r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 20d267853e48ef7d476459ed67da5d97
06d1bd08efd69c0e93486d3c423fa2640f372d29
24323cd45ca2ed01c63f908233d9b2ad5bb6f63394884c45bf6abb0221d0edd6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24323CD45CA2ED01C63F908233D9B2AD5BB6F63394884C45BF6ABB0221D0EDD6"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13777
Expires: Sat, 21 Jan 2023 12:42:06 GMT
Date: Sat, 21 Jan 2023 08:52:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12881
Expires: Sat, 21 Jan 2023 12:27:10 GMT
Date: Sat, 21 Jan 2023 08:52:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4730
Expires: Sat, 21 Jan 2023 10:11:20 GMT
Date: Sat, 21 Jan 2023 08:52:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 08:34:43 GMT
content-type: application/json
age: 1067
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GazSMVU0hc4MJPchs2zLAsor0NMcK89+RD+MfP9Sz/ZJcVGATqBawMdfE4iUe4GoVL5bOsh9UHk=
x-amz-request-id: Z06FV1Y6WMFSW8RN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 08:17:56 GMT
age: 2074
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 08:52:30 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
kabak.com/
185.53.178.50200 OK 2.5 kB IP 185.53.178.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2194)
Hash 8265fa3650d48608b1d4872917324a30
354714877b1d0c2f0c3bbc7a90b3290835d2d996
7fbababd61a6c8fb7d9435ed62ef9e3b3a348413eaf8237c6b300ae6f3a9274b
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: kabak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 08:52:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Redirect: zeropark_zeroclick
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
d38psrni17bvxu.cloudfront.net/scripts/js3.js
54.230.245.138200 OK 1.1 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/js3.js
IP 54.230.245.138:0
File type ASCII text, with very long lines (506)
Hash 64b79b43df8fbf2c5d082964b9116a68
dc3c763519baf0f4c32bb60bfc429651a491ea01
c57e9feec209e3ea5eb1d75a1ba6fa277242a3df250055be8446052b51e58637
GET /scripts/js3.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabak.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1134
Connection: keep-alive
Server: nginx
Date: Sat, 21 Jan 2023 05:23:17 GMT
Last-Modified: Tue, 17 Aug 2021 09:17:22 GMT
Accept-Ranges: bytes
ETag: "611b7ea2-46e"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tNVcwTjjJM7JyfCdb1N9OU4IZJg-csML2SCKAWIHffwjSkhZroxqxw==
Age: 12553
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 08:17:29 GMT
age: 2101
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdb8a13dfce39d6e151a9ef185a772a1
037a680510f9dbce3c7cc3c0f9115fd587dbcd1d
98c8b7f269b9aad73b73fd946788ebfd7a4d7afbdd5347b56c67f73b947f5ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1063
Cache-Control: max-age=88328
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:30 GMT
Etag: "63ca59af-1d7"
Expires: Sun, 22 Jan 2023 09:24:38 GMT
Last-Modified: Fri, 20 Jan 2023 09:06:55 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.213.114.144101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.213.114.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: b6HfOOOGmuDJAeqpXiT1Qw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: m6/zX7LEq+ePYV+roOLsqvczR3A=
kabak.com/track.php?domain=kabak.com&toggle=browserjs&uid=MTY3NDI5MTE0OS45MjA0OjIxYWFjYTdlYjY3NzFkMTI2MmJhOThjZDYyMTA1MGVmNTE2ZGM2ZjU0YmI0OWQ4ODRjZDhiZDE3MTIwYjcxZDU6NjNjYmE3Y2RlMGI1ZA%3D%3D
185.53.178.50200 OK 20 B URL HTTP/1.1 kabak.com/track.php?domain=kabak.com&toggle=browserjs&uid=MTY3NDI5MTE0OS45MjA0OjIxYWFjYTdlYjY3NzFkMTI2MmJhOThjZDYyMTA1MGVmNTE2ZGM2ZjU0YmI0OWQ4ODRjZDhiZDE3MTIwYjcxZDU6NjNjYmE3Y2RlMGI1ZA%3D%3D
IP 185.53.178.50:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=kabak.com&toggle=browserjs&uid=MTY3NDI5MTE0OS45MjA0OjIxYWFjYTdlYjY3NzFkMTI2MmJhOThjZDYyMTA1MGVmNTE2ZGM2ZjU0YmI0OWQ4ODRjZDhiZDE3MTIwYjcxZDU6NjNjYmE3Y2RlMGI1ZA%3D%3D HTTP/1.1
Host: kabak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabak.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 08:52:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
kabak.com/ls.php
185.53.178.50201 Created 0 B IP 185.53.178.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
POST /ls.php HTTP/1.1
Host: kabak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2146
Origin: http://kabak.com
Connection: keep-alive
Referer: http://kabak.com/
HTTP/1.1 201 Created
Server: nginx
Date: Sat, 21 Jan 2023 08:52:31 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 63cba7cf3d3edc35d9642b7a
Charset: utf-8
Access-Control-Allow-Origin: http://kabak.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_QTfiDjVW+PbnwGLFgbUnE0yJp8jpv19NVCopfbH7ErngkgIqTSY70jz5KxdS0aO4sWiHIBRF/8sVRCyG3OeFbg==
kabak.com/favicon.ico
185.53.178.50200 OK 0 B IP 185.53.178.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: kabak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabak.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 08:52:31 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
kabak.com/track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=kabak.com&uid=MTY3NDI5MTE0OS45MjA0OjIxYWFjYTdlYjY3NzFkMTI2MmJhOThjZDYyMTA1MGVmNTE2ZGM2ZjU0YmI0OWQ4ODRjZDhiZDE3MTIwYjcxZDU6NjNjYmE3Y2RlMGI1ZA%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2M2NiYTdjZGUwYjQwfHx8MTY3NDI5MTE1MC4yNTY2fGU2NDBhN2YyNWI0ZTAwODkyNjk1ZGJhZmNlYmI4OGRmYzllNzkwYTV8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5ZGE1ZWM0OTMzOWYyYzJiYmQwZmQ4MzI3MjJkYmVhN2MwMTJlOGQ1fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
185.53.178.50200 OK 20 B URL HTTP/1.1 kabak.com/track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=kabak.com&uid=MTY3NDI5MTE0OS45MjA0OjIxYWFjYTdlYjY3NzFkMTI2MmJhOThjZDYyMTA1MGVmNTE2ZGM2ZjU0YmI0OWQ4ODRjZDhiZDE3MTIwYjcxZDU6NjNjYmE3Y2RlMGI1ZA%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2M2NiYTdjZGUwYjQwfHx8MTY3NDI5MTE1MC4yNTY2fGU2NDBhN2YyNWI0ZTAwODkyNjk1ZGJhZmNlYmI4OGRmYzllNzkwYTV8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5ZGE1ZWM0OTMzOWYyYzJiYmQwZmQ4MzI3MjJkYmVhN2MwMTJlOGQ1fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
IP 185.53.178.50:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=kabak.com&uid=MTY3NDI5MTE0OS45MjA0OjIxYWFjYTdlYjY3NzFkMTI2MmJhOThjZDYyMTA1MGVmNTE2ZGM2ZjU0YmI0OWQ4ODRjZDhiZDE3MTIwYjcxZDU6NjNjYmE3Y2RlMGI1ZA%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2M2NiYTdjZGUwYjQwfHx8MTY3NDI5MTE1MC4yNTY2fGU2NDBhN2YyNWI0ZTAwODkyNjk1ZGJhZmNlYmI4OGRmYzllNzkwYTV8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5ZGE1ZWM0OTMzOWYyYzJiYmQwZmQ4MzI3MjJkYmVhN2MwMTJlOGQ1fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off HTTP/1.1
Host: kabak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabak.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 08:52:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-View-Match: true
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
orest-vlv.com/zcvisitor/f0041005-9968-11ed-8e19-12c7f018e9bf/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f01722d0-9968-11ed-8e19-12c7f018e9bf
35.172.34.123200 1.1 kB URL HTTP/1.1 orest-vlv.com/zcvisitor/f0041005-9968-11ed-8e19-12c7f018e9bf/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f01722d0-9968-11ed-8e19-12c7f018e9bf
IP 35.172.34.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5f8a12061786c8b0daefe0cd178b74fb
d033f17debbe1b9b356940e6ac815fab22e09734
241c431642a7c213977c2d17fbc2c7374e3feef974005b80fc0c06e204fdfc08
GET /zcvisitor/f0041005-9968-11ed-8e19-12c7f018e9bf/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f01722d0-9968-11ed-8e19-12c7f018e9bf HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabak.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sat, 21 Jan 2023 08:52:31 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: efxHRnxd
orest-vlv.com/zcredirect?visitid=f0041005-9968-11ed-8e19-12c7f018e9bf&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
35.172.34.123200 424 B URL HTTP/1.1 orest-vlv.com/zcredirect?visitid=f0041005-9968-11ed-8e19-12c7f018e9bf&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 35.172.34.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 059ae5736462dfcf414a3a9a7f5371b4
aac15f009f1d6ad5e95b91e09d8fd94fa098527f
803fc605e419a9a29e63f397452bd3787e9ad4fcc5c0a8e8fe30aafd1f77d415
GET /zcredirect?visitid=f0041005-9968-11ed-8e19-12c7f018e9bf&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/f0041005-9968-11ed-8e19-12c7f018e9bf/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f01722d0-9968-11ed-8e19-12c7f018e9bf
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sat, 21 Jan 2023 08:52:31 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: magpWqgN
orest-vlv.com/favicon.ico
35.172.34.123404 653 B URL HTTP/1.1 orest-vlv.com/favicon.ico
IP 35.172.34.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcredirect?visitid=f0041005-9968-11ed-8e19-12c7f018e9bf&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Sat, 21 Jan 2023 08:52:31 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: MAZGAxBL
r.redirekted.com/redirect?redirect_id=f572945dccdf99974eb88e7863119728&request_id=84ca3285fbbf12e6e352c1a21c94c207
66.165.243.160200 OK 795 B URL HTTP/1.1 r.redirekted.com/redirect?redirect_id=f572945dccdf99974eb88e7863119728&request_id=84ca3285fbbf12e6e352c1a21c94c207
IP 66.165.243.160:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (303)
Hash 13e9d0098c8380fabdfadda46d289920
209a61e2379d90518b034a801aa57af16a3eebba
5882e686a393b0c0db89a83656008d8f4525388520031e5bb906847cc09dc9cf
GET /redirect?redirect_id=f572945dccdf99974eb88e7863119728&request_id=84ca3285fbbf12e6e352c1a21c94c207 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.23.3
Date: Sat, 21 Jan 2023 08:52:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.1.13
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7489
Expires: Sat, 21 Jan 2023 10:57:21 GMT
Date: Sat, 21 Jan 2023 08:52:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7489
Expires: Sat, 21 Jan 2023 10:57:21 GMT
Date: Sat, 21 Jan 2023 08:52:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7489
Expires: Sat, 21 Jan 2023 10:57:21 GMT
Date: Sat, 21 Jan 2023 08:52:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F565a8eca-40af-442b-9fe9-95e12dc0170a.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F565a8eca-40af-442b-9fe9-95e12dc0170a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa786854fde0d99189b458067b9d9418
ddf0fb650816b969d53d6e32ae31074bcb7e944e
a3d08b87658f756aa2f9e3072e87d52db30884aa6b6ab0cd8b278d0c870db2b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F565a8eca-40af-442b-9fe9-95e12dc0170a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7000
x-amzn-requestid: 05354e13-330d-40fc-9a96-ac345cfc80f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4BN9HBgoAMF9Iw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c648bf-146e89a423565a04139b19cb;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:05:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QW0Cg437BUF4aKTmUOtupoLb-zyWtwV7-hHTuSJIUORUC4KCyxSt1g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 07:32:32 GMT
age: 4800
etag: "ddf0fb650816b969d53d6e32ae31074bcb7e944e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b5b95d-798c-4d73-bd79-8e3c092be9b0.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b5b95d-798c-4d73-bd79-8e3c092be9b0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4b8e05930ca3ed03e20300b36819b1a
90645bb11f3788a9a03ad1756de541fea594fb15
0530c3fd68291836e997842e3e4b5bbef6086e89686f786dbda059143a5a8b5d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b5b95d-798c-4d73-bd79-8e3c092be9b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5081
x-amzn-requestid: 56788104-29ed-4ff9-b9c5-58b83e53d169
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etktlF50oAMFwNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21b23-1dafe7e12dbeee0e3318ccdc;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:01:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 886cYViC-eBqAPpavmVYF0Jxqhsk8VQc8O1KPpTGM1yFpjrs-IxFVw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 10:16:08 GMT
age: 81384
etag: "90645bb11f3788a9a03ad1756de541fea594fb15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 893ea518ea7c11ec06ffea60b2ee7921
34675a13bbac6abd1b087e546425e141215cf072
675ec12ed5803fad5036cedc1a3b66229316836bb321b4ad3a34aab56a100ca7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8698
x-amzn-requestid: 97c3bd04-2d8a-447e-85cb-376ea44b283c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0K85GOQIAMFbPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4beb8-5b6517906d2f8bad6488e6f8;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:04:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yqCw_c7tiFbJHxXvh65YuXnDX8bXdnsBupUJQXXfF141ODP-SBm48A==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 07:35:39 GMT
