4
c4c91762795e4b4bfdc2b8cde7d8189c799e72f4
579862499be8016be6864e722f033d48764d35213a513f5fc0f66b0ab5cb37b8
GET /p/action/142000613.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1424
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=0E2304421B676E8F01DC16331A926FF1; domain=.bing.com; expires=Sat, 30-Dec-2023 19:51:24 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 325744DCE23B4E498AEE433DE116C9BD Ref B: OSL30EDGE0514 Ref C: 2022-12-05T19:51:24Z
date: Mon, 05 Dec 2022 19:51:23 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1303440676530456&ev=PageView&dl=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1670269881497&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670269881495.1777992086&it=1670269881310&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1303440676530456&ev=PageView&dl=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1670269881497&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670269881495.1777992086&it=1670269881310&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1303440676530456&ev=PageView&dl=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1670269881497&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670269881495.1777992086&it=1670269881310&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 05 Dec 2022 19:51:24 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1025019056/?random=1670269880934&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=ecomm_prodid%3D1157194%3Becomm_pagetype%3DProductPage%3Becomm_pvalue%3D5925%3Becomm_pcat%3D-%3Becomm_pname%3DGretsch%20G2622%20Streamliner%20Center%20Block&fmt=3&is_vtc=1&random=1513003897&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1025019056/?random=1670269880934&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=ecomm_prodid%3D1157194%3Becomm_pagetype%3DProductPage%3Becomm_pvalue%3D5925%3Becomm_pcat%3D-%3Becomm_pname%3DGretsch%20G2622%20Streamliner%20Center%20Block&fmt=3&is_vtc=1&random=1513003897&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1025019056/?random=1670269880934&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=ecomm_prodid%3D1157194%3Becomm_pagetype%3DProductPage%3Becomm_pvalue%3D5925%3Becomm_pcat%3D-%3Becomm_pname%3DGretsch%20G2622%20Streamliner%20Center%20Block&fmt=3&is_vtc=1&random=1513003897&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:51:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1025019056/?random=1670269880934&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=ecomm_prodid%3D1157194%3Becomm_pagetype%3DProductPage%3Becomm_pvalue%3D5925%3Becomm_pcat%3D-%3Becomm_pname%3DGretsch%20G2622%20Streamliner%20Center%20Block&fmt=3&is_vtc=1&random=1513003897&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1025019056/?random=1670269880934&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=ecomm_prodid%3D1157194%3Becomm_pagetype%3DProductPage%3Becomm_pvalue%3D5925%3Becomm_pcat%3D-%3Becomm_pname%3DGretsch%20G2622%20Streamliner%20Center%20Block&fmt=3&is_vtc=1&random=1513003897&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1025019056/?random=1670269880934&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=ecomm_prodid%3D1157194%3Becomm_pagetype%3DProductPage%3Becomm_pvalue%3D5925%3Becomm_pcat%3D-%3Becomm_pname%3DGretsch%20G2622%20Streamliner%20Center%20Block&fmt=3&is_vtc=1&random=1513003897&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:51:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1025019056/?random=1670269880920&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&fmt=3&is_vtc=1&random=1485217334&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1025019056/?random=1670269880920&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&fmt=3&is_vtc=1&random=1485217334&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1025019056/?random=1670269880920&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&fmt=3&is_vtc=1&random=1485217334&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:51:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5481275-1&cid=603017719.1670269881&jid=354888416&_u=YGBAgAABAAAAAE~&z=251014005
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5481275-1&cid=603017719.1670269881&jid=354888416&_u=YGBAgAABAAAAAE~&z=251014005
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5481275-1&cid=603017719.1670269881&jid=354888416&_u=YGBAgAABAAAAAE~&z=251014005 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:51:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5481275-1&cid=603017719.1670269881&jid=354888416&_u=YGBAgAABAAAAAE~&z=251014005
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5481275-1&cid=603017719.1670269881&jid=354888416&_u=YGBAgAABAAAAAE~&z=251014005
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5481275-1&cid=603017719.1670269881&jid=354888416&_u=YGBAgAABAAAAAE~&z=251014005 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:51:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/833441087/?random=1670269881466&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=508718721&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/833441087/?random=1670269881466&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=508718721&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/833441087/?random=1670269881466&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=508718721&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:51:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/833441087/?random=1670269881475&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=event%3Dview_item%3Bid%3D1157194&fmt=3&is_vtc=1&random=3681635240&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/833441087/?random=1670269881475&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=event%3Dview_item%3Bid%3D1157194&fmt=3&is_vtc=1&random=3681635240&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/833441087/?random=1670269881475&cv=11&fst=1670266800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2Fgretsch%2F1157194%2Fgretsch-g2622-streamliner-center-block-v-stoptail-forge-glow-maple%3Fkk%3Da4c629a-184e3d7cfb6-13ece%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DGretsch%2BG2622%2BStreamliner%2BCenter%2BBlock%2BV&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Gretsch%20G2622%20Streamliner%20Center%20Block%20V-Stoptail%2C%20Forge%20Glow%20Maple%20-%20Evenstad%20Musikk&data=event%3Dview_item%3Bid%3D1157194&fmt=3&is_vtc=1&random=3681635240&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 19:51:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 312 B IP