age: 4613
etag: "34675a13bbac6abd1b087e546425e141215cf072"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4483cb695fef2fe82f38a65e18ea1fd7
ea95504fc5be0259c8c3a39f47f8fcb322bca88d
807a120b964ee7ec7c83c5d943d29cea5df2171291ad1b99de9ef4df7e7e9046
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9657
x-amzn-requestid: 63c51fc8-3cd1-486b-960b-91d0d4b14dbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbnMFUvoAMFvYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a62d-3f30f1cb5bc13bf812d3cf71;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:07:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 34RyiiWTD7qtrgZHxL7KpjUkCETug9eJ0TvPh6b2qGiLWLcZnmT3wg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 16:05:34 GMT
age: 60418
etag: "ea95504fc5be0259c8c3a39f47f8fcb322bca88d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b08ef55971faa2683ab9f2af8a11dcec
a46c748cccb714f05a068c2438181328b4fbd57a
1d073abf25fbea2d85f34076eae47f9e89502846815094f5288b8e80762a8fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11562
x-amzn-requestid: c3864d3b-caaa-4c44-a4bd-9339d0eede69
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-E1UGw4IAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4ee-703e32aa596019d42680e599;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZxoIRkRgzS5Hp0D9gzxOiTg3GatK8zSCIokF3NWUghEUmePltkYVRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:38:02 GMT
age: 18870
etag: "a46c748cccb714f05a068c2438181328b4fbd57a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RlbJymJhU6Ti5RZCSIvPzloackAiBEBGapKI440u4ZIfB5FYBNugLw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:24:48 GMT
age: 19664
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r.redirekted.com/css/adren.css?n=2516970186
66.165.243.160200 OK 243 B URL HTTP/1.1 r.redirekted.com/css/adren.css?n=2516970186
IP 66.165.243.160:0
Hash f72acd3fece9f7cf58643616c745b2ea
92bc529a83c5466fbf6b9e702eef1e59644687a1
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
GET /css/adren.css?n=2516970186 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=f572945dccdf99974eb88e7863119728&request_id=84ca3285fbbf12e6e352c1a21c94c207
HTTP/1.1 200 OK
Server: nginx/1.23.3
Date: Sat, 21 Jan 2023 08:52:32 GMT
Content-Type: text/css
Content-Length: 243
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-f3"
Accept-Ranges: bytes
r.redirekted.com/js/adren.min.js?n=2516970186
66.165.243.160200 OK 7.5 kB URL HTTP/1.1 r.redirekted.com/js/adren.min.js?n=2516970186
IP 66.165.243.160:0
File type ASCII text, with very long lines (7528), with no line terminators
Hash 9a9ec61d7e275f25fe83f0aa93bd2e41
8a3a23c432b601e9f8f8fe2b61f0fedbc341c9ac
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
GET /js/adren.min.js?n=2516970186 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=f572945dccdf99974eb88e7863119728&request_id=84ca3285fbbf12e6e352c1a21c94c207
HTTP/1.1 200 OK
Server: nginx/1.23.3
Date: Sat, 21 Jan 2023 08:52:32 GMT
Content-Type: application/javascript
Content-Length: 7528
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-1d68"
Accept-Ranges: bytes
r.redirekted.com/favicon.ico
66.165.243.160200 OK 0 B URL HTTP/1.1 r.redirekted.com/favicon.ico
IP 66.165.243.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=f572945dccdf99974eb88e7863119728&request_id=84ca3285fbbf12e6e352c1a21c94c207
HTTP/1.1 200 OK
Server: nginx/1.23.3
Date: Sat, 21 Jan 2023 08:52:32 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-0"
Accept-Ranges: bytes
r.redirekted.com/go?e=NA-pFFuHPBscFL0gRs7tQLe4Gr6flB0c0XyfFC8gxWXclF1yQs7H3B-IlV7j3BjWJr_xUCutvXt13F4EJsmqPCdRJs8flB8DzsyDmKetPrw5aqzVzsmclF8IPqx13F4AJr_xaCutFBsImqjI2rXu2E04mWYIwptS2Z3cvEdRTnSgaFeLHVytUL8IvXx13FjyxsmcvCdRTEbAmCaD0ZlgvE0V2VXSFW4bHr-NTC9yFssEmBsEJsYEmLeZ3W8j3B0EzXYMPF-AKp64UX0SzXyDaLd4mW-j3p4ETsYkKFdb0XYcvL5WJVyDaF-AUp-DGL9cxZm9SM8gRC-Hmpt9SA_pFC
66.165.243.160200 OK 1.7 kB URL HTTP/1.1 r.redirekted.com/go?e=NA-pFFuHPBscFL0gRs7tQLe4Gr6flB0c0XyfFC8gxWXclF1yQs7H3B-IlV7j3BjWJr_xUCutvXt13F4EJsmqPCdRJs8flB8DzsyDmKetPrw5aqzVzsmclF8IPqx13F4AJr_xaCutFBsImqjI2rXu2E04mWYIwptS2Z3cvEdRTnSgaFeLHVytUL8IvXx13FjyxsmcvCdRTEbAmCaD0ZlgvE0V2VXSFW4bHr-NTC9yFssEmBsEJsYEmLeZ3W8j3B0EzXYMPF-AKp64UX0SzXyDaLd4mW-j3p4ETsYkKFdb0XYcvL5WJVyDaF-AUp-DGL9cxZm9SM8gRC-Hmpt9SA_pFC
IP 66.165.243.160:0
File type HTML document, ASCII text, with very long lines (450)
Hash 4cf354f5ba54663489eaf726cc3e67e9
56c82f249380c03ea51f64caeac47708e20b541d
8617fb69cc77bd438f05a0ecf19c9babc119f830b7b34b7eb948306d35433abc
GET /go?e=NA-pFFuHPBscFL0gRs7tQLe4Gr6flB0c0XyfFC8gxWXclF1yQs7H3B-IlV7j3BjWJr_xUCutvXt13F4EJsmqPCdRJs8flB8DzsyDmKetPrw5aqzVzsmclF8IPqx13F4AJr_xaCutFBsImqjI2rXu2E04mWYIwptS2Z3cvEdRTnSgaFeLHVytUL8IvXx13FjyxsmcvCdRTEbAmCaD0ZlgvE0V2VXSFW4bHr-NTC9yFssEmBsEJsYEmLeZ3W8j3B0EzXYMPF-AKp64UX0SzXyDaLd4mW-j3p4ETsYkKFdb0XYcvL5WJVyDaF-AUp-DGL9cxZm9SM8gRC-Hmpt9SA_pFC HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=f572945dccdf99974eb88e7863119728&request_id=84ca3285fbbf12e6e352c1a21c94c207
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.23.3
Date: Sat, 21 Jan 2023 08:52:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.1.13
Set-Cookie: uuid=5805190359996395520; expires=Sun, 22-Jan-2023 08:52:32 GMT; Max-Age=86400
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20085
Date: Sat, 21 Jan 2023 08:16:49 GMT
Expires: Sat, 21 Jan 2023 10:16:49 GMT
Cache-Control: public, max-age=7200
Age: 2143
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
www.google-analytics.com/collect?v=1&_v=j99&a=969530674&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHPBscFL0gRs7tQLe4Gr6flB0c0XyfFC8gxWXclF1yQs7H3B-IlV7j3BjWJr_xUCutvXt13F4EJsmqPCdRJs8flB8DzsyDmKetPrw5aqzVzsmclF8IPqx13F4AJr_xaCutFBsImqjI2rXu2E04mWYIwptS2Z3cvEdRTnSgaFeLHVytUL8IvXx13FjyxsmcvCdRTEbAmCaD0ZlgvE0V2VXSFW4bHr-NTC9yFssEmBsEJsYEmLeZ3W8j3B0EzXYMPF-AKp64UX0SzXyDaLd4mW-j3p4ETsYkKFdb0XYcvL5WJVyDaF-AUp-DGL9cxZm9SM8gRC-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=64457177.1674291152&tid=UA-32454353-1&_gid=462944300.1674291152&cd1=oz9lo258n2kesUk8sT5ipz9hsTgfn3k8sUj%3D&z=1042615852
142.250.74.14200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j99&a=969530674&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHPBscFL0gRs7tQLe4Gr6flB0c0XyfFC8gxWXclF1yQs7H3B-IlV7j3BjWJr_xUCutvXt13F4EJsmqPCdRJs8flB8DzsyDmKetPrw5aqzVzsmclF8IPqx13F4AJr_xaCutFBsImqjI2rXu2E04mWYIwptS2Z3cvEdRTnSgaFeLHVytUL8IvXx13FjyxsmcvCdRTEbAmCaD0ZlgvE0V2VXSFW4bHr-NTC9yFssEmBsEJsYEmLeZ3W8j3B0EzXYMPF-AKp64UX0SzXyDaLd4mW-j3p4ETsYkKFdb0XYcvL5WJVyDaF-AUp-DGL9cxZm9SM8gRC-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=64457177.1674291152&tid=UA-32454353-1&_gid=462944300.1674291152&cd1=oz9lo258n2kesUk8sT5ipz9hsTgfn3k8sUj%3D&z=1042615852
IP 142.250.74.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j99&a=969530674&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHPBscFL0gRs7tQLe4Gr6flB0c0XyfFC8gxWXclF1yQs7H3B-IlV7j3BjWJr_xUCutvXt13F4EJsmqPCdRJs8flB8DzsyDmKetPrw5aqzVzsmclF8IPqx13F4AJr_xaCutFBsImqjI2rXu2E04mWYIwptS2Z3cvEdRTnSgaFeLHVytUL8IvXx13FjyxsmcvCdRTEbAmCaD0ZlgvE0V2VXSFW4bHr-NTC9yFssEmBsEJsYEmLeZ3W8j3B0EzXYMPF-AKp64UX0SzXyDaLd4mW-j3p4ETsYkKFdb0XYcvL5WJVyDaF-AUp-DGL9cxZm9SM8gRC-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=64457177.1674291152&tid=UA-32454353-1&_gid=462944300.1674291152&cd1=oz9lo258n2kesUk8sT5ipz9hsTgfn3k8sUj%3D&z=1042615852 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Fri, 20 Jan 2023 10:39:19 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 79993
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8e02f164c0a62ef9cb14a9dc4a9913b4
307422f16bb9b3b43b6a257394393cd443c38b80
17533a9abd18d229120dc81b879958bbd0f0403f28ca8dd0293e3672c7d792a3
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4819
Cache-Control: max-age=122312
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:32 GMT
Etag: "63cacfc5-1d7"
Expires: Sun, 22 Jan 2023 18:51:04 GMT
Last-Modified: Fri, 20 Jan 2023 17:30:45 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/offersearchGo?.ts=1674230200129&.sig=Y.tun7RCDEaHOSZd9N8dz4WynXY-&affiliationId=96965866&comId=12930613&country=no&offerId=fef53c244f44d7d61ce260f1eb0c8953&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8gQAx13F5qzZuIaBdtPETcFLbI0A0EJV3ZUCWg3B8t0r7VvF7gQqt13qVyRsmOUL-AUpX1aV&custom2=8IPrxk3FjSTsy03MlRJFQqwqxqRA-tzE
95.211.116.26200 OK 30 kB URL HTTP/1.1 no-go.kelkoogroup.net/offersearchGo?.ts=1674230200129&.sig=Y.tun7RCDEaHOSZd9N8dz4WynXY-&affiliationId=96965866&comId=12930613&country=no&offerId=fef53c244f44d7d61ce260f1eb0c8953&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8gQAx13F5qzZuIaBdtPETcFLbI0A0EJV3ZUCWg3B8t0r7VvF7gQqt13qVyRsmOUL-AUpX1aV&custom2=8IPrxk3FjSTsy03MlRJFQqwqxqRA-tzE
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12878)
Hash 298404d877f8467bc89d26e8c242535d
7b993b30f31ebebea1c8bbd9b8efa7fd56a7d7cf
83b69e0c011bebc583a8d4115af371e42e234d017af8e8972568ee4f27717c06
GET /offersearchGo?.ts=1674230200129&.sig=Y.tun7RCDEaHOSZd9N8dz4WynXY-&affiliationId=96965866&comId=12930613&country=no&offerId=fef53c244f44d7d61ce260f1eb0c8953&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8gQAx13F5qzZuIaBdtPETcFLbI0A0EJV3ZUCWg3B8t0r7VvF7gQqt13qVyRsmOUL-AUpX1aV&custom2=8IPrxk3FjSTsy03MlRJFQqwqxqRA-tzE HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://r.redirekted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1674291152815_1889585
clickId: 107698149_1674291152807_2093261
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=2ikEKBKciHSORs-~Vqi1D-4JyFjM85E~T31volqhlHK88Nc-WGMe30AZeb~~EgDDzJhJl6Id~n8RM-StFFAH2Bq_w3ALnCKly0sCneh_A-pH29QK_L_Qer7lXMtt3uO; Max-Age=31536000; Expires=Sun, 21 Jan 2024 08:52:32 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c6295-185d38787a8-72bfe; Max-Age=31536000; Expires=Sun, 21 Jan 2024 08:52:32 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
X-DataDome: protected
Request-Time: PT0.016796S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Sat, 21 Jan 2023 08:52:32 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 29979
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed49d56f330fab19bb1aba7e79d0ade490fdb1dd126a6ac38d64f0cbee808d8f0c78d5b8886160dd21ca369622c86586cabc9dc9abdaf6974e6ad263bc911a41329fddb9627f586a6eccddad8cf094952814a557cadba16490c02aa79bf07093f43f1aa19c250b682ee5fda14051cb32b960282333e7b2abab510f7dc4a23c21642f0f9a68bc10195caf4d1c32e962b99c2e5d77c2b4159828b158161bc9f3ffbc135e4071d04c98cf7ebd9c97de1b162c214fd2fa860fadc655da0091d6a639595d23cb318767e2945c0739c19b8d18eedaf4bfd07fa294fd24c9b6bd09a86a94b70e61fa0783ef5b23a2daedcff62dec4c2189e84c7c64a493ecb40fd03830ab808ee1ebf5847c5a15f31374574892e7d902998caa2627bb5627d670c219fb90e1e534a9c015dcfa3d12ac5ed13ccaff365d0326e6cabbb915cbb1e00353378bb4a59c03e55cb31282cde1ddb34a8d615921fb9cafad3c084d876b4a7da596b7386ab52988a7d73586e306dd3c0d8129a5f2591c8bc7a260e3acd025bd7ceb7e
95.211.116.26200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed49d56f330fab19bb1aba7e79d0ade490fdb1dd126a6ac38d64f0cbee808d8f0c78d5b8886160dd21ca369622c86586cabc9dc9abdaf6974e6ad263bc911a41329fddb9627f586a6eccddad8cf094952814a557cadba16490c02aa79bf07093f43f1aa19c250b682ee5fda14051cb32b960282333e7b2abab510f7dc4a23c21642f0f9a68bc10195caf4d1c32e962b99c2e5d77c2b4159828b158161bc9f3ffbc135e4071d04c98cf7ebd9c97de1b162c214fd2fa860fadc655da0091d6a639595d23cb318767e2945c0739c19b8d18eedaf4bfd07fa294fd24c9b6bd09a86a94b70e61fa0783ef5b23a2daedcff62dec4c2189e84c7c64a493ecb40fd03830ab808ee1ebf5847c5a15f31374574892e7d902998caa2627bb5627d670c219fb90e1e534a9c015dcfa3d12ac5ed13ccaff365d0326e6cabbb915cbb1e00353378bb4a59c03e55cb31282cde1ddb34a8d615921fb9cafad3c084d876b4a7da596b7386ab52988a7d73586e306dd3c0d8129a5f2591c8bc7a260e3acd025bd7ceb7e
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed49d56f330fab19bb1aba7e79d0ade490fdb1dd126a6ac38d64f0cbee808d8f0c78d5b8886160dd21ca369622c86586cabc9dc9abdaf6974e6ad263bc911a41329fddb9627f586a6eccddad8cf094952814a557cadba16490c02aa79bf07093f43f1aa19c250b682ee5fda14051cb32b960282333e7b2abab510f7dc4a23c21642f0f9a68bc10195caf4d1c32e962b99c2e5d77c2b4159828b158161bc9f3ffbc135e4071d04c98cf7ebd9c97de1b162c214fd2fa860fadc655da0091d6a639595d23cb318767e2945c0739c19b8d18eedaf4bfd07fa294fd24c9b6bd09a86a94b70e61fa0783ef5b23a2daedcff62dec4c2189e84c7c64a493ecb40fd03830ab808ee1ebf5847c5a15f31374574892e7d902998caa2627bb5627d670c219fb90e1e534a9c015dcfa3d12ac5ed13ccaff365d0326e6cabbb915cbb1e00353378bb4a59c03e55cb31282cde1ddb34a8d615921fb9cafad3c084d876b4a7da596b7386ab52988a7d73586e306dd3c0d8129a5f2591c8bc7a260e3acd025bd7ceb7e HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1674230200129&.sig=Y.tun7RCDEaHOSZd9N8dz4WynXY-&affiliationId=96965866&comId=12930613&country=no&offerId=fef53c244f44d7d61ce260f1eb0c8953&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8gQAx13F5qzZuIaBdtPETcFLbI0A0EJV3ZUCWg3B8t0r7VvF7gQqt13qVyRsmOUL-AUpX1aV&custom2=8IPrxk3FjSTsy03MlRJFQqwqxqRA-tzE