Hash df6a1aaea058311c1166e483d7152460
dfe0a3b792ad95be7daf19f44f2edfe03e42bebe
8da4ee56739b4ef3d5e325c637a2255401195583ad8d85363b07e7b346b829ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5718
Cache-Control: max-age=170830
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:24 GMT
Etag: "638e2db5-138"
Expires: Wed, 07 Dec 2022 19:18:34 GMT
Last-Modified: Mon, 05 Dec 2022 17:43:17 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
200 OK 313 B IP
Hash 2a40dc5f613c39bb08e452d5e9e5e1d5
eef03a46d8b2005e339837e5cea6b74003e988dd
2988d82dbcb3f62b84a6f7625dacaec5f9ca55cb2b8160785d4507a53cfcfd31
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5889
Cache-Control: max-age=143261
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:24 GMT
Etag: "638dc158-139"
Expires: Wed, 07 Dec 2022 11:39:05 GMT
Last-Modified: Mon, 05 Dec 2022 10:00:56 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/syncframe?topUrl=evenstadmusikk.no&origin=onetag
200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=evenstadmusikk.no&origin=onetag
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash a107c5e83c054067ba03b192280b8fc9
1f3bd59146cb5ffbca71eb390f5b736c53100e64
3cc08da3c1aa4a009c90f0f29b9f8391e43f2cfdd3282c77d4a5b0191283f400
GET /syncframe?topUrl=evenstadmusikk.no&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:23 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=6a7763ea-8ecc-4444-bd07-b3671b173e89; expires=Sat, 30 Dec 2023 19:51:23 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 362119
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
302 Found 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=F84CFD6B9FCC44A4AD20BD8E8C8F0E3E&RedC=c.clarity.ms&MXFR=22716B170EBB68532C5579660ABB6633
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=22716B170EBB68532C5579660ABB6633; domain=.clarity.ms; expires=Sat, 30-Dec-2023 19:51:24 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Mon, 05 Dec 2022 19:51:24 GMT
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2cd4e561f1ad90375522bec33bb9c57
94ec018dc1991d5d0b00c2b99c1d52c873ce2d7c
d34d6f434bebd00c1026fdaa7cb7b3fd2c514d681cb7fddfc0627014b9bd7eee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D34D6F434BEBD00C1026FDAA7CB7B3FD2C514D681CB7FDDFC0627014B9BD7EEE"
Last-Modified: Mon, 05 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3558
Expires: Mon, 05 Dec 2022 20:50:42 GMT
Date: Mon, 05 Dec 2022 19:51:24 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 6fbb7a205e42c7362ad55d4c69d0337c
fba6690425dde6b0674b24e342d503622a87fb2d
c643e8ee7186239b45bfbf4e2cf35436046f7cc97d6b5814562ce9110236b8ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3884
Cache-Control: max-age=123977
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:24 GMT
Etag: "638d7dd9-117"
Expires: Wed, 07 Dec 2022 06:17:41 GMT
Last-Modified: Mon, 05 Dec 2022 05:12:57 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
matching.ivitrack.com/sync?realm=criteo&uid=k-eB9BEKAYENw1J4r9Iw57aae3I3mvSt3udh8Png
200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-eB9BEKAYENw1J4r9Iw57aae3I3mvSt3udh8Png
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-eB9BEKAYENw1J4r9Iw57aae3I3mvSt3udh8Png HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Mon, 05 Dec 2022 19:51:24 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=F84CFD6B9FCC44A4AD20BD8E8C8F0E3E&RedC=c.clarity.ms&MXFR=22716B170EBB68532C5579660ABB6633
302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=F84CFD6B9FCC44A4AD20BD8E8C8F0E3E&RedC=c.clarity.ms&MXFR=22716B170EBB68532C5579660ABB6633
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=F84CFD6B9FCC44A4AD20BD8E8C8F0E3E&RedC=c.clarity.ms&MXFR=22716B170EBB68532C5579660ABB6633 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://evenstadmusikk.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=F84CFD6B9FCC44A4AD20BD8E8C8F0E3E&MUID=3C49246D104B68313268361C11BE6982
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3C49246D104B68313268361C11BE6982; domain=c.bing.com; expires=Sat, 30-Dec-2023 19:51:24 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 57364EEE9F424732AF8EE5EE1F4EC295 Ref B: OSL30EDGE0514 Ref C: 2022-12-05T19:51:24Z
date: Mon, 05 Dec 2022 19:51:24 GMT
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2cd4e561f1ad90375522bec33bb9c57
94ec018dc1991d5d0b00c2b99c1d52c873ce2d7c
d34d6f434bebd00c1026fdaa7cb7b3fd2c514d681cb7fddfc0627014b9bd7eee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D34D6F434BEBD00C1026FDAA7CB7B3FD2C514D681CB7FDDFC0627014B9BD7EEE"
Last-Modified: Mon, 05 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3558
Expires: Mon, 05 Dec 2022 20:50:42 GMT
Date: Mon, 05 Dec 2022 19:51:24 GMT
Connection: keep-alive
c.clarity.ms/c.gif?CtsSyncId=F84CFD6B9FCC44A4AD20BD8E8C8F0E3E&MUID=3C49246D104B68313268361C11BE6982
200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=F84CFD6B9FCC44A4AD20BD8E8C8F0E3E&MUID=3C49246D104B68313268361C11BE6982
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=F84CFD6B9FCC44A4AD20BD8E8C8F0E3E&MUID=3C49246D104B68313268361C11BE6982 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://evenstadmusikk.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Mon, 05-Dec-2022 20:01:24 GMT; path=/; SameSite=None; Secure;
date: Mon, 05 Dec 2022 19:51:24 GMT
content-length: 42
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 32fd2f695f391b8ef26dae468e81c1b3
edb5065fc8071414ee119779c9af95319bba75d9