Connection: keep-alive
Cookie: datadome=2ikEKBKciHSORs-~Vqi1D-4JyFjM85E~T31volqhlHK88Nc-WGMe30AZeb~~EgDDzJhJl6Id~n8RM-StFFAH2Bq_w3ALnCKly0sCneh_A-pH29QK_L_Qer7lXMtt3uO; kelkooID=a4c6295-185d38787a8-72bfe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1674291152815_1889585
clickId: 107698149_1674291152807_2093261
country: no
Request-Time: PT0.001192S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Sat, 21 Jan 2023 08:52:32 GMT
Content-Type: image/png
Content-Length: 68
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed49d56f330fab19bb1aba7e79d0ade490fdb1dd126a6ac38d64f0cbee808d8f0c78d5b8886160dd21ca369622c86586cabc9dc9abdaf6974e6ad263bc911a41329fddb9627f586a6eccddad8cf094952814a557cadba16490c02aa79bf07093f43f1aa19c250b682ee5fda14051cb32b960282333e7b2abab510f7dc4a23c21642f0f9a68bc10195caf4d1c32e962b99c2e5d77c2b4159828b158161bc9f3ffbc135e4071d04c98cf7ebd9c97de1b162c214fd2fa860fadc655da0091d6a639595d23cb318767e2945c0739c19b8d18eedaf4bfd07fa294fd24c9b6bd09a86a94b70e61fa0783ef5b23a2daedcff62dec4c2189e84c7c64a493ecb40fd03830ab808ee1ebf5847c5a15f31374574892e7d902998caa2627bb5627d670c219fb90e1e534a9c015dcfa3d12ac5ed13ccaff365d0326e6cabbb915cbb1e00353378bb4a59c03e55cb31282cde1ddb34a8d615921fb9cafad3c084d876b4a7da596b7386ab52988a7d73586e306dd3c0d8129a5f2591c8bc7a260e3acd025bd7ceb7e
95.211.116.26200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed49d56f330fab19bb1aba7e79d0ade490fdb1dd126a6ac38d64f0cbee808d8f0c78d5b8886160dd21ca369622c86586cabc9dc9abdaf6974e6ad263bc911a41329fddb9627f586a6eccddad8cf094952814a557cadba16490c02aa79bf07093f43f1aa19c250b682ee5fda14051cb32b960282333e7b2abab510f7dc4a23c21642f0f9a68bc10195caf4d1c32e962b99c2e5d77c2b4159828b158161bc9f3ffbc135e4071d04c98cf7ebd9c97de1b162c214fd2fa860fadc655da0091d6a639595d23cb318767e2945c0739c19b8d18eedaf4bfd07fa294fd24c9b6bd09a86a94b70e61fa0783ef5b23a2daedcff62dec4c2189e84c7c64a493ecb40fd03830ab808ee1ebf5847c5a15f31374574892e7d902998caa2627bb5627d670c219fb90e1e534a9c015dcfa3d12ac5ed13ccaff365d0326e6cabbb915cbb1e00353378bb4a59c03e55cb31282cde1ddb34a8d615921fb9cafad3c084d876b4a7da596b7386ab52988a7d73586e306dd3c0d8129a5f2591c8bc7a260e3acd025bd7ceb7e
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed49d56f330fab19bb1aba7e79d0ade490fdb1dd126a6ac38d64f0cbee808d8f0c78d5b8886160dd21ca369622c86586cabc9dc9abdaf6974e6ad263bc911a41329fddb9627f586a6eccddad8cf094952814a557cadba16490c02aa79bf07093f43f1aa19c250b682ee5fda14051cb32b960282333e7b2abab510f7dc4a23c21642f0f9a68bc10195caf4d1c32e962b99c2e5d77c2b4159828b158161bc9f3ffbc135e4071d04c98cf7ebd9c97de1b162c214fd2fa860fadc655da0091d6a639595d23cb318767e2945c0739c19b8d18eedaf4bfd07fa294fd24c9b6bd09a86a94b70e61fa0783ef5b23a2daedcff62dec4c2189e84c7c64a493ecb40fd03830ab808ee1ebf5847c5a15f31374574892e7d902998caa2627bb5627d670c219fb90e1e534a9c015dcfa3d12ac5ed13ccaff365d0326e6cabbb915cbb1e00353378bb4a59c03e55cb31282cde1ddb34a8d615921fb9cafad3c084d876b4a7da596b7386ab52988a7d73586e306dd3c0d8129a5f2591c8bc7a260e3acd025bd7ceb7e HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1674230200129&.sig=Y.tun7RCDEaHOSZd9N8dz4WynXY-&affiliationId=96965866&comId=12930613&country=no&offerId=fef53c244f44d7d61ce260f1eb0c8953&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8gQAx13F5qzZuIaBdtPETcFLbI0A0EJV3ZUCWg3B8t0r7VvF7gQqt13qVyRsmOUL-AUpX1aV&custom2=8IPrxk3FjSTsy03MlRJFQqwqxqRA-tzE
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=2ikEKBKciHSORs-~Vqi1D-4JyFjM85E~T31volqhlHK88Nc-WGMe30AZeb~~EgDDzJhJl6Id~n8RM-StFFAH2Bq_w3ALnCKly0sCneh_A-pH29QK_L_Qer7lXMtt3uO; kelkooID=a4c6295-185d38787a8-72bfe; _ga=GA1.2.1290172459.1674291152; _gid=GA1.2.383410748.1674291152
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1674291152815_1889585
clickId: 107698149_1674291152807_2093261
country: no
Request-Time: PT0.00309S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Sat, 21 Jan 2023 08:52:32 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
dd.kelkoogroup.net/tags.js
54.230.111.93200 OK 43 kB URL HTTP/2 dd.kelkoogroup.net/tags.js
IP 54.230.111.93:0
File type ASCII text, with very long lines (65432)
Hash 4f8144b2985648c1bad7c401a20ccb9d
9cd4ed99360cc3eed20117210281df7ffb5361ab
30981cad703951c7225da7d3003201a38acf5fc8c716579e6a82e983fbe3e5fc
GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=2ikEKBKciHSORs-~Vqi1D-4JyFjM85E~T31volqhlHK88Nc-WGMe30AZeb~~EgDDzJhJl6Id~n8RM-StFFAH2Bq_w3ALnCKly0sCneh_A-pH29QK_L_Qer7lXMtt3uO; kelkooID=a4c6295-185d38787a8-72bfe; _ga=GA1.2.1290172459.1674291152; _gid=GA1.2.383410748.1674291152
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 42799
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Fri, 20 Jan 2023 15:06:54 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront), 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
date: Sat, 21 Jan 2023 08:07:32 GMT
cache-control: max-age=3600, public
expires: Sat, 21 Jan 2023 09:07:27 GMT
etag: "3340f-5f2b36663d701-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: QjDj0LRy1mULMn2bExTWs01bW5z1lG2KNoZdu-RR0DX8EF0EAfZWDQ==
age: 2705
X-Firefox-Spdy: h2
no-go.kelkoogroup.net/favicon.ico
95.211.116.26404 Not Found 1.1 kB URL HTTP/1.1 no-go.kelkoogroup.net/favicon.ico
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8560de521c4990c7c870121fc9643508
0cacf7a6b96cceeb6ceae74d5f14dc87406a6f39
73a434285c3a752bc8c44aebd50e10f1a766853cbc7184e78d5c934c7b52b620
GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1674230200129&.sig=Y.tun7RCDEaHOSZd9N8dz4WynXY-&affiliationId=96965866&comId=12930613&country=no&offerId=fef53c244f44d7d61ce260f1eb0c8953&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8gQAx13F5qzZuIaBdtPETcFLbI0A0EJV3ZUCWg3B8t0r7VvF7gQqt13qVyRsmOUL-AUpX1aV&custom2=8IPrxk3FjSTsy03MlRJFQqwqxqRA-tzE
Connection: keep-alive
Cookie: datadome=2ikEKBKciHSORs-~Vqi1D-4JyFjM85E~T31volqhlHK88Nc-WGMe30AZeb~~EgDDzJhJl6Id~n8RM-StFFAH2Bq_w3ALnCKly0sCneh_A-pH29QK_L_Qer7lXMtt3uO; kelkooID=a4c6295-185d38787a8-72bfe; _ga=GA1.2.1290172459.1674291152; _gid=GA1.2.383410748.1674291152
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Request-Time: PT0.000183S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Sat, 21 Jan 2023 08:52:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1144
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed49d56f330fab19bb1aba7e79d0ade490fdb1dd126a6ac38d64f0cbee808d8f0c78d5b8886160dd21ca369622c86586cabc9dc9abdaf6974e6ad263bc911a41329fddb9627f586a6eccddad8cf094952814a557cadba16490c02aa79bf07093f43f1aa19c250b682ee5fda14051cb32b960282333e7b2abab510f7dc4a23c21642f0f9a68bc10195caf4d1c32e962b99c2e5d77c2b4159828b158161bc9f3ffbc135e4071d04c98cf7ebd9c97de1b162c214fd2fa860fadc655da0091d6a639595d23cb318767e2945c0739c19b8d18eedaf4bfd07fa294fd24c9b6bd09a86a94b70e61fa0783ef5b23a2daedcff62dec4c2189e84c7c64a493ecb40fd03830ab808ee1ebf5847c5a15f31374574892e7d902998caa2627bb5627d670c219fb90e1e534a9c015dcfa3d12ac5ed13ccaff365d0326e6cabbb915cbb1e00353378bb4a59c03e55cb31282cde1ddb34a8d615921fb9cafad3c084d876b4a7da596b7386ab52988a7d73586e306dd3c0d8129a5f2591c8bc7a260e3acd025bd7ceb7e&url=https%3A%2F%2Fclick.cptrack.de%2F%3Frd%3Dtrue%26k%3DBSQDXJ6-E9RRx7oYvxmJi9JLVKFJ3he43EwuTH95xiE&initiator=timeout
95.211.116.26303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed49d56f330fab19bb1aba7e79d0ade490fdb1dd126a6ac38d64f0cbee808d8f0c78d5b8886160dd21ca369622c86586cabc9dc9abdaf6974e6ad263bc911a41329fddb9627f586a6eccddad8cf094952814a557cadba16490c02aa79bf07093f43f1aa19c250b682ee5fda14051cb32b960282333e7b2abab510f7dc4a23c21642f0f9a68bc10195caf4d1c32e962b99c2e5d77c2b4159828b158161bc9f3ffbc135e4071d04c98cf7ebd9c97de1b162c214fd2fa860fadc655da0091d6a639595d23cb318767e2945c0739c19b8d18eedaf4bfd07fa294fd24c9b6bd09a86a94b70e61fa0783ef5b23a2daedcff62dec4c2189e84c7c64a493ecb40fd03830ab808ee1ebf5847c5a15f31374574892e7d902998caa2627bb5627d670c219fb90e1e534a9c015dcfa3d12ac5ed13ccaff365d0326e6cabbb915cbb1e00353378bb4a59c03e55cb31282cde1ddb34a8d615921fb9cafad3c084d876b4a7da596b7386ab52988a7d73586e306dd3c0d8129a5f2591c8bc7a260e3acd025bd7ceb7e&url=https%3A%2F%2Fclick.cptrack.de%2F%3Frd%3Dtrue%26k%3DBSQDXJ6-E9RRx7oYvxmJi9JLVKFJ3he43EwuTH95xiE&initiator=timeout
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed49d56f330fab19bb1aba7e79d0ade490fdb1dd126a6ac38d64f0cbee808d8f0c78d5b8886160dd21ca369622c86586cabc9dc9abdaf6974e6ad263bc911a41329fddb9627f586a6eccddad8cf094952814a557cadba16490c02aa79bf07093f43f1aa19c250b682ee5fda14051cb32b960282333e7b2abab510f7dc4a23c21642f0f9a68bc10195caf4d1c32e962b99c2e5d77c2b4159828b158161bc9f3ffbc135e4071d04c98cf7ebd9c97de1b162c214fd2fa860fadc655da0091d6a639595d23cb318767e2945c0739c19b8d18eedaf4bfd07fa294fd24c9b6bd09a86a94b70e61fa0783ef5b23a2daedcff62dec4c2189e84c7c64a493ecb40fd03830ab808ee1ebf5847c5a15f31374574892e7d902998caa2627bb5627d670c219fb90e1e534a9c015dcfa3d12ac5ed13ccaff365d0326e6cabbb915cbb1e00353378bb4a59c03e55cb31282cde1ddb34a8d615921fb9cafad3c084d876b4a7da596b7386ab52988a7d73586e306dd3c0d8129a5f2591c8bc7a260e3acd025bd7ceb7e&url=https%3A%2F%2Fclick.cptrack.de%2F%3Frd%3Dtrue%26k%3DBSQDXJ6-E9RRx7oYvxmJi9JLVKFJ3he43EwuTH95xiE&initiator=timeout HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1674230200129&.sig=Y.tun7RCDEaHOSZd9N8dz4WynXY-&affiliationId=96965866&comId=12930613&country=no&offerId=fef53c244f44d7d61ce260f1eb0c8953&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8gQAx13F5qzZuIaBdtPETcFLbI0A0EJV3ZUCWg3B8t0r7VvF7gQqt13qVyRsmOUL-AUpX1aV&custom2=8IPrxk3FjSTsy03MlRJFQqwqxqRA-tzE
Connection: keep-alive
Cookie: datadome=2ikEKBKciHSORs-~Vqi1D-4JyFjM85E~T31volqhlHK88Nc-WGMe30AZeb~~EgDDzJhJl6Id~n8RM-StFFAH2Bq_w3ALnCKly0sCneh_A-pH29QK_L_Qer7lXMtt3uO; kelkooID=a4c6295-185d38787a8-72bfe; _ga=GA1.2.1290172459.1674291152; _gid=GA1.2.383410748.1674291152
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1674291152815_1889585
clickId: 107698149_1674291152807_2093261
country: no
Location: https://click.cptrack.de/?rd=true&k=BSQDXJ6-E9RRx7oYvxmJi9JLVKFJ3he43EwuTH95xiE
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=2msieCvGB4VaFIoFymC5URtMqOJ9Iat6R7oE46UlEI6fjRgvZAt716X8LWdDoTgDb95AcjelI~4KVvL3CArC3ycObSSXUu0vCqpB6ygG2MyQWoqhk6Av~K7WAn5FggeR; Max-Age=31536000; Expires=Sun, 21 Jan 2024 08:52:33 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
X-DataDome: protected
Request-Time: PT0.013022S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Sat, 21 Jan 2023 08:52:33 GMT
Content-Length: 0
ocsp.usertrust.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 21fb94b3b9d4210d4415c861c4fbfe17
77efeb7b269371e197fc54e6796819cf38acab36
01583f53110b7b2b8f408c1782278926ee8670a1784651b99d12602e780cc077
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 08:52:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 01:51:18 GMT
Expires: Sat, 28 Jan 2023 01:51:17 GMT
Etag: "77efeb7b269371e197fc54e6796819cf38acab36"
Cache-Control: max-age=602822,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1793
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ced07b49adb503-OSL
api-js.datadome.co/js/
13.48.21.77200 OK 236 B IP 13.48.21.77:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 31b1f48aee1a60f64f667a1133478d68
bafaa949e8cc6d5f408744a4d0139993dd4705c9
937328eba97e3803262b0d954d1fe22b925e652f54ab7f6a8fab300691d4f58f
POST /js/ HTTP/1.1
Host: api-js.datadome.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4060
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: application/json;charset=utf-8
content-length: 236
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash abd4c44c9626d2d6d844c1725bf93c56
372f9e30d339fd96fcaa34e57ec805e722c83360
f472da6698cc446d8c7368b4003a50e9cb16c6cc7fedc0210300a554d936b57b
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2461
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:33 GMT
Etag: "63cb45d0-1d7"
Last-Modified: Sat, 21 Jan 2023 08:11:32 GMT
Server: ECS (amb/6B73)
X-Cache: HIT
Content-Length: 471
click.cptrack.de/?rd=true&k=BSQDXJ6-E9RRx7oYvxmJi9JLVKFJ3he43EwuTH95xiE
213.133.127.252302 Found 0 B URL HTTP/2 click.cptrack.de/?rd=true&k=BSQDXJ6-E9RRx7oYvxmJi9JLVKFJ3he43EwuTH95xiE
IP 213.133.127.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?rd=true&k=BSQDXJ6-E9RRx7oYvxmJi9JLVKFJ3he43EwuTH95xiE HTTP/1.1
Host: click.cptrack.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 21 Jan 2023 08:52:33 GMT
content-length: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
last-modified: Sat, 21 Jan 2023 08:52:33 GMT
server: ChannelPilotTraxport
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
set-cookie: __cpc=N4wrL6bbJi-uGl9udI6GQOu3rF8Ky5DT88Kyhe1aeTjstKqi6UwSxDCi7Um_eGYPzUHdhwsUA7fGKIXeIkl0XQwv4tRxPacdnDV6J7Pubxk~;Path=/;Domain=.cptrack.de;Expires=Thu, 20-Jul-2023 08:52:33 GMT; Secure; SameSite=None; HttpOnly
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker og Vester&utm_content=Bergans&utm_term=1451016
strict-transport-security: max-age=31536000; preload
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
content-security-policy: default-src https: 'self'
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1674230200129%26.sig%3DY.tun7RCDEaHOSZd9N8dz4WynXY-%26affiliationId%3D96965866%26comId%3D12930613%26country%3Dno%26offerId%3Dfef53c244f44d7d61ce260f1eb0c8953%26service%3D37%26tokenId%3D35e025c3-2943-4e2d-874f-eaee491f9fab%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D8gQAx13F5qzZuIaBdtPETcFLbI0A0EJV3ZUCWg3B8t0r7VvF7gQqt13qVyRsmOUL-AUpX1aV%26custom2%3D8IPrxk3FjSTsy03MlRJFQqwqxqRA-tzE&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965866%7C12930613%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Addnature.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1290172459.1674291152&tid=UA-168544891-6&_gid=383410748.1674291152&_r=1&cd1=96965866&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1674291152815_1889585&cd3=12930613&cd4=a4c6295-185d38787a8-72bfe&cd5=&cd6=96965866%7C12930613%7C&z=1504132722
142.250.74.14200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1674230200129%26.sig%3DY.tun7RCDEaHOSZd9N8dz4WynXY-%26affiliationId%3D96965866%26comId%3D12930613%26country%3Dno%26offerId%3Dfef53c244f44d7d61ce260f1eb0c8953%26service%3D37%26tokenId%3D35e025c3-2943-4e2d-874f-eaee491f9fab%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D8gQAx13F5qzZuIaBdtPETcFLbI0A0EJV3ZUCWg3B8t0r7VvF7gQqt13qVyRsmOUL-AUpX1aV%26custom2%3D8IPrxk3FjSTsy03MlRJFQqwqxqRA-tzE&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965866%7C12930613%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Addnature.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1290172459.1674291152&tid=UA-168544891-6&_gid=383410748.1674291152&_r=1&cd1=96965866&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1674291152815_1889585&cd3=12930613&cd4=a4c6295-185d38787a8-72bfe&cd5=&cd6=96965866%7C12930613%7C&z=1504132722
IP 142.250.74.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1674230200129%26.sig%3DY.tun7RCDEaHOSZd9N8dz4WynXY-%26affiliationId%3D96965866%26comId%3D12930613%26country%3Dno%26offerId%3Dfef53c244f44d7d61ce260f1eb0c8953%26service%3D37%26tokenId%3D35e025c3-2943-4e2d-874f-eaee491f9fab%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D8gQAx13F5qzZuIaBdtPETcFLbI0A0EJV3ZUCWg3B8t0r7VvF7gQqt13qVyRsmOUL-AUpX1aV%26custom2%3D8IPrxk3FjSTsy03MlRJFQqwqxqRA-tzE&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965866%7C12930613%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Addnature.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1290172459.1674291152&tid=UA-168544891-6&_gid=383410748.1674291152&_r=1&cd1=96965866&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1674291152815_1889585&cd3=12930613&cd4=a4c6295-185d38787a8-72bfe&cd5=&cd6=96965866%7C12930613%7C&z=1504132722 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Sat, 21 Jan 2023 08:52:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/fonts/iconfont/outfitter-iconfont.woff2
172.64.158.155200 OK 22 kB URL HTTP/2 www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/fonts/iconfont/outfitter-iconfont.woff2
IP 172.64.158.155:0
File type Web Open Font Format (Version 2), TrueType, length 21632, version 1.0\012- data
Hash 7faf7cb986d0b187635557c8ffd28dcd
142ab78f5d3d189ac07e05d021c236f181090ead
c16808355a2f9178731925bc90ea48d1ded6fa988444526cc4af1c32242777f8
GET /on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/fonts/iconfont/outfitter-iconfont.woff2 HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: font/woff2
content-length: 21632
x-dw-request-base-id: inJKHy9Vy2MBAAB_
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=2588350
expires: Mon, 20 Feb 2023 02:59:59 GMT
last-modified: Wed, 11 Jan 2023 16:07:10 GMT
cf-cache-status: HIT
age: 17503
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07eb8a2b517-OSL
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/fonts/opensans/Open-Sans-Regular.woff2
172.64.158.155200 OK 14 kB URL HTTP/2 www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/fonts/opensans/Open-Sans-Regular.woff2
IP 172.64.158.155:0
File type Web Open Font Format (Version 2), TrueType, length 14048, version 1.0\012- data
Hash cffb686d7d2f4682df8342bd4d276e09
2c07a9656f1e38da408f20f1cf11581a15cbd7a2
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
GET /on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/fonts/opensans/Open-Sans-Regular.woff2 HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: font/woff2
content-length: 14048
x-dw-request-base-id: inJkHipVy2MBAAB_
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=2588346
expires: Mon, 20 Feb 2023 02:59:54 GMT
last-modified: Wed, 11 Jan 2023 16:07:10 GMT
cf-cache-status: HIT
age: 11914
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07eb8a3b517-OSL
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/default/dw2d1b9e51/images/imagenotfound.gif
172.64.158.155200 OK 43 B URL HTTP/2 www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/default/dw2d1b9e51/images/imagenotfound.gif
IP 172.64.158.155:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /on/demandware.static/Sites-addnature-no-Site/-/default/dw2d1b9e51/images/imagenotfound.gif HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: image/gif
content-length: 43
cache-control: public, max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
cross-origin-resource-policy: cross-origin
expires: Thu, 16 Feb 2023 12:41:05 GMT
last-modified: Wed, 11 Jan 2023 16:07:10 GMT
x-dw-request-base-id: inIBrmGXxmMBAAB_
cf-cache-status: HIT
age: 331887
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07ed8c6b517-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.149.64200 OK 8.1 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.149.64:0
File type ASCII text, with very long lines (24742)
Hash 59d0843ea535a679e836bfdc4fd847c9
8c8938ff086a2b05eb9e431cb8ff7150f50c7b48
6f5b514345f75508ac2e5827b6e50c804a3d5ec2aa44975ec6a2bdfcb438fd17
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: application/javascript
content-length: 8053
content-encoding: gzip
content-md5: WdCEPqU1pnnoNr/cT9hHyQ==
last-modified: Thu, 19 Jan 2023 03:33:38 GMT
etag: 0x8DAF9CDF4501E69
x-ms-request-id: 15ffa017-701e-0112-1b63-2caaaf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 51256
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78ced07ee9f5b511-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a2370e9531e92040565978c4bd77c7a2
1fe53d3b4fe24c0d2356094136bdb69762b193d7
526743fb7ff26e836ef361a28dde08076cf5dfc6c4e87f855beb43cca8f57719
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2281
Cache-Control: max-age=92070
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:33 GMT
Etag: "63ca638e-116"
Expires: Sun, 22 Jan 2023 10:27:03 GMT
Last-Modified: Fri, 20 Jan 2023 09:49:02 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/default/dw4a07407e/images/logo.svg
172.64.158.155200 OK 4.3 kB URL HTTP/2 www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/default/dw4a07407e/images/logo.svg
IP 172.64.158.155:0
Hash c00fe652cff022fd4c2135d052ba87ec
1b7623ffab9a2f3f938ccca1831775a559248788
d2c56af88e307980a3f8e3a7f9bbd01c552ba6a5d3bf1e3372a79018431db880
GET /on/demandware.static/Sites-addnature-no-Site/-/default/dw4a07407e/images/logo.svg HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: image/svg+xml
x-dw-request-base-id: XQqSmmCXxmMBAAB_
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=2592000
expires: Thu, 16 Feb 2023 12:41:04 GMT
last-modified: Wed, 11 Jan 2023 16:07:09 GMT
cf-cache-status: HIT
age: 331889
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07ec8b1b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
static.demoup.com/addnature.com/stage2.min.js
143.204.55.9200 OK 24 kB URL HTTP/1.1 static.demoup.com/addnature.com/stage2.min.js
IP 143.204.55.9:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash b419631f90de871d2d2b30bca5c6b709
7a1134bf58e4de5068a8b864535ff54321d3a166
584933079adcee0efeb114138e1942abdb3be56f1505fb5fe191e510aff1ebd9
GET /addnature.com/stage2.min.js HTTP/1.1
Host: static.demoup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Jul 2022 11:46:37 GMT
Server: AmazonS3
Via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront), 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
Content-Encoding: gzip
Date: Sat, 21 Jan 2023 05:20:18 GMT
Cache-Control: 2592000
ETag: W/"db05147172c8a5784ccf6a43f5fac15f"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA56-P2, OSL50-C1
X-Amz-Cf-Id: FJityw_uZpOhUphZv-Ho82uC8xLD9XwHdCrv7Wf5JgLW9p2iXwJkbA==
Age: 12736
addnature.app.baqend.com/v1/speedkit/install.js?d=production
151.101.2.8200 OK 18 kB URL HTTP/2 addnature.app.baqend.com/v1/speedkit/install.js?d=production
IP 151.101.2.8:0
File type ASCII text, with very long lines (45618)
Hash 2ae2add23ed9120327578c7822081964
05c95273b2dec8f54155a6648a4b6e3ba58234e9
84d8cf2b126ca45a1089aa41eaeb5ebb6c2ff903351e046a02da0955c57056e9
GET /v1/speedkit/install.js?d=production HTTP/1.1
Host: addnature.app.baqend.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.addnature.no
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
etag: "2U8cXFCKVtjLW6QbmJIbSA==--br"
accept-ranges: bytes
date: Sat, 21 Jan 2023 08:52:33 GMT
age: 31534052
cache-control: private,browser-ttl=1800,sw-max-age=31536000,max-age=31535852
x-served-by: cache-bma1679-BMA
x-cache: HIT
x-cache-hits: 5
x-timer: S1674291154.829391,VS0,VE1
access-control-allow-credentials: true
access-control-allow-origin: https://www.addnature.no
access-control-expose-headers: Location, ETag, Baqend-Authorization-Token, Baqend-Acl, Baqend-Size, Baqend-SW-Control, Baqend-Created-At, Date, Age, Baqend-Speed-Kit, Baqend-Custom-Headers, X-Served-By, X-Cache, X-Timer, Access-Control-Allow-Origin, Fastly-Io-Info, Server-Timing
timing-allow-origin: https://www.addnature.no
vary: Accept-Encoding, Origin
via: baqend
server-timing: pop;desc=BMA;dur=1,cache;desc=EDGE,hotness;desc=5,proto;desc=h2
content-length: 17634
X-Firefox-Spdy: h2
images.internetstores.de/brands/bergans.jpg?forceSize=true&forceAspectRatio=true&forceAlign=leftbottom&size=120x39
104.22.9.100200 OK 6.8 kB URL HTTP/2 images.internetstores.de/brands/bergans.jpg?forceSize=true&forceAspectRatio=true&forceAlign=leftbottom&size=120x39
IP 104.22.9.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x39, components 3\012- data
Hash 5a61962283d193314e43e119a6fbad49
7741f020c43473abe9306058219b91a2ee3e9104
476a25e3d842d67f2b5fa5bf75da4dbfda79fb00aedda815d017920961a075b2
GET /brands/bergans.jpg?forceSize=true&forceAspectRatio=true&forceAlign=leftbottom&size=120x39 HTTP/1.1
Host: images.internetstores.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: image/jpeg
content-length: 6774
cache-control: max-age=1209600, public
cf-bgj: h2pri
access-control-allow-origin: *
etag: "62c2c23d-1a76"
expires: Tue, 31 Jan 2023 07:56:30 GMT
last-modified: Mon, 04 Jul 2022 10:34:37 GMT
pragma: public
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 348963
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ced07f7edc0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.internetstores.de/products/1451016/07/1ef9ac/bergans-roros-down-light-jacket-with-hood-women-brick-1.jpg?forceSize=true&forceAspectRatio=true&useTrim=true&size=90x90
104.22.9.100200 OK 7.4 kB URL HTTP/2 images.internetstores.de/products/1451016/07/1ef9ac/bergans-roros-down-light-jacket-with-hood-women-brick-1.jpg?forceSize=true&forceAspectRatio=true&useTrim=true&size=90x90
IP 104.22.9.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3\012- data
Hash f9dcd1c5715ccce7288df19ac9963ade
9e987b9a5e2ef598e2ed9af30d450f63b3a647cb
76639fcbf1a6c9f8470c4e1869a0b116f63518c7605d852e85c6e8877c26b2a4
GET /products/1451016/07/1ef9ac/bergans-roros-down-light-jacket-with-hood-women-brick-1.jpg?forceSize=true&forceAspectRatio=true&useTrim=true&size=90x90 HTTP/1.1
Host: images.internetstores.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: image/jpeg
content-length: 7396
cache-control: max-age=1209600, public
cf-bgj: h2pri
access-control-allow-origin: *
etag: "6154bff3-1ce4"
expires: Tue, 24 Jan 2023 07:34:24 GMT
last-modified: Wed, 29 Sep 2021 19:35:15 GMT
pragma: public
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 955089