fa13275a930bfef1294b4683fd8747845fdaab30b788ea4205e9657bc42783b8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Dec 2022 19:51:24 GMT
Last-Modified: Mon, 05 Dec 2022 18:16:06 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 1132899b9bc2928e13b30713fd82f9b0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: IFdpKyBz-G_XMIZPJSS2pG5PS_gUW6mEMbrAqEdJ-EADhz11SDXYfw==
Age: 5719
apil1.spinnaker-js.com/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: apil1.spinnaker-js.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 353
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:25 GMT
content-length: 0
server: nginx/1.20.0
access-control-allow-origin: https://evenstadmusikk.no
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: content-type, accept, X-Requested-With, X-HTTP-Method-Override, data, X-UA-Compatible
access-control-allow-credentials: false
access-control-max-age: 31536000
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 05 Dec 2022 19:51:24 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 866371
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SZga1qAYENw1J4r9Iw57aae3I3k4vnqEz_PFDg
302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SZga1qAYENw1J4r9Iw57aae3I3k4vnqEz_PFDg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-SZga1qAYENw1J4r9Iw57aae3I3k4vnqEz_PFDg HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 19:51:25 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-SZga1qAYENw1J4r9Iw57aae3I3k4vnqEz_PFDg&C=1
cf-ray: 774f50fd9a5eb4f3-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y45LvdOglHHVQ5UZkeCYFAAA; Path=/; Domain=casalemedia.com; Expires=Tue, 05 Dec 2023 19:51:25 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=711; Path=/; Domain=casalemedia.com; Expires=Sun, 05 Mar 2023 19:51:25 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=711; Path=/; Domain=casalemedia.com; Expires=Sun, 05 Mar 2023 19:51:25 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEZYDPAzygQQpr8VlFUHfpbj1toqHG0SYteGJa354SP9FLp44rUR9OyXQfASgRUPoFhZ0DMvTZ8MY4ygWR1XieR2VxTvH4S2pIug3DDXq0RUbu9Hb1SHO2YpwBwdRlrbwjew"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-wDozhaAYENw1J4r9Iw57aae3I3ms5sSupbE9cQ&google_cm&google_hm=ay13RG96aGFBWUVOdzFKNHI5SXc1N2FhZTNJM21zNXNTdXBiRTljUQ
302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-wDozhaAYENw1J4r9Iw57aae3I3ms5sSupbE9cQ&google_cm&google_hm=ay13RG96aGFBWUVOdzFKNHI5SXc1N2FhZTNJM21zNXNTdXBiRTljUQ
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 96605227bfd60773d8b467a649be7f29
03f78082a2884b06717ebe6673273c4164174442
875812421f875b2041a63e2bfa68a89024740c34a70ab6921d88715a362ff420
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-wDozhaAYENw1J4r9Iw57aae3I3ms5sSupbE9cQ&google_cm&google_hm=ay13RG96aGFBWUVOdzFKNHI5SXc1N2FhZTNJM21zNXNTdXBiRTljUQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-wDozhaAYENw1J4r9Iw57aae3I3ms5sSupbE9cQ&google_cm=&google_hm=ay13RG96aGFBWUVOdzFKNHI5SXc1N2FhZTNJM21zNXNTdXBiRTljUQ&google_tc=
date: Mon, 05 Dec 2022 19:51:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 20:06:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
chat.kindlycdn.com/kindly-chat.js
200 OK 83 kB URL HTTP/2 chat.kindlycdn.com/kindly-chat.js
IP
File type Unicode text, UTF-8 text, with very long lines (53382)
Hash e6a70d20a5799a7ef1cc20b0f2158a28
d9a8e29745e44c87ff1d0daba00d4e7b6bb43092
90037c3bbca77360770238ef209d4824f6dd53f3d83e12d756a546356ce62236
GET /kindly-chat.js HTTP/1.1
Host: chat.kindlycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:24 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycduT2VAnFyuoq6TD8oIoNJBhsYyMkfYRaAkxDoJ2uBnwZb5Vq0G1c949LOSvQRZFYIP7LRVTvVng5OEpbOzuYoEofEsHfYpZ
cache-control: public, max-age=1800
expires: Mon, 05 Dec 2022 19:54:16 GMT
last-modified: Tue, 22 Nov 2022 14:26:05 GMT
etag: W/"959d4fd403fd2c6dc47875a52640f6b6"
x-goog-generation: 1669127165705086
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 255889
x-goog-meta-goog-reserved-file-mtime: 1669127158
x-goog-meta-kindly-chat-version: v2.39.8
x-goog-hash: crc32c=9+4mPA==, md5=lZ1P1AP9LG3EeHWlJkD2tg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: HIT
age: 1628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7te9x0HLpCpHYDBOLZsExbRSeZTuOeFzBF%2FpqO%2Fk1L0eiPLEblgPLKDtgal1Hfggwc%2BUfTPaWsFdjuluA04M%2BDsSEzPVWabj9G9k8Qm9oT%2BDpJJeyKwVowQc5iMpYhVGG2mmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f50fcd9dc1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SZga1qAYENw1J4r9Iw57aae3I3k4vnqEz_PFDg&C=1
200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SZga1qAYENw1J4r9Iw57aae3I3k4vnqEz_PFDg&C=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-SZga1qAYENw1J4r9Iw57aae3I3k4vnqEz_PFDg&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:25 GMT
content-type: image/gif
content-length: 43
cf-ray: 774f50fe0b10b4f3-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ggn%2Fnb%2BINeFtYVjK9CgfXOc9m1d%2FRqWV7qPpDsEc6kd5DHhQw5Bo3WOu%2BhcBktOKAD6uWjpDsqBU878zi4ktReiZI8SlfvkkUGzGyLanqTNnEP%2FtiFMfhpDYyB2K1uiQRDI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-wDozhaAYENw1J4r9Iw57aae3I3ms5sSupbE9cQ&google_cm=&google_hm=ay13RG96aGFBWUVOdzFKNHI5SXc1N2FhZTNJM21zNXNTdXBiRTljUQ&google_tc=
302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-wDozhaAYENw1J4r9Iw57aae3I3ms5sSupbE9cQ&google_cm=&google_hm=ay13RG96aGFBWUVOdzFKNHI5SXc1N2FhZTNJM21zNXNTdXBiRTljUQ&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash f6fcc3827f0ae7e03d62e261c7adb7e9
f7218d89f3354196ec040f580d651fa373f43caa
d962c1d0f9ff02e93585549c47bab9fbd785e542718fa6e1e409919efed02f98
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-wDozhaAYENw1J4r9Iw57aae3I3ms5sSupbE9cQ&google_cm=&google_hm=ay13RG96aGFBWUVOdzFKNHI5SXc1N2FhZTNJM21zNXNTdXBiRTljUQ&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-wDozhaAYENw1J4r9Iw57aae3I3ms5sSupbE9cQ&google_error=3
date: Mon, 05 Dec 2022 19:51:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash dbb66a45515eb4bd61566b8a462222b7
2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9