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ced07f7ede0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.internetstores.de/products/1451016/07/1ef9ac/bergans-roros-down-light-jacket-with-hood-women-brick-1.jpg?forceSize=true&forceAspectRatio=true&useTrim=true&size=613x613
104.22.9.100200 OK 87 kB URL HTTP/2 images.internetstores.de/products/1451016/07/1ef9ac/bergans-roros-down-light-jacket-with-hood-women-brick-1.jpg?forceSize=true&forceAspectRatio=true&useTrim=true&size=613x613
IP 104.22.9.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 613x613, components 3\012- data
Hash e0788606a62b45a23f040094cc0387f1
40be466e4b63d1fc5c655ba40f727cdc11cf18b7
043a6407f221939877b2726642df293b65e8160b1e8a0025130dc941f7529db2
GET /products/1451016/07/1ef9ac/bergans-roros-down-light-jacket-with-hood-women-brick-1.jpg?forceSize=true&forceAspectRatio=true&useTrim=true&size=613x613 HTTP/1.1
Host: images.internetstores.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: image/jpeg
content-length: 87278
cache-control: max-age=1209600, public
cf-bgj: h2pri
access-control-allow-origin: *
etag: "61557191-154ee"
expires: Tue, 24 Jan 2023 07:34:24 GMT
last-modified: Thu, 30 Sep 2021 08:13:05 GMT
pragma: public
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 955089
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ced07f7edf0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 14 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type Web Open Font Format (Version 2), TrueType, length 14544, version 1.0\012- data
Hash 223a277bd88d8a90c8cdf24cda0ad5f5
24234c1c81b3948758c1a0be8e5a65386ca94c52
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 989
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
server: cloudflare
cf-ray: 78ced07f6b6dfab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 15 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type Web Open Font Format (Version 2), TrueType, length 15056, version 1.0\012- data
Hash 0edb76284a7a0f8db4665b560ee2b48f
02496387a5f7bf7b79df52c7b76ece4ebc7a0710
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 989
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
server: cloudflare
cf-ray: 78ced07f6b6efab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
static.demoup.com/api/stages/7513/stage1.js?url=https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%2520og%2520Vester&utm_content=Bergans&utm_term=1451016
143.204.55.9200 OK 0 B URL HTTP/1.1 static.demoup.com/api/stages/7513/stage1.js?url=https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%2520og%2520Vester&utm_content=Bergans&utm_term=1451016
IP 143.204.55.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/stages/7513/stage1.js?url=https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%2520og%2520Vester&utm_content=Bergans&utm_term=1451016 HTTP/1.1
Host: static.demoup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 0
Connection: keep-alive
Date: Sat, 21 Jan 2023 08:52:33 GMT
Last-Modified: 21 Jan 2023 08:52:33 GMT
Cache-Tag:
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Max-Age: 6000
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Cache-Control: public,max-age=3600,must-revalidate
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eryT1E9NK8IgfAU9Ru1Vp-Ggnu_bo9ub6gPL1jFSTEiIkZyEYfHliQ==
cdn.cookielaw.org/consent/766525aa-15df-473d-838d-50e00a067133/766525aa-15df-473d-838d-50e00a067133.json
104.16.149.64200 OK 1.3 kB URL HTTP/2 cdn.cookielaw.org/consent/766525aa-15df-473d-838d-50e00a067133/766525aa-15df-473d-838d-50e00a067133.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (3053), with no line terminators
Hash 2b6d10db2efb1cb413a046ffd739a737
c1e9e0a8d56542a1f9e6877b2bcd26dc3b876550
4dc57d646ad580e66d5458fcb37ebba4962e327ac3e1da1088d93669a2b7a896
GET /consent/766525aa-15df-473d-838d-50e00a067133/766525aa-15df-473d-838d-50e00a067133.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.addnature.no
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: application/x-javascript
content-length: 1325
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: K20Q2y77HLQToEb/1zmnNw==
last-modified: Tue, 14 Jun 2022 11:52:30 GMT
etag: 0x8DA4DFC5C8655B0
x-ms-request-id: df8faa3b-e01e-00f6-53e5-7ffff0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 11428
expires: Sun, 22 Jan 2023 08:52:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78ced07f9c2fb4ee-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9046bdd3634f2cfb8ace7c326c4af05f
d92d1610bbcc211f0648ec87b5aee6a562f606db
eea88fe2aaabd085058e3cf139e8780e1ddeff62e4fb94d6eeabe512a309d8ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 124 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type gzip compressed data, from Unix\012- data
Size 124 kB (124039 bytes)
Hash b1cccfc364e2ee739ba89680fd0242de
141465ed0fd752fb5e96e28529a828ec8d8cae78
5f0a0da1b92f7864a25ee078768b3ff8d550b106726060a49200929d81f01827
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 725
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
server: cloudflare
cf-ray: 78ced07fab84fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 956 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a9b2e38af6eedb996e18b438e6f737c0
103af213789c41b98b19107b3e6c0ae90650def5
32288c69c8e55c896ab1600f93532846c222139c44904bf6c84a6199fc4bd05e
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081dd36fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 760 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 34a563099efb1eff482425e32f8b4b86
8a6f7f86c5182c626120754cd06aab757613ae41
3f66f7bef98d742db6b585c7d44f2a523d6b4617effeca78ea39c10d1a1ac070
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081bd20fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/-/Library-Sites-addnature/default/dwab320c21/Contentgrafiken/thenorthface.png
172.64.158.155200 OK 954 B URL HTTP/2 www.addnature.no/on/demandware.static/-/Library-Sites-addnature/default/dwab320c21/Contentgrafiken/thenorthface.png
IP 172.64.158.155:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f6d9863586a1370a66352e26a91d711a
8bf45e714502cd076eb1ba04d49a6f4d17fee084
d12850c08675a9835179af36b3f5df0081374fa51652a0847389edaf8e6bf6b3
GET /on/demandware.static/-/Library-Sites-addnature/default/dwab320c21/Contentgrafiken/thenorthface.png HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==; baqend-speedkit-user-id=UX9kdasxp5peM5rr1kRPic90u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
content-type: image/webp
content-length: 954
cache-control: public, max-age=2559762
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3390
content-disposition: inline; filename="thenorthface.webp"
cross-origin-resource-policy: cross-origin
expires: Fri, 10 Feb 2023 19:54:36 GMT
last-modified: Tue, 30 Aug 2022 13:14:27 GMT
vary: Accept
x-dw-request-base-id: inJYufwTv2MBAAB_
cf-cache-status: HIT
age: 138725
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced0823c05b517-OSL
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 732 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0675c9898ef08a30fa45bee23713ec33
17867aea8f5ad608a2282b72806f3f0cf3b046d3
7c7047209af4cf39223db7e83cba33a1369a0f934a6d11cb15cbaa4e9c21158e
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081cd28fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 574 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a6c83ebe66cd2ffb7989d4a11eb7369a
9c9a4fa339f8894e1b3daf78d36626d57ad960e5
16f1223bc2296dac5ba8776063d30ec2f3450541072e97c57e6a7f49c1bf8492
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081cd31fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 700 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 70c4dbcb284fadf7cf9f64f719b36e14
10b87bd384db80f4ab0c3e9016ab3a817bb185e0
15fd1f66d11b9ea08dda8b3072e53d3a9d609da658f76f9dff2475aee09ced1c
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081cd2ffab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 24 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e092af49ae2ae41aace360e7e1e23368
01d66ced5466ca7abcde5c04bc61da92c694c46f
8bac91fd71455bbd476dc9e4b7d1533bf59c0c5f30ea869b185ded78e8c403af
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081cd34fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 1.2 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bfed3168cbe84242de77d4b860d18cae
119b716f91fc997a04766835c2e375949e06bca0
e26c5e5a1f9e40e5616b4f721cc875cf98bc05465b81a216ad45da4e4c55101e
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 774
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081ed42fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/-/Library-Sites-addnature/default/dw0fe86760/Contentgrafiken/bergans.png
172.64.158.155200 OK 1.2 kB URL HTTP/2 www.addnature.no/on/demandware.static/-/Library-Sites-addnature/default/dw0fe86760/Contentgrafiken/bergans.png
IP 172.64.158.155:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a89b18e095d7d619ce4e0bde7a854558
7915c2aa7afa0a767e510c46102bf17a41ce1576
2a3b6857fee9ec054812aba2d0114aa152fb13af1e5ec6687bbe582c19e37371
GET /on/demandware.static/-/Library-Sites-addnature/default/dw0fe86760/Contentgrafiken/bergans.png HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==; baqend-speedkit-user-id=UX9kdasxp5peM5rr1kRPic90u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
content-type: image/webp
content-length: 1208
cache-control: public, max-age=2569321
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2795
content-disposition: inline; filename="bergans.webp"
cross-origin-resource-policy: cross-origin
expires: Sat, 11 Feb 2023 13:28:41 GMT
last-modified: Tue, 30 Aug 2022 13:14:23 GMT
vary: Accept
x-dw-request-base-id: inKUlwkLwGMBAAB_
cf-cache-status: HIT
age: 138725
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced0824c25b517-OSL
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 910 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 056bf40b40379ca85ef226d821406de2
b100b2b39b9c1949e218e0010e78968d697617f5
89c3cb489a4636b2bde9033c599180d7cc859c9e82426fd3d3fd1e1ff45968ac
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081cd2dfab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/css/compilation.min.css
172.64.158.155200 OK 56 kB URL HTTP/2 www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/css/compilation.min.css
IP 172.64.158.155:0
Hash 3f70bcb41759c7a1eea4540b90402650
d5ae36b3a6a11d6b43aa8c28f0d6099a06365e22
1b2a3ad87c7203584593af618220c8a5be33c6cf81ed2e745a6185f1d00ac8ae
GET /on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/css/compilation.min.css HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: text/css
x-dw-request-base-id: inISIDJVy2MBAAB_
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=2591483
expires: Mon, 20 Feb 2023 03:00:02 GMT
last-modified: Wed, 11 Jan 2023 16:07:09 GMT
vary: accept-encoding
content-encoding: gzip
cf-cache-status: HIT
age: 20381
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07eb8a7b517-OSL
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 736 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d9f11125c9ff3df3111f656af780ce9f
c9761f6d8813cf05fde6b7297484306174b130c8
5d6da4771e0c1d8be92559961035a72638b6b1ee7af330ce225789188bd1fc37
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 801
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced0822d6afab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/-/Library-Sites-addnature/default/dw65b950f4/Contentgrafiken/houdini.png
172.64.158.155200 OK 632 B URL HTTP/2 www.addnature.no/on/demandware.static/-/Library-Sites-addnature/default/dw65b950f4/Contentgrafiken/houdini.png
IP 172.64.158.155:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c564f7dfd3467808218c3482a06490b4
21451a477b9085102eff9c3ba82d5598a6517dc5
613f039f86afcca7cbc86caf0becb99a6b385c35e6cd949606e0e7b92f0ddb49
GET /on/demandware.static/-/Library-Sites-addnature/default/dw65b950f4/Contentgrafiken/houdini.png HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==; baqend-speedkit-user-id=UX9kdasxp5peM5rr1kRPic90u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
content-type: image/webp
content-length: 632
cache-control: public, max-age=2578215
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2158
content-disposition: inline; filename="houdini.webp"
cross-origin-resource-policy: cross-origin
expires: Fri, 10 Feb 2023 21:07:01 GMT
last-modified: Tue, 30 Aug 2022 13:14:25 GMT
vary: Accept
x-dw-request-base-id: 0pLAdTk9TWMBAAB_
cf-cache-status: HIT
age: 360714
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced0825c33b517-OSL
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 744 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f8f46939797ba28297284c6963107210