1929d698afaff5af3fd939389346226a6056b86e4f870b0769755b0cdefd60a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:51:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 01:56:49 GMT
Expires: Sat, 10 Dec 2022 01:56:48 GMT
Etag: "2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9"
Cache-Control: max-age=366922,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f50fe3d83b50c-OSL
criteo-sync.teads.tv/um?eid=80&uid=k-ensXgKAYENw1J4r9Iw57aae3I3l8L9691ATFLQ
200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-ensXgKAYENw1J4r9Iw57aae3I3l8L9691ATFLQ
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-ensXgKAYENw1J4r9Iw57aae3I3l8L9691ATFLQ HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Mon, 05 Dec 2022 19:51:25 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 05 Dec 2022 19:51:25 GMT
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=46&user_id=k-HU1_c6AYENw1J4r9Iw57aae3I3nrGfvkdh0UAQ&expires=30
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-HU1_c6AYENw1J4r9Iw57aae3I3nrGfvkdh0UAQ&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-HU1_c6AYENw1J4r9Iw57aae3I3nrGfvkdh0UAQ&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 19:51:25 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HU1_c6AYENw1J4r9Iw57aae3I3nrGfvkdh0UAQ&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=5c7aeed3-ce1e-4b9e-a4e8-a00a61089718; path=/; expires=Tue, 05-Dec-2023 19:51:25 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670269885; path=/; expires=Tue, 05-Dec-2023 19:51:25 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1670269885; path=/; expires=Tue, 05-Dec-2023 19:51:25 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670269885; path=/; expires=Tue, 05-Dec-2023 19:51:25 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 90efd5c68640e00126e7714ac498de8e
a44af37087906e85006f9f3c3701892d6c0d073f
5e02501ddc39a9f9766be1a50ff32d4081c7c4c47f2f3939ae9899ae23e6ad82
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Dec 2022 19:51:25 GMT
Last-Modified: Mon, 05 Dec 2022 18:16:28 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 1132899b9bc2928e13b30713fd82f9b0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: OE89PBm8xwRphyzreL_VP2GrmxTrlKeyL6Az94m0l0KKKluuXuyBcA==
Age: 5697
ocsp.digicert.com/
200 OK 471 B IP
Hash 9d27fd2680313b3918e17b38080c6d2a
55dd64eacda90f27d3feeb321e459e6300bea215
0b240b7b6e40de91769829ab07af9335c920927a7babd05ff377dd1c37239ca9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5739
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:25 GMT
Last-Modified: Mon, 05 Dec 2022 18:15:46 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 19:51:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: a3e9e61b-0e06-4cf4-a55b-a34608453ae4
Set-Cookie: uuid2=4933782795537196460; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 19:51:25 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
200 OK 314 B IP
Hash b569f060793904eb0de638d47baa8762
570a9c6d871b088cf232ff05a0624c64873013e6
5b310f2f3f6b17afc411b4dd2e154790a82ae6f7066bc41149655e19a53aa566
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5761
Cache-Control: max-age=164355
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:25 GMT
Etag: "638e143f-13a"
Expires: Wed, 07 Dec 2022 17:30:40 GMT
Last-Modified: Mon, 05 Dec 2022 15:54:39 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 314
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HU1_c6AYENw1J4r9Iw57aae3I3nrGfvkdh0UAQ&expires=30
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HU1_c6AYENw1J4r9Iw57aae3I3nrGfvkdh0UAQ&expires=30
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-HU1_c6AYENw1J4r9Iw57aae3I3nrGfvkdh0UAQ&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:25 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 8f8616739ae988cd796002fe2e4982e4
b7872e505e4468334284899e2ec94e2ebce62766
083f3b8ab5589e2115fc7df8bcb46cfc0b5c86f238fc39117027aecf1ee5d4cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5524
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:25 GMT
Last-Modified: Mon, 05 Dec 2022 18:19:21 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-HzFy3aAYENw1J4r9Iw57aae3I3kt7XIIcz7Dxw
302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-HzFy3aAYENw1J4r9Iw57aae3I3kt7XIIcz7Dxw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-HzFy3aAYENw1J4r9Iw57aae3I3kt7XIIcz7Dxw HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 19:51:25 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-HzFy3aAYENw1J4r9Iw57aae3I3kt7XIIcz7Dxw
set-cookie: tuuid=ba1e8aad-14e6-42e7-844d-e32703439183; Expires=Sun, 05 Mar 2023 19:51:25 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1670269885; Expires=Sun, 05 Mar 2023 19:51:25 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-FYEoxaAYENw1J4r9Iw57aae3I3nyho4_aiw7PQ&expires=30
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-FYEoxaAYENw1J4r9Iw57aae3I3nyho4_aiw7PQ&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-FYEoxaAYENw1J4r9Iw57aae3I3nyho4_aiw7PQ&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: deb9f124eecce7a554c70ca983265c95
Content-Type: image/gif
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c3039f447e5381df673431542bd667d1
e1c45aab2303975e93067fde96266955cb495111
b60d63d9601d73c8eac317311def5f9affde6eb9d46f4c6b4cb8a366da8ee1e7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=125339
Date: Mon, 05 Dec 2022 19:51:25 GMT
Etag: "638d7afb-1d7"
Expires: Wed, 07 Dec 2022 06:40:24 GMT
Last-Modified: Mon, 05 Dec 2022 05:00:43 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 9ee3245d13c492e7e4abb0f2de012802.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: 6DALajLEm8rplMPCyF3vXOEA5QmkmwOJbOex1qs41U22V97kvPbKkA==
Age: 5981
ocsp.digicert.com/
200 OK 471 B IP
Hash 87d77caa93c0f5450496e4f9985a5b20
2118b1cb1777f75f96d42316dc8fbd308ed2a2ab
d4714fd75d9faab869b8258bbeb08a352f776156dd45a8d83f44e1d3e5d4ff12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4841
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:25 GMT
Last-Modified: Mon, 05 Dec 2022 18:30:44 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1896
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://evenstadmusikk.no
access-control-allow-credentials: true
date: Mon, 05 Dec 2022 19:51:24 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 19:51:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: febe656b-10dc-45ff-8e41-d66c840ee50a
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-HzFy3aAYENw1J4r9Iw57aae3I3kt7XIIcz7Dxw
200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-HzFy3aAYENw1J4r9Iw57aae3I3kt7XIIcz7Dxw
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-HzFy3aAYENw1J4r9Iw57aae3I3kt7XIIcz7Dxw HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:25 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-JfbhjqAYENw1J4r9Iw57aae3I3kc3hxELcYMEA
200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-JfbhjqAYENw1J4r9Iw57aae3I3kc3hxELcYMEA
IP
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-JfbhjqAYENw1J4r9Iw57aae3I3kc3hxELcYMEA HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Mon, 05 Dec 2022 19:51:24 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=6375153604344530779; expires=Fri, 05 Jan 2024 19:51:25 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Fri, 05 Jan 2024 19:51:25 GMT; domain=smartadserver.com; path=/
csync=79:k-JfbhjqAYENw1J4r9Iw57aae3I3kc3hxELcYMEA; expires=Tue, 05 Dec 2023 19:51:25 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-dxEvU6AYENw1J4r9Iw57aae3I3kYU0LzVEPQ3A
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-dxEvU6AYENw1J4r9Iw57aae3I3kYU0LzVEPQ3A
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-dxEvU6AYENw1J4r9Iw57aae3I3kYU0LzVEPQ3A HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 19:51:25 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-dxEvU6AYENw1J4r9Iw57aae3I3kYU0LzVEPQ3A&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBL1LjmMCECfM1FURymulOYc23U3vbt4FEgEBAQGdj2OYYwAAAAAA_eMAAA&S=AQAAAhSlJGZYg4kM-Ly7iqPUNWs; Expires=Wed, 6 Dec 2023 01:51:25 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
status.thawte.com/
200 OK 471 B IP
Hash e8143bd9d8124bff472031f5a6c43b60
c24d85a627fe9a02eff77c793b3bb18c783a4a1d
2a6fdf4dea606e038755907f7a5285e0ab6fb3f7ae1718e4bef7cf9c363e7cf1
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3972
Cache-Control: max-age=95274
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:25 GMT
Etag: "638d0d63-1d7"
Expires: Tue, 06 Dec 2022 22:19:19 GMT
Last-Modified: Sun, 04 Dec 2022 21:13:07 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-TT-AnaAYENw1J4r9Iw57aae3I3nxq-zGq1ojZw
204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-TT-AnaAYENw1J4r9Iw57aae3I3nxq-zGq1ojZw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-TT-AnaAYENw1J4r9Iw57aae3I3nxq-zGq1ojZw HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 19:51:25 GMT
X-Firefox-Spdy: h2
cm.adform.net/pixel?adform_pid=15&adform_pc=k-eIWvT6AYENw1J4r9Iw57aae3I3k5Ext3tU7NOA
200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-eIWvT6AYENw1J4r9Iw57aae3I3k5Ext3tU7NOA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-eIWvT6AYENw1J4r9Iw57aae3I3k5Ext3tU7NOA HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 19:51:25 GMT
content-type: image/gif
content-length: 43
last-modified: Thu, 11 Apr 2019 06:08:57 GMT
etag: "5caed9f9-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 732da84d0f02b079717f6196a91b0cbf
4aa26ee061153de217cd0098217e5f0b9a19e48c
80a09e5996432d95c843d9cdedc5e2ce3a2b7d42936674b76524af0f54de7142
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154161
Date: Mon, 05 Dec 2022 19:51:25 GMT
Etag: "638deb8b-1d7"
Expires: Wed, 07 Dec 2022 14:40:46 GMT
Last-Modified: Mon, 05 Dec 2022 13:00:59 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 21258ec71c1aa4499bcd08c6ad0eba38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: fqb1bshg4BDKP_pzqMDJBfTg6F-BC7BjQYvF7HhGzqG-VYr8GUBdeA==
Age: 5987
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3ad43a7a8b270f41308175b62db5732a
12ba23791d4af270f78c4fcfc3fb09636398a651
cd9c4f87165c07494f088237baa4a4838772881e30a7d96bdf1f42a98b188894
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD9C4F87165C07494F088237BAA4A4838772881E30A7D96BDF1F42A98B188894"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8624
Expires: Mon, 05 Dec 2022 22:15:09 GMT
Date: Mon, 05 Dec 2022 19:51:25 GMT
Connection: keep-alive
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-dxEvU6AYENw1J4r9Iw57aae3I3kYU0LzVEPQ3A&verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-dxEvU6AYENw1J4r9Iw57aae3I3kYU0LzVEPQ3A&verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-dxEvU6AYENw1J4r9Iw57aae3I3kYU0LzVEPQ3A&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 19:51:25 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBL1LjmMCEAeruS0j5IrPOjIBm-LSeaYFEgEBAQGdj2OYYwAAAAAA_eMAAA&S=AQAAAoF0Cjo3bss8e8yLvRHSKRI; Expires=Wed, 6 Dec 2023 01:51:25 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 85a4ac12d2d5d8c814f0c95238ea0172
6cb21575937477e09d3d057c6023963f1ef72c6e
62518be811240258603750f839f96ad9640b223d5a3a0e5bd83371784968eebd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5632
Cache-Control: max-age=141542
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:25 GMT
Etag: "638dbba3-1d7"
Expires: Wed, 07 Dec 2022 11:10:27 GMT
Last-Modified: Mon, 05 Dec 2022 09:36:35 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
eb2.3lift.com/xuid?mid=2711&xuid=k-bKPhxaAYENw1J4r9Iw57aae3I3knq9k1RDobzw&dongle=013b
200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-bKPhxaAYENw1J4r9Iw57aae3I3knq9k1RDobzw&dongle=013b
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-bKPhxaAYENw1J4r9Iw57aae3I3knq9k1RDobzw&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:25 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash a9d87a82a33b6fb19e81bb04c61392d9
c8297fc6a0fd4b8212140641609cb368e3537662
cff79ff673c7573b27f8047474258f4b4c9a79611452a41109da03d8a482e2cb
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 05 Dec 2022 19:51:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 05 Dec 2022 06:41:17 GMT