081dbb2e00d34a5a5262418fad22df50ddb68821
97e977b16fedfe33142855dacaf4197e4be31dc2c661c918fafc66b172662e9b
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081cd23fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 844 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ed7e892f7b63c29d63173e03994f927a
72fa171422567260e867c84da0a3f4acb62009a5
3c343b643b055fd1ccf0928f7ffcfe55bc385b271eb0561069645ee15d28a6de
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081cd33fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 471 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
Hash bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1038
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced0827dacfab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-TR28KQD
142.250.74.168200 OK 41 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TR28KQD
IP 142.250.74.168:0
File type ASCII text, with very long lines (4303)
Hash dbe2021dd71a808a559ac30766b3afd3
09be615f8de95d219ea68f2a4268c537a57949e7
23939c5ddd8319c749fbe199a723744838086bb12b90c669348c3f5b59249f28
GET /gtm.js?id=GTM-TR28KQD HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 21 Jan 2023 08:52:34 GMT
expires: Sat, 21 Jan 2023 08:52:34 GMT
cache-control: private, max-age=900
last-modified: Sat, 21 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41436
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 911f79872597ff273606c5fc993c2696
25bdaa8e8b35ff6301c28c4eff8b6246b290b4cd
cffae4464af1e39e02f7ecdf5109a6f964ba431d21d9a96a9fbbc7174e9302c4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161353
Date: Sat, 21 Jan 2023 08:52:34 GMT
Etag: "63cb6798-1d7"
Expires: Mon, 23 Jan 2023 05:41:47 GMT
Last-Modified: Sat, 21 Jan 2023 04:18:32 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RUBPS_IwdztihAvadtG5otDE5CuawmrgCgCEtL7b3zEtY0hUIitugQ==
Age: 4995
e.cquotient.com/recs/bczl-addnature-no/MiniCart-ANO?callback=CQuotient._callback0&_=1674291153404&_device=windows&userId=&cookieId=&emailId=&anchors=id%3A%3AM881808%7C%7Csku%3A%3A%7C%7Ctype%3A%3Avgroup%7C%7Calt_id%3A%3AG1451016&slotId=minicart-einstein-personalized&slotConfigId=Complete%20the%20Set&slotConfigTemplate=slots%2Frecommendation%2Feinstein_minicart.isml&ccver=1.03&realm=BCZL&siteId=addnature-no&instanceType=prd&v=v3.0.1&json=%7B%22userId%22%3A%22%22%2C%22cookieId%22%3A%22%22%2C%22emailId%22%3A%22%22%2C%22anchors%22%3A%5B%7B%22id%22%3A%22M881808%22%2C%22sku%22%3A%22%22%2C%22type%22%3A%22vgroup%22%2C%22alt_id%22%3A%22G1451016%22%7D%5D%2C%22slotId%22%3A%22minicart-einstein-personalized%22%2C%22slotConfigId%22%3A%22Complete%20the%20Set%22%2C%22slotConfigTemplate%22%3A%22slots%2Frecommendation%2Feinstein_minicart.isml%22%2C%22ccver%22%3A%221.03%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%2C%22v%22%3A%22v3.0.1%22%7D
52.19.31.244200 OK 464 B URL HTTP/2 e.cquotient.com/recs/bczl-addnature-no/MiniCart-ANO?callback=CQuotient._callback0&_=1674291153404&_device=windows&userId=&cookieId=&emailId=&anchors=id%3A%3AM881808%7C%7Csku%3A%3A%7C%7Ctype%3A%3Avgroup%7C%7Calt_id%3A%3AG1451016&slotId=minicart-einstein-personalized&slotConfigId=Complete%20the%20Set&slotConfigTemplate=slots%2Frecommendation%2Feinstein_minicart.isml&ccver=1.03&realm=BCZL&siteId=addnature-no&instanceType=prd&v=v3.0.1&json=%7B%22userId%22%3A%22%22%2C%22cookieId%22%3A%22%22%2C%22emailId%22%3A%22%22%2C%22anchors%22%3A%5B%7B%22id%22%3A%22M881808%22%2C%22sku%22%3A%22%22%2C%22type%22%3A%22vgroup%22%2C%22alt_id%22%3A%22G1451016%22%7D%5D%2C%22slotId%22%3A%22minicart-einstein-personalized%22%2C%22slotConfigId%22%3A%22Complete%20the%20Set%22%2C%22slotConfigTemplate%22%3A%22slots%2Frecommendation%2Feinstein_minicart.isml%22%2C%22ccver%22%3A%221.03%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%2C%22v%22%3A%22v3.0.1%22%7D
IP 52.19.31.244:0
File type Unicode text, UTF-8 text, with very long lines (463), with no line terminators
Hash b674591846ca17bee10076d92ae1d0a2
ab3c5be8a579872cf1c414c090f19216b9703182
2784e7589115b2292d8d208aebee51a0e34121efafcdc518efad546fc4830c1b
GET /recs/bczl-addnature-no/MiniCart-ANO?callback=CQuotient._callback0&_=1674291153404&_device=windows&userId=&cookieId=&emailId=&anchors=id%3A%3AM881808%7C%7Csku%3A%3A%7C%7Ctype%3A%3Avgroup%7C%7Calt_id%3A%3AG1451016&slotId=minicart-einstein-personalized&slotConfigId=Complete%20the%20Set&slotConfigTemplate=slots%2Frecommendation%2Feinstein_minicart.isml&ccver=1.03&realm=BCZL&siteId=addnature-no&instanceType=prd&v=v3.0.1&json=%7B%22userId%22%3A%22%22%2C%22cookieId%22%3A%22%22%2C%22emailId%22%3A%22%22%2C%22anchors%22%3A%5B%7B%22id%22%3A%22M881808%22%2C%22sku%22%3A%22%22%2C%22type%22%3A%22vgroup%22%2C%22alt_id%22%3A%22G1451016%22%7D%5D%2C%22slotId%22%3A%22minicart-einstein-personalized%22%2C%22slotConfigId%22%3A%22Complete%20the%20Set%22%2C%22slotConfigTemplate%22%3A%22slots%2Frecommendation%2Feinstein_minicart.isml%22%2C%22ccver%22%3A%221.03%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%2C%22v%22%3A%22v3.0.1%22%7D HTTP/1.1
Host: e.cquotient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
content-type: text/javascript; charset=utf-8
content-length: 464
strict-transport-security: max-age=15552000; includeSubdomains
cache-control: no-store
x-content-type-options: nosniff
etag: W/"1d0-qzxb6KV5hyzxxBTAkPGSFrlwMYI"
vary: Accept-Encoding
x-envoy-upstream-service-time: 11
server: envoy
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce79c93b65e0a573d9392ab97191c430
dc3eed67d60ee0e2d82c4f257ae21fee5c0d2133
d50917be4e2ba3a373d6245824d806d6fd77c8ea5787a10dac53955667da3a50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5660
Cache-Control: max-age=151270
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:34 GMT
Etag: "63cb3d9c-1d7"
Expires: Mon, 23 Jan 2023 02:53:44 GMT
Last-Modified: Sat, 21 Jan 2023 01:19:24 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
www.paypalobjects.com/api/checkout.js
151.101.130.133200 OK 240 kB URL HTTP/2 www.paypalobjects.com/api/checkout.js
IP 151.101.130.133:0
Size 240 kB (239948 bytes)
Hash 1a79f774e86cef470e40f60a7573f57c
04dfedfead801ead6998d693940d937acdbb7142
452c8b8b984b8a666fda43e2ee92f9ac4836a5db0e1a031bb4cb7577b5713725
GET /api/checkout.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: application/javascript; charset=utf-8
etag: W/"6266d4b0-16d23e"
last-modified: Mon, 25 Apr 2022 17:04:48 GMT
paypal-debug-id: adec5d390a355
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000adec5d390a355-336cec9a4b47993f-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 21 Jan 2023 08:52:34 GMT
x-served-by: cache-sjc10020-SJC, cache-bma1646-BMA
x-cache: HIT, HIT
x-cache-hits: 221961, 40
x-timer: S1674291155.585788,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 239948
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 50 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
Hash 8a6331ed48be29c59230b0c7360068de
22a20436f427d6b8e26eb30ed9aab51a43d389bf
72f0818ab04697fc29d331b2add584f3cd5e269446c7297300701a4666c9d95e
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 874
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced0843e9efab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 21:48:03 GMT
expires: Fri, 19 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 126271
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 16 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1769
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced083ae52fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.store/Sites-addnature-no-Site/no_NO/CQRecomm-Start
172.64.158.155200 OK 1.4 kB URL HTTP/2 www.addnature.no/on/demandware.store/Sites-addnature-no-Site/no_NO/CQRecomm-Start
IP 172.64.158.155:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (579)
Hash e4af87759c0c1e5a8b3473e19bc3aa13
5b89e80e4c8573983b3d73fe16229facef9bc51e
da0e0cc3a828f2e0bb1cb8b1eb2e9ea7e5a01d1e3fe697830de386bcb9b03fad
POST /on/demandware.store/Sites-addnature-no-Site/no_NO/CQRecomm-Start HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 57
Origin: https://www.addnature.no
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==; baqend-speedkit-user-id=UX9kdasxp5peM5rr1kRPic90u
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
content-type: text/html;charset=UTF-8
x-dw-request-base-id: inJp-tKny2MBAAB_
set-cookie: __cq_dnt=1; Path=/; Secure; SameSite=None
dw_dnt=1; Path=/; Secure; SameSite=None
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
vary: accept-encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced0843e22b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.paypal.com/tagmanager/pptm.js?id=www.addnature.no&source=checkoutjs&t=xo&v=4.0.336
151.101.65.21200 OK 4.3 kB URL HTTP/2 www.paypal.com/tagmanager/pptm.js?id=www.addnature.no&source=checkoutjs&t=xo&v=4.0.336
IP 151.101.65.21:0
File type ASCII text, with very long lines (12084), with no line terminators
Hash da1b94bdea2eb1769e74df6fbd2c1a2e
4c7f6b5318ffd3d36b6b431f4bd113b55d8f14a7
45cc4e008a654e4ef3f3b3eb0ca92f52ade64445039059b5395b11734b033be4
GET /tagmanager/pptm.js?id=www.addnature.no&source=checkoutjs&t=xo&v=4.0.336 HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-GgUSZqCmZI3wTTYT/JMQmgTS9idUC7odJO//b18g4POaEcjk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type: application/x-javascript; charset=utf-8
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
paypal-debug-id: f147714a12083
traceparent: 00-0000000000000000000f147714a12083-fa3c30fa3337b56b-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 21 Jan 2023 08:52:34 GMT
age: 2072
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220099-HHN, cache-bma1671-BMA
x-cache: HIT, HIT
x-cache-hits: 5, 1
x-timer: S1674291155.860546,VS0,VE3
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f147714a12083-dfae5fc4b77f768f-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 4299
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/default/dw391a04cf/images/favicon.ico
172.64.158.155200 OK 33 kB URL HTTP/2 www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/default/dw391a04cf/images/favicon.ico
IP 172.64.158.155:0
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 4bfc5b21ef15e00621b02805474ed555
e97d8a8afdcfbf5be022e36d221aa3d2ce17edd4
f71bc4fa12082235d766d19a98dfb5bff9734394f52b8195de4da33ab98a05f7
GET /on/demandware.static/Sites-addnature-no-Site/-/default/dw391a04cf/images/favicon.ico HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==; baqend-speedkit-user-id=UX9kdasxp5peM5rr1kRPic90u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
content-type: image/x-icon
x-dw-request-base-id: XQoXm2KXxmMBAAB_
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=2592000
expires: Thu, 16 Feb 2023 12:41:06 GMT
last-modified: Wed, 11 Jan 2023 16:07:09 GMT
vary: accept-encoding
content-encoding: gzip
cf-cache-status: HIT
age: 331888
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=rd9VxtQIGX9qNoBhxdqBvcRxcj1Cn9k9gBpzxKqUTjY-1674291154-0-AVx79gcmnwh8I8jwdsdIam0h2D7Quv-dIHyNwYW83HMIzog6-iZtuOrZhhI-4GTl-La_nLzZBFeccwcAbtLKuslEZlO3dVFeuow8tAkcc5Xl"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=rd9VxtQIGX9qNoBhxdqBvcRxcj1Cn9k9gBpzxKqUTjY-1674291154-0-AVx79gcmnwh8I8jwdsdIam0h2D7Quv-dIHyNwYW83HMIzog6-iZtuOrZhhI-4GTl-La_nLzZBFeccwcAbtLKuslEZlO3dVFeuow8tAkcc5Xl; report-to cf-csp-endpoint
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced085f823b517-OSL
X-Firefox-Spdy: h2
addnature.app.baqend.com/v1/rum/pi
151.101.2.8204 No Content 0 B URL HTTP/2 addnature.app.baqend.com/v1/rum/pi
IP 151.101.2.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/rum/pi HTTP/1.1
Host: addnature.app.baqend.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 305
Origin: https://www.addnature.no
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, max-age=0
accept-ranges: bytes
date: Sat, 21 Jan 2023 08:52:34 GMT
x-served-by: cache-bma1628-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674291155.923482,VS0,VE22
access-control-allow-credentials: true
access-control-allow-origin: https://www.addnature.no
access-control-expose-headers: Location, ETag, Baqend-Authorization-Token, Baqend-Acl, Baqend-Size, Baqend-SW-Control, Baqend-Created-At, Date, Age, Baqend-Speed-Kit, Baqend-Custom-Headers, X-Served-By, X-Cache, X-Timer, Access-Control-Allow-Origin, Fastly-Io-Info, Server-Timing
timing-allow-origin: https://www.addnature.no
via: baqend
server-timing: pop;desc=BMA;dur=22,cache;desc=PASS,proto;desc=h2
X-Firefox-Spdy: h2
addnature.app.baqend.com/v1/bloomfilter?BCB=1&skversion=2.12.1
151.101.2.8200 OK 7.8 kB URL HTTP/2 addnature.app.baqend.com/v1/bloomfilter?BCB=1&skversion=2.12.1
IP 151.101.2.8:0
File type JSON data\012- , ASCII text, with very long lines (10427), with no line terminators
Hash 5a3db169cbc5234b01735ebe1e42d7b5
efc593571b575f28baf0855987d00b29f51d198c
6e4df45855bb88aac2d35c5cd219ca1e00c2e6bb49479fb518a05f8cdc9cf146
GET /v1/bloomfilter?BCB=1&skversion=2.12.1 HTTP/1.1
Host: addnature.app.baqend.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.addnature.no/
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
baqend-speed-kit: cachingId=80b751c1-cf75-4dbb-8589-dd296f318dc3
content-encoding: gzip
content-type: application/json;charset=utf-8
etag: "cc3+8Fg+kZ9DH8kcebkCng==--br"
accept-ranges: bytes
date: Sat, 21 Jan 2023 08:52:34 GMT
age: 31535400
cache-control: public, max-age=0, must-revalidate
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674291155.961413,VS0,VE26
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://www.addnature.no
access-control-expose-headers: Location, ETag, Baqend-Authorization-Token, Baqend-Acl, Baqend-Size, Baqend-SW-Control, Baqend-Created-At, Date, Age, Baqend-Speed-Kit, Baqend-Custom-Headers, X-Served-By, X-Cache, X-Timer, Access-Control-Allow-Origin, Fastly-Io-Info, Server-Timing
timing-allow-origin: https://www.addnature.no
via: baqend
server-timing: pop;desc=BMA;dur=26,cache;desc=MISS,proto;desc=h2
content-length: 7849
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.store/Sites-addnature-no-Site/no_NO/__Analytics-Start?url=https%3A%2F%2Fwww.addnature.no%2Fbergans-roros-dunlys-jakke-med-hette-dame-M881808.html%3Fvgid%3DG1451016%26c%3D816%26_cid%3D22_-1220_236648_236649_236650_4287159_0_kelkoo.no%26utm_source%3Dkelkoo%26utm_medium%3Dpsm%26utm_campaign%3DJakker%2520og%2520Vester%26utm_content%3DBergans%26utm_term%3D1451016&res=1280x1024&cookie=1&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&title=Bergans%20R%C3%B8ros%20dunlys%20jakke%20med%20hette%20Dame%20Orange%20%7C%20addnature.no&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.7799626958244243&cmpn=&tz=Europe/Oslo&pcc=&pct=__ANNONYMOUS__&pcat=236659&pid-0=G1451016&pev-0=event4&dw_dnt=1
172.64.158.155200 OK 35 B URL HTTP/2 www.addnature.no/on/demandware.store/Sites-addnature-no-Site/no_NO/__Analytics-Start?url=https%3A%2F%2Fwww.addnature.no%2Fbergans-roros-dunlys-jakke-med-hette-dame-M881808.html%3Fvgid%3DG1451016%26c%3D816%26_cid%3D22_-1220_236648_236649_236650_4287159_0_kelkoo.no%26utm_source%3Dkelkoo%26utm_medium%3Dpsm%26utm_campaign%3DJakker%2520og%2520Vester%26utm_content%3DBergans%26utm_term%3D1451016&res=1280x1024&cookie=1&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&title=Bergans%20R%C3%B8ros%20dunlys%20jakke%20med%20hette%20Dame%20Orange%20%7C%20addnature.no&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.7799626958244243&cmpn=&tz=Europe/Oslo&pcc=&pct=__ANNONYMOUS__&pcat=236659&pid-0=G1451016&pev-0=event4&dw_dnt=1
IP 172.64.158.155:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /on/demandware.store/Sites-addnature-no-Site/no_NO/__Analytics-Start?url=https%3A%2F%2Fwww.addnature.no%2Fbergans-roros-dunlys-jakke-med-hette-dame-M881808.html%3Fvgid%3DG1451016%26c%3D816%26_cid%3D22_-1220_236648_236649_236650_4287159_0_kelkoo.no%26utm_source%3Dkelkoo%26utm_medium%3Dpsm%26utm_campaign%3DJakker%2520og%2520Vester%26utm_content%3DBergans%26utm_term%3D1451016&res=1280x1024&cookie=1&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&title=Bergans%20R%C3%B8ros%20dunlys%20jakke%20med%20hette%20Dame%20Orange%20%7C%20addnature.no&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.7799626958244243&cmpn=&tz=Europe/Oslo&pcc=&pct=__ANNONYMOUS__&pcat=236659&pid-0=G1451016&pev-0=event4&dw_dnt=1 HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==; baqend-speedkit-user-id=UX9kdasxp5peM5rr1kRPic90u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:35 GMT
content-type: image/gif
content-length: 35
accept-ranges: bytes
x-dw-request-base-id: inJ7-tKny2MBAAB_
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced08688b7b517-OSL
X-Firefox-Spdy: h2
t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Bergans%20R%C3%B8ros%20dunlys%20jakke%20med%20hette%20Dame%20Orange%20%7C%20addnature.no&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1674291154045&g=0&completeurl=https%3A%2F%2Fwww.addnature.no%2Fbergans-roros-dunlys-jakke-med-hette-dame-M881808.html%3Fvgid%3DG1451016%26c%3D816%26_cid%3D22_-1220_236648_236649_236650_4287159_0_kelkoo.no%26utm_source%3Dkelkoo%26utm_medium%3Dpsm%26utm_campaign%3DJakker%2520og%2520Vester%26utm_content%3DBergans%26utm_term%3D1451016&ru=https%3A%2F%2Fwww.addnature.no%2Fbergans-roros-dunlys-jakke-med-hette-dame-M881808.html&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
192.229.221.25200 OK 42 B URL HTTP/2 t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Bergans%20R%C3%B8ros%20dunlys%20jakke%20med%20hette%20Dame%20Orange%20%7C%20addnature.no&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1674291154045&g=0&completeurl=https%3A%2F%2Fwww.addnature.no%2Fbergans-roros-dunlys-jakke-med-hette-dame-M881808.html%3Fvgid%3DG1451016%26c%3D816%26_cid%3D22_-1220_236648_236649_236650_4287159_0_kelkoo.no%26utm_source%3Dkelkoo%26utm_medium%3Dpsm%26utm_campaign%3DJakker%2520og%2520Vester%26utm_content%3DBergans%26utm_term%3D1451016&ru=https%3A%2F%2Fwww.addnature.no%2Fbergans-roros-dunlys-jakke-med-hette-dame-M881808.html&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
IP 192.229.221.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Bergans%20R%C3%B8ros%20dunlys%20jakke%20med%20hette%20Dame%20Orange%20%7C%20addnature.no&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1674291154045&g=0&completeurl=https%3A%2F%2Fwww.addnature.no%2Fbergans-roros-dunlys-jakke-med-hette-dame-M881808.html%3Fvgid%3DG1451016%26c%3D816%26_cid%3D22_-1220_236648_236649_236650_4287159_0_kelkoo.no%26utm_source%3Dkelkoo%26utm_medium%3Dpsm%26utm_campaign%3DJakker%2520og%2520Vester%26utm_content%3DBergans%26utm_term%3D1451016&ru=https%3A%2F%2Fwww.addnature.no%2Fbergans-roros-dunlys-jakke-med-hette-dame-M881808.html&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
date: Sat, 21 Jan 2023 08:52:35 GMT
expires: Sat, 21 Jan 2023 08:52:35 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: a24b0f9557504
pragma: no-cache
server: ECAcc (frc/4CEC)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: ts=vreXpYrS%3D1768985555%26vteXpYrS%3D1674292955%26vr%3Dd387907b1850a980d7644eceffffffff%26vt%3Dd387907b1850a980d7644ecefffffffe; Expires=Wed, 21 Jan 2026 08:52:35 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3Dd387907b1850a980d7644eceffffffff%26vt%3Dd387907b1850a980d7644ecefffffffe; Expires=Wed, 21 Jan 2026 08:52:35 GMT; Domain=.paypal.com; Path=/; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000a24b0f9557504-a2858f10458f0eda-01
content-length: 42
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 5f07e5fa27a4a1312fbaef4fc3580f14
2159df845cfab753126e668a533df77f90fe2c05
eb7830328d3bde932264c24cdb121a59e8b6e01fdf569951044e5884fb541251
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 21 Jan 2023 08:52:35 GMT
Last-Modified: Sat, 21 Jan 2023 07:58:55 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -GD3fVEH-S4MflrzxX0cVUGrMCtU6lf9SPTwOkC2qJRDpB4LTWyM6A==
Age: 3220
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 5f07e5fa27a4a1312fbaef4fc3580f14
2159df845cfab753126e668a533df77f90fe2c05
eb7830328d3bde932264c24cdb121a59e8b6e01fdf569951044e5884fb541251
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 21 Jan 2023 08:52:35 GMT
Last-Modified: Sat, 21 Jan 2023 08:25:33 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: W4MpfN1guCUeY9lB1ZUrxPqUlIWU0M8a5oPr1oLDqs1sJ0U-v1tmFA==
Age: 1622
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5422c49666fc195ae94aa0f5cf837bfc
e0f1dd926cd9328ccf9cc99389337056c62f1043
f639aad2dc85708fa922b793660f13ae597f275a8ebf61e7e72fb2bce257cc76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5422c49666fc195ae94aa0f5cf837bfc
e0f1dd926cd9328ccf9cc99389337056c62f1043
f639aad2dc85708fa922b793660f13ae597f275a8ebf61e7e72fb2bce257cc76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
events.demoup.com/callback/pageload_event
3.67.145.13200 OK 0 B URL HTTP/2 events.demoup.com/callback/pageload_event
IP 3.67.145.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /callback/pageload_event HTTP/1.1
Host: events.demoup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-requested-with
Referer: https://www.addnature.no/
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:35 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 6000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cache-control: public,max-age=3600,must-revalidate
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 21 Jan 2023 08:52:35 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
events.demoup.com/callback/pageload_event
3.67.145.13200 OK 0 B URL HTTP/2 events.demoup.com/callback/pageload_event
IP 3.67.145.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /callback/pageload_event HTTP/1.1
Host: events.demoup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.addnature.no/
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Origin: https://www.addnature.no
Content-Length: 486
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:35 GMT
content-type: text/plain
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 6000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cache-control: public,max-age=3600,must-revalidate
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a480492b59a0687ae484aa2fef4f7ea4
3b54a4f155cabb8c15471c185425587ccc78204f
6d40eda1a2b1a29a1edf8277f979c4fb62185019eee238bdf2e90c1ab6634e37
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 21 Jan 2023 08:52:35 GMT
server: ESF
cache-control: private
content-length: 31355
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5422c49666fc195ae94aa0f5cf837bfc
e0f1dd926cd9328ccf9cc99389337056c62f1043
f639aad2dc85708fa922b793660f13ae597f275a8ebf61e7e72fb2bce257cc76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1d497e2648111e44540f16f2e308d48d
7ac7e9c0b63e8c182d21663337a7287b4875d0ea
0d4e307a6db13e144d77981270004f6b8c74ee977ad4c59c655946c6206746c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/oe_UDGKRqI0/maxresdefault.webp
142.250.74.54200 OK 113 kB URL HTTP/2 i.ytimg.com/vi_webp/oe_UDGKRqI0/maxresdefault.webp
IP 142.250.74.54:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 113 kB (112752 bytes)
Hash e68fd176ca4027bd423f2db367a40391
f2553e3a40bc5fb1df2780741cdd2fb96ae44b3a
a8c25e2f17f30d3e5056ac63442f6a6ab106fbec0e8c517f3d67ea30c8ffc938
GET /vi_webp/oe_UDGKRqI0/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 112752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 08:52:35 GMT
expires: Sat, 21 Jan 2023 10:52:35 GMT
cache-control: public, max-age=7200
etag: "1460978506"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1d497e2648111e44540f16f2e308d48d
7ac7e9c0b63e8c182d21663337a7287b4875d0ea
0d4e307a6db13e144d77981270004f6b8c74ee977ad4c59c655946c6206746c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b6b06a47d5f35483956c51ae6b96af06
e49f5f703895b470f0afafe0d2182f0f49383b2c
b14f34188f8acb034cc830f2fb93521063d1089be92f0fac7b3e306d54ea8944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 34a6ffa8918b00f3f6d21bd90db799f4
6573697e6488b07ba3551ca7fea9b89220494b3a
dff7862c0cfa5ae27f6e8daef94bf0cd05000b667dbabd62a673ec0354e4873b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js
216.58.207.228200 OK 14 kB URL HTTP/2 www.google.com/js/th/hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js
IP 216.58.207.228:0
File type ASCII text, with very long lines (36392)
Hash 224f0c569b57002328a0d93922ad4f85
49f653f477e53d804034c7daf3f6ff850693ea48
367eb30e42b960d0cf60b3bd0f2dd41b61101f15285358dffeb2309b428533a0
GET /js/th/hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14417
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 05:49:32 GMT
expires: Tue, 16 Jan 2024 05:49:32 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
age: 442983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu_DLmJbcipYg5FUehKXmQuQAYxtPBks7TfeGtYP_w=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.1 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_DLmJbcipYg5FUehKXmQuQAYxtPBks7TfeGtYP_w=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash a2386765c883bf245e927da869b1f35b
df8614369e1b821f4ad3c9353f1585e57bfaa1ad
afbc56c1afdd0727f607d0dc3cc1ea88d434d0e3722e1b22597c71998ac48359
GET /ytc/AMLnZu_DLmJbcipYg5FUehKXmQuQAYxtPBks7TfeGtYP_w=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2107
x-xss-protection: 0
date: Sat, 21 Jan 2023 06:38:08 GMT
expires: Fri, 20 Jan 2023 10:37:30 GMT
cache-control: public, max-age=86400, no-transform
age: 8067