Expires: Tue, 06 Dec 2022 06:41:17 GMT
ETag: "c8297fc6a0fd4b8212140641609cb368e3537662"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
200 OK 471 B IP
Hash b967016c92599586200298d67c900ac5
14a6fd8d84b435e154c0ae357a9f8dc24c16e9eb
b266fccee1baec0b93927cf1385b1a3e6987424f00cbf0ac879fcc8f212df56c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5679
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:25 GMT
Last-Modified: Mon, 05 Dec 2022 18:16:46 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
id5-sync.com/s/966/9.gif?puid=k-DAD-faAYENw1J4r9Iw57aae3I3kNsHNyyovxsg
200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-DAD-faAYENw1J4r9Iw57aae3I3kNsHNyyovxsg
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-DAD-faAYENw1J4r9Iw57aae3I3kNsHNyyovxsg HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Mon, 05-Dec-2022 19:56:25 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Mon, 05-Dec-2022 19:56:25 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Mon, 05-Dec-2022 19:56:25 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Mon, 05-Dec-2022 19:56:25 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Mon, 05-Dec-2022 19:56:25 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Mon, 05-Dec-2022 19:56:25 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Mon, 05 Dec 2022 19:51:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-8deTaaAYENw1J4r9Iw57aae3I3k8FTevCsu_7A
200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-8deTaaAYENw1J4r9Iw57aae3I3k8FTevCsu_7A
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-8deTaaAYENw1J4r9Iw57aae3I3k8FTevCsu_7A HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 19:51:24 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-8deTaaAYENw1J4r9Iw57aae3I3k8FTevCsu_7A&KRTB&23144-uid:k-8deTaaAYENw1J4r9Iw57aae3I3k8FTevCsu_7A&KRTB&23286-uid:k-8deTaaAYENw1J4r9Iw57aae3I3k8FTevCsu_7A&KRTB&23287-uid:k-8deTaaAYENw1J4r9Iw57aae3I3k8FTevCsu_7A; domain=pubmatic.com; secure; expires=Wed, 04-Jan-2023 19:51:24 GMT; path=/
PugT=1670269884; domain=pubmatic.com; secure; expires=Wed, 04-Jan-2023 19:51:24 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ad.yieldlab.net/m?dt_id=8664&ext_id=k-7QJuUaAYENw1J4r9Iw57aae3I3lbE5KxDvTruQ
204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-7QJuUaAYENw1J4r9Iw57aae3I3lbE5KxDvTruQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-7QJuUaAYENw1J4r9Iw57aae3I3lbE5KxDvTruQ HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Sun, 04 Dec 2022 19:51:25 GMT
Date: Mon, 05 Dec 2022 19:51:25 GMT
Connection: keep-alive
Set-Cookie: id=b937a948-7801-4f55-8a4b-51c898f67c81; Path=/; Domain=prod.svc.y6b.de; Expires=Tue, 05-Dec-2023 19:51:25 GMT; Max-Age=31536000; Secure; SameSite=None
e1.emxdgt.com/put?d=d53&uid=k-edWxbaAYENw1J4r9Iw57aae3I3lBSiSkiREPVqkbjGLzlEa-
204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-edWxbaAYENw1J4r9Iw57aae3I3lBSiSkiREPVqkbjGLzlEa-
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-edWxbaAYENw1J4r9Iw57aae3I3lBSiSkiREPVqkbjGLzlEa- HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Mon, 05 Dec 2022 19:51:24 GMT
content-length: 0
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=28645&dpuuid=
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-000256d3c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=68104604529308008842059341610309774961; Max-Age=15552000; Expires=Sat, 03 Jun 2023 19:51:25 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: YnbIX31RQv0=
Content-Length: 0
Connection: keep-alive
sync.outbrain.com/cookie-sync?p=criteo&uid=k-qq2zxqAYENw1J4r9Iw57aae3I3l8pYB3VxhV6g
200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-qq2zxqAYENw1J4r9Iw57aae3I3l8pYB3VxhV6g
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-qq2zxqAYENw1J4r9Iw57aae3I3l8pYB3VxhV6g HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:51:25 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: fe744115a66f4d93a622654db2399daf
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-071cdea73.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: g8buvLZqRSw=
Content-Length: 59
Connection: keep-alive
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 05 Dec 2022 19:51:25 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 893733
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c793d25d05987b284ed6869098da29d1
4f45182a4e549abbc8b5cdba214ae7e241ab3d7a
a7dc917901fe52b0aeb686cb99f34f39feb4ea983aba518c1480c60bb4a6c1ae
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150257
Date: Mon, 05 Dec 2022 19:51:25 GMT
Etag: "638ddd8c-1d7"
Expires: Wed, 07 Dec 2022 13:35:42 GMT
Last-Modified: Mon, 05 Dec 2022 12:01:16 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 1132899b9bc2928e13b30713fd82f9b0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: 09U4QhABhwHRdQMuhVKaxx5vYbwYYnq730iJTNOq3slEPmC70TqE_w==
Age: 5666
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 8d5534f87ba320d9725ab911d34a5c67
4b7056ac8c9b17b014f751909530416c9d62387b
42ed49fb698f55a0d66a4a2085e76b83c3d4ffa865d601131ef2d45b33ac6c06
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Dec 2022 19:51:25 GMT
Last-Modified: Mon, 05 Dec 2022 18:11:35 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 9ee3245d13c492e7e4abb0f2de012802.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: H7tZsENwVz1ocUlW3Gnfz3rMh-s4Mo05zI4grGrT72dcaC1g1rNu1g==
Age: 5990
ocsp.sectigo.com/
200 OK 471 B IP
Hash f6ea289668229920eb646b0178f8a432
51418c31042db3b08ffa3c50a1d7809dc8393ad8
c50efd970149388f8bab4669b66cab41ab381d6347b0489885dc33a4d0d32343
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:51:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 15:11:53 GMT
Expires: Sat, 10 Dec 2022 15:11:52 GMT
Etag: "51418c31042db3b08ffa3c50a1d7809dc8393ad8"
Cache-Control: max-age=414626,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f50ff7fbbb50c-OSL
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-N1klLqAYENw1J4r9Iw57aae3I3mwKdj42uWI3w
200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-N1klLqAYENw1J4r9Iw57aae3I3mwKdj42uWI3w
IP
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-N1klLqAYENw1J4r9Iw57aae3I3mwKdj42uWI3w HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=a412814476a90fb96034275905451d4c; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 19:51:25 GMT
content-length: 49
x-envoy-upstream-service-time: 2
server: ayl-lb-fra02
X-Firefox-Spdy: h2
sync-criteo.ads.yieldmo.com/sync?id=k-85OQRqAYENw1J4r9Iw57aae3I3lMQUwro3-2Fw&pn_id=criteo&ext=1
200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-85OQRqAYENw1J4r9Iw57aae3I3lMQUwro3-2Fw&pn_id=criteo&ext=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-85OQRqAYENw1J4r9Iw57aae3I3lMQUwro3-2Fw&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:25 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=gd5c32de19aff8dd8343%7C1670269885594%7C0%7C; Domain=.yieldmo.com; Expires=Tue, 05-Dec-2023 19:51:25 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-85OQRqAYENw1J4r9Iw57aae3I3lMQUwro3-2Fw; Domain=ads.yieldmo.com; Expires=Tue, 05-Dec-2023 19:51:25 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 31f4b98f25ba62d56005d5840a7d3524
a6ce4f1fa2ea0d9dfebad598b1f801f368d1a456
1e7a1d556639280d8cd6eefd71daf01ba22bc1505e52a271ba4eba53334e9c03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5021
Cache-Control: max-age=149607
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:51:25 GMT
Etag: "638ddd87-1d7"
Expires: Wed, 07 Dec 2022 13:24:52 GMT
Last-Modified: Mon, 05 Dec 2022 12:01:11 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 127912
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://evenstadmusikk.no
access-control-allow-credentials: true
date: Mon, 05 Dec 2022 19:51:25 GMT
X-Firefox-Spdy: h2
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 19:51:25 GMT
set-cookie: _kuid_=PPXv2EB_; Expires=Sat, 03-Jun-23 19:51:25 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n009-dub-prod.krxd.net
x-request-time: D=36 t=1670269885
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 05 Dec 2022 19:51:25 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 649139
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash d3b63fcf8493b1355b699028f126f50a
a04a89221784b0f3a7384b65ee0a8e3d3d463377
4f63a3567eca83b6e7462e11a9b1b0e7d8bd76c5af75e77b46c6a0a259cdf0e0
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4F63A3567ECA83B6E7462E11A9B1B0E7D8BD76C5AF75E77B46C6A0A259CDF0E0"
Last-Modified: Mon, 05 Dec 2022 08:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2928
Expires: Mon, 05 Dec 2022 20:40:14 GMT
Date: Mon, 05 Dec 2022 19:51:26 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:26 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: 340883b0-74d6-11ed-b24f-0000ac1700e1
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 786
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://evenstadmusikk.no
access-control-allow-credentials: true
date: Mon, 05 Dec 2022 19:51:26 GMT
X-Firefox-Spdy: h2
apil1.spinnaker-js.com/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: apil1.spinnaker-js.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 353
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:27 GMT
content-length: 0
server: nginx/1.20.0
access-control-allow-origin: https://evenstadmusikk.no
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: content-type, accept, X-Requested-With, X-HTTP-Method-Override, data, X-UA-Compatible
access-control-allow-credentials: false
access-control-max-age: 31536000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CYanone+Kaffeesatz:700,400,300&subset=latin,latin
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CYanone+Kaffeesatz:700,400,300&subset=latin,latin
IP
GET /css?family=Open+Sans:300,400,700%7CYanone+Kaffeesatz:700,400,300&subset=latin,latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 19:51:23 GMT
date: Mon, 05 Dec 2022 19:51:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=lsWqJV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFGMjMxUXpia1U4WTRRaWVqam1VcGhRJTJCenMzR3FaVGM3cUltS0ZUZEp1Qw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:24 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=f7P_9F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFGMjMxUXpia1U4WTRRaWVqam1VcGltbVNkS0VxRzFZVWFvSWI1M25NdzE; expires=Sat, 30 Dec 2023 19:51:24 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 192071
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
chat.kindlycdn.com/settings/ed6f264a-8fa0-4a57-afa3-a80f13fde11a.json?version=2.39.8&kindly-chat-browser-id=aa78e6e8-1f2d-4cdb-983e-180bc28e828c
200 OK 0 B URL HTTP/2 chat.kindlycdn.com/settings/ed6f264a-8fa0-4a57-afa3-a80f13fde11a.json?version=2.39.8&kindly-chat-browser-id=aa78e6e8-1f2d-4cdb-983e-180bc28e828c
IP
GET /settings/ed6f264a-8fa0-4a57-afa3-a80f13fde11a.json?version=2.39.8&kindly-chat-browser-id=aa78e6e8-1f2d-4cdb-983e-180bc28e828c HTTP/1.1
Host: chat.kindlycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:25 GMT
content-type: application/json
x-guploader-uploadid: ADPycdshVMOGUd-hwiPn7RKl-kNwNpKv_28FU4sOKsrfMUKxzXxm61A46XUR96uEQmOIOAR55flziNqwjgi-ThNLWCNQew
cache-control: max-age=0
expires: Mon, 05 Dec 2022 19:51:25 GMT
last-modified: Mon, 22 Aug 2022 04:31:48 GMT
etag: W/"db56b1be4292b8c6aa49a64de6b14dfe"
x-goog-generation: 1661142708387919
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11647
x-goog-hash: crc32c=Ck1srw==, md5=21axvkKSuMaqSaZN5rFN/g==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=By5y2hhkigiO0zVc%2BLc77ed%2BU%2B4BwNaDF7tPUVQ67tX%2B89XLnDUB0kAtQAffxtbJr6vGnjXn5cMp4VZkFDLpWtfSdRv%2BrQPFWBr9HVAq3%2B3XWVi2%2Ff4eQFc6dGgaMa26qNitVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774f50fe5c0d1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-wDozhaAYENw1J4r9Iw57aae3I3ms5sSupbE9cQ&google_error=3
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-wDozhaAYENw1J4r9Iw57aae3I3ms5sSupbE9cQ&google_error=3
IP
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-wDozhaAYENw1J4r9Iw57aae3I3ms5sSupbE9cQ&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:24 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 350182
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/js/ld/ld.js
200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/ld.js
IP
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 19:51:23 GMT
content-type: text/javascript
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
etag: W/"636a704a-a8d9"
expires: Tue, 06 Dec 2022 19:51:23 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/142000613
200 OK 0 B URL HTTP/2 www.clarity.ms/tag/uet/142000613
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/uet/142000613 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=7ea269c5dc6144899a6e299ae3fa084a.20221205.20231205; expires=Tue, 05 Dec 2023 19:51:24 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
x-cache: CONFIG_NOCACHE
x-azure-ref: 0vEuOYwAAAACyUnHIf4YtRIi8tkKkNHsuU1ZHMjBFREdFMDYxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 05 Dec 2022 19:51:24 GMT
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-HRsvgaAYENw1J4r9Iw57aae3I3m5PR29dH1GPA
200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-HRsvgaAYENw1J4r9Iw57aae3I3m5PR29dH1GPA
IP
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-HRsvgaAYENw1J4r9Iw57aae3I3m5PR29dH1GPA HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 19:51:25 GMT
x-fastly-to-nlb-rtt: 22290
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:23 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 151889
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
200 OK 0 B URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9026a431ead4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 06x+OYwAAAAAwT6LeiIEhRbO2vCXeRfjQQU1TMDRFREdFMTgxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0vEuOYwAAAACjaGor10LmRqAmygScn9svU1ZHMjBFREdFMDYxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 05 Dec 2022 19:51:24 GMT
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:24 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 119687
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
chat.kindlycdn.com/KindlyChat-98be882a307ea1e4d339.js
200 OK 0 B URL HTTP/2 chat.kindlycdn.com/KindlyChat-98be882a307ea1e4d339.js
IP
GET /KindlyChat-98be882a307ea1e4d339.js HTTP/1.1
Host: chat.kindlycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:25 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycds_3OpX7kVqrCsZCosCgH46PQSw8bfhgNWnK2vIEcOXZcWzO0zA00KuXXatLN8cKer7DMdmt35fEJth-u9YfHoGbGBswZue
cache-control: public, max-age=1800
expires: Mon, 05 Dec 2022 20:05:51 GMT
last-modified: Tue, 22 Nov 2022 14:26:05 GMT
etag: W/"c026a2620a27400d55e835c3a1f2e97a"
x-goog-generation: 1669127165848597
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 478321
x-goog-meta-goog-reserved-file-mtime: 1669127158
x-goog-meta-kindly-chat-version: v2.39.8
x-goog-hash: crc32c=UM2UyA==, md5=wCaiYgonQA1V6DXDofLpeg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: HIT
age: 934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Px48dntk%2F77iCj4dtu1uAKbSWsnfw4VvcJJs9E9b1fSSaUG9wqwyPzZF9jy%2BjrCXnLUUiBEpPXrGzDgAcGUr%2FfdANv8NgxUGeQOsod11g5iwg80NL%2BVkT9tUhVH4y7Mes70ulQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f50fd6ab91c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-b1a6UKAYENw1J4r9Iw57aae3I3lJOH-A2ePpIYTFGhB1laa-
200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-b1a6UKAYENw1J4r9Iw57aae3I3lJOH-A2ePpIYTFGhB1laa-
IP
GET /usersync/push?partner=criteo&partnerId=k-b1a6UKAYENw1J4r9Iw57aae3I3lJOH-A2ePpIYTFGhB1laa- HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:25 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%22334bc360-74d6-11ed-b191-1705369333a5%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Mon, 19 Dec 2022 19:51:25 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%22334bc360-74d6-11ed-b191-1705369333a5%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Mon, 19 Dec 2022 19:51:25 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%22334bc360-74d6-11ed-b191-1705369333a5%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Mon, 19 Dec 2022 19:51:25 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%22334bc360-74d6-11ed-b191-1705369333a5%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Mon, 19 Dec 2022 19:51:25 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-b1a6UKAYENw1J4r9Iw57aae3I3lJOH-A2ePpIYTFGhB1laa-%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Mon, 19 Dec 2022 19:51:25 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:24 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 652594
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-DEUyyKAYENw1J4r9Iw57aae3I3lDu1lo4IVCPg
200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-DEUyyKAYENw1J4r9Iw57aae3I3lDu1lo4IVCPg
IP
GET /sync?UICR=k-DEUyyKAYENw1J4r9Iw57aae3I3lDu1lo4IVCPg HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:25 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
cdn-sitegainer.com/sitegainer_5619307.js
200 OK 0 B URL HTTP/2 cdn-sitegainer.com/sitegainer_5619307.js
IP
GET /sitegainer_5619307.js HTTP/1.1
Host: cdn-sitegainer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:51:22 GMT
content-type: text/javascript; charset=utf-8
cf-bgj: minify
cf-polished: origSize=237588
etag: W/"fc4ab11d61e7af5f240904475fe3f56e"
last-modified: Thu, 04 Aug 2022 12:46:22 GMT
x-amz-id-2: IIMMgrJjwpYsjy+vlTWgb6U3hKeOYg7SCArdHzMdk3oCc4JoB3d83fjJrC7vGxouu2vpUNZG6VQ=
x-amz-request-id: 8P2JPKXCH98Z8WB9
cache-control: max-age=1800
cf-cache-status: HIT
age: 626
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DCBFrJFg5JW8Ni4QMi%2FJDVIByJqbTPRG3seGQqbOtLMxcXjIjxYyHIEi%2FrLTKgubw1CtxvtxRVJqqhmvX2efFOGa3t6YdszaUWyAO4Qjw3SwiAJMGTLgzQ49ZtqD45vsvnDAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f50ef0c5db523-OSL
content-encoding: br
X-Firefox-Spdy: h2
5.161.78.177
80.86.142.229
3.127.228.236
54.155.179.95
51.83.143.92
23.43.133.70
141.226.228.48
104.18.5.123
93.184.220.29
135.181.6.240
37.157.6.241