etag: "v181"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b6b06a47d5f35483956c51ae6b96af06
e49f5f703895b470f0afafe0d2182f0f49383b2c
b14f34188f8acb034cc830f2fb93521063d1089be92f0fac7b3e306d54ea8944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
172.217.21.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 172.217.21.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 21 Jan 2023 08:52:35 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
104.16.149.64200 OK 83 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
IP 104.16.149.64:0
File type ASCII text, with very long lines (65455)
Hash a58f11af8dfc87b55bd9a7441435b554
737c48d246312f799c01880dfe66276e42a0c2fc
1fdd13d6f164e9d5e108aee5d513dea3af1298b3f07a71107ebe265847b982d7
GET /scripttemplates/6.13.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.addnature.no/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:35 GMT
content-type: application/javascript
content-length: 82575
content-encoding: gzip
content-md5: pY8Rr438h7Vb2adEFDW1VA==
last-modified: Thu, 28 Jan 2021 07:38:02 GMT
etag: 0x8D8C35FA49267C6
x-ms-request-id: f1052a54-201e-0041-4f6c-c4f0f5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 25147
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78ced08baf77b511-OSL
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
172.217.21.170200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 172.217.21.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6fc2daa6b9467be7892ac34fe680faac
b0c1be2ddcf8cefa13b4f7ffd7ca82326d1ae426
7508c58f8ab3541870c5055517a716adef1a11aaeebdb18e4b7337ad026ab886
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1280
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 21 Jan 2023 08:52:35 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a2370e9531e92040565978c4bd77c7a2
1fe53d3b4fe24c0d2356094136bdb69762b193d7
526743fb7ff26e836ef361a28dde08076cf5dfc6c4e87f855beb43cca8f57719
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2283
Cache-Control: max-age=92070
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:52:35 GMT
Etag: "63ca638e-116"
Expires: Sun, 22 Jan 2023 10:27:05 GMT
Last-Modified: Fri, 20 Jan 2023 09:49:02 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
addnature.app.baqend.com/v1/asset/https://www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/css/style.min.css?bqcv=7eb1c203&bqsk=2.12.1&bqpi=1
151.101.2.8200 OK 60 kB URL HTTP/2 addnature.app.baqend.com/v1/asset/https://www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/css/style.min.css?bqcv=7eb1c203&bqsk=2.12.1&bqpi=1
IP 151.101.2.8:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e10862325818e0453a0d786e66c5243d
72ffa7e0b2b30673f02fc7017416a0af5a63f283
d0a981be7325ffa80afef326b87362ed866641cb472b22bf81cb761af4b9506f
GET /v1/asset/https://www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/css/style.min.css?bqcv=7eb1c203&bqsk=2.12.1&bqpi=1 HTTP/1.1
Host: addnature.app.baqend.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.addnature.no/
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
baqend-created-at: Sat, 21 Jan 2023 03:32:01 GMT
baqend-size: 59674
baqend-sw-control: immutable
content-encoding: gzip
content-type: text/css
last-modified: Sat, 21 Jan 2023 03:32:01 GMT
etag: "e10862325818e0453a0d786e66c5243d--br"
accept-ranges: bytes
date: Sat, 21 Jan 2023 08:52:35 GMT
age: 30946834
cache-control: public,browser-ttl=1800,sw-max-age=31536000,max-age=30948634
x-served-by: cache-bma1628-BMA
x-cache: STORAGE, HIT
x-cache-hits: 1
x-timer: S1674291156.826406,VS0,VE15
access-control-allow-credentials: true
access-control-allow-origin: https://www.addnature.no
access-control-expose-headers: Location, ETag, Baqend-Authorization-Token, Baqend-Acl, Baqend-Size, Baqend-SW-Control, Baqend-Created-At, Date, Age, Baqend-Speed-Kit, Baqend-Custom-Headers, X-Served-By, X-Cache, X-Timer, Access-Control-Allow-Origin, Fastly-Io-Info, Server-Timing
timing-allow-origin: https://www.addnature.no
via: baqend
server-timing: pop;desc=BMA;dur=15,cache;desc=EDGE,hotness;desc=1,proto;desc=h2
content-length: 59674
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 37 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 544c4d3e3b21ea79215b909c27520864
af97e38715134d67557091881c3beec280dbad8e
2f57bbfdf7d409d57d3566db896f9a995ba2f3e08e433e903c452c56a2c98e06
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 735
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:35 GMT
server: cloudflare
cf-ray: 78ced08c1808b511-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 41 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 55f933a5194b94ef67f7ee3bf3485318
af5e445962ca515a536a55cc160a25bbfffd4571
b01b07ea8e80374f7ffce1ca4d310a0346ac11f8f2a1952814c19da8fe4b51a9
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 989
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
server: cloudflare
cf-ray: 78ced07f6b6ffab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
172.64.158.155200 OK 71 kB URL HTTP/2 www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
IP 172.64.158.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4698)
Hash 6476a8aee1f3f6433d00c9698a2e85ba
22ef8227863815dd19a417c8e72f9c00525328d9
48ee9f30bdcd204ad27b581fa23b10bbbe4d466059e20cef89e4bbaf68ccaf0d
GET /bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016 HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: text/html;charset=UTF-8
set-cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; Path=/; Secure; SameSite=None
dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; Version=1; Comment="Demandware anonymous cookie for site Sites-addnature-no-Site"; Max-Age=15552000; Expires=Thu, 20-Jul-2023 08:52:32 GMT; Path=/; Secure; SameSite=None
__anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; Path=/; Secure; SameSite=None
__cq_dnt=1; Path=/; Secure; SameSite=None
dw_dnt=1; Path=/; Secure; SameSite=None
dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==; path=/; HttpOnly; Secure; SameSite=None
x-dw-request-base-id: inIq-tCny2MBAAB_
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM; report-to cf-csp-endpoint
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07c2decb517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 844
Origin: https://www.addnature.no
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:36 GMT
server: cloudflare
cf-ray: 78ced08d3c19fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.13.0/assets/otCenterRounded.json
104.16.149.64200 OK 2.4 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.13.0/assets/otCenterRounded.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (6953)
Hash 2f4b19c0aa84bdbf460ff20071904255
2fc7b945a00ccf38db407041b962f843ac543c2a
7d75a226a06e2adfa4bd5cc2a2af65b8f2beaccad3d5f682358ce295ee455901
GET /scripttemplates/6.13.0/assets/otCenterRounded.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.addnature.no/
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:36 GMT
content-type: application/json
content-length: 2421
content-encoding: gzip
content-md5: L0sZwKqEvb9GD/IAcZBCVQ==
last-modified: Thu, 28 Jan 2021 07:37:53 GMT
etag: 0x8D8C35F9F60BD54
x-ms-request-id: f68fe6c0-901e-0035-526c-c476b3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 11431
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78ced08e0af5b4ee-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.13.0/assets/v2/otPcCenter.json
104.16.149.64200 OK 11 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.13.0/assets/v2/otPcCenter.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (36778)
Hash 5fa0fcea021af17395aa6eebd557f2ce
532efeb0fb93845d49ea6c1a0b12e6103e807142
0fad0f82cd0a0c70177dfd204e69328544e14a61726dab90dce658faf9f5ded5
GET /scripttemplates/6.13.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.addnature.no/
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:36 GMT
content-type: application/json
content-length: 11379
content-encoding: gzip
content-md5: X6D86gIa8XOVqm7r1Vfyzg==
last-modified: Thu, 28 Jan 2021 07:37:55 GMT
etag: 0x8D8C35FA082B4FE
x-ms-request-id: 59a9a207-301e-0099-0e6c-c45724000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 8500
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78ced08e0af6b4ee-OSL
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.store/Sites-addnature-no-Site/no_NO/__Analytics-Start?url=https%3A%2F%2Fwww.addnature.no%2Fbergans-roros-dunlys-jakke-med-hette-dame-M881808.html%3Fvgid%3DG1451016%26c%3D816%26_cid%3D22_-1220_236648_236649_236650_4287159_0_kelkoo.no%26utm_source%3Dkelkoo%26utm_medium%3Dpsm%26utm_campaign%3DJakker%2520og%2520Vester%26utm_content%3DBergans%26utm_term%3D1451016&res=1280x1024&cookie=1&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&title=Bergans%20R%C3%B8ros%20dunlys%20jakke%20med%20hette%20Dame%20Orange%20%7C%20addnature.no&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.7071094784218462&cmpn=&tz=Europe/Oslo&pcc=&pct=__ANNONYMOUS__&pcat=236659&dw_dnt=1
172.64.158.155200 OK 35 B URL HTTP/2 www.addnature.no/on/demandware.store/Sites-addnature-no-Site/no_NO/__Analytics-Start?url=https%3A%2F%2Fwww.addnature.no%2Fbergans-roros-dunlys-jakke-med-hette-dame-M881808.html%3Fvgid%3DG1451016%26c%3D816%26_cid%3D22_-1220_236648_236649_236650_4287159_0_kelkoo.no%26utm_source%3Dkelkoo%26utm_medium%3Dpsm%26utm_campaign%3DJakker%2520og%2520Vester%26utm_content%3DBergans%26utm_term%3D1451016&res=1280x1024&cookie=1&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&title=Bergans%20R%C3%B8ros%20dunlys%20jakke%20med%20hette%20Dame%20Orange%20%7C%20addnature.no&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.7071094784218462&cmpn=&tz=Europe/Oslo&pcc=&pct=__ANNONYMOUS__&pcat=236659&dw_dnt=1
IP 172.64.158.155:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /on/demandware.store/Sites-addnature-no-Site/no_NO/__Analytics-Start?url=https%3A%2F%2Fwww.addnature.no%2Fbergans-roros-dunlys-jakke-med-hette-dame-M881808.html%3Fvgid%3DG1451016%26c%3D816%26_cid%3D22_-1220_236648_236649_236650_4287159_0_kelkoo.no%26utm_source%3Dkelkoo%26utm_medium%3Dpsm%26utm_campaign%3DJakker%2520og%2520Vester%26utm_content%3DBergans%26utm_term%3D1451016&res=1280x1024&cookie=1&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&title=Bergans%20R%C3%B8ros%20dunlys%20jakke%20med%20hette%20Dame%20Orange%20%7C%20addnature.no&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.7071094784218462&cmpn=&tz=Europe/Oslo&pcc=&pct=__ANNONYMOUS__&pcat=236659&dw_dnt=1 HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Connection: keep-alive
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==; baqend-speedkit-user-id=UX9kdasxp5peM5rr1kRPic90u
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:36 GMT
content-type: image/gif
content-length: 35
accept-ranges: bytes
x-dw-request-base-id: inKu-tOny2MBAAB_
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced08dea5ab517-OSL
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.store/Sites-addnature-no-Site/no_NO/Consent-HandleConsent
172.64.158.155200 OK 16 B URL HTTP/2 www.addnature.no/on/demandware.store/Sites-addnature-no-Site/no_NO/Consent-HandleConsent
IP 172.64.158.155:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /on/demandware.store/Sites-addnature-no-Site/no_NO/Consent-HandleConsent HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------151705910131000454312876642476
Content-Length: 183
Origin: https://www.addnature.no
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Connection: keep-alive
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==; baqend-speedkit-user-id=UX9kdasxp5peM5rr1kRPic90u; OptanonConsent=isIABGlobal=false&datestamp=Sat+Jan+21+2023+08%3A52%3A35+GMT%2B0000+(Coordinated+Universal+Time)&version=6.13.0&hosts=&consentId=c09366bc-5504-4a1d-a8a2-489968c06529&interactionCount=0&landingPath=https%3A%2F%2Fwww.addnature.no%2Fbergans-roros-dunlys-jakke-med-hette-dame-M881808.html%3Fvgid%3DG1451016%26c%3D816%26_cid%3D22_-1220_236648_236649_236650_4287159_0_kelkoo.no%26utm_source%3Dkelkoo%26utm_medium%3Dpsm%26utm_campaign%3DJakker%2520og%2520Vester%26utm_content%3DBergans%26utm_term%3D1451016&groups=C0002%3A0%2CC0004%3A0%2CC0003%3A0%2CC0001%3A1
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:36 GMT
content-type: application/json
content-length: 16
accept-ranges: bytes
x-dw-request-base-id: inKz-tOny2MBAAB_
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
set-cookie: __cq_dnt=1; Path=/; Secure; SameSite=None
dw_dnt=1; Path=/; Secure; SameSite=None
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced08e9b14b517-OSL
X-Firefox-Spdy: h2
addnature.app.baqend.com/v1/asset/https://cdn.cquotient.com/js/v2/gretel.min.js?bqcv=7eb1c203&bqsk=2.12.1
151.101.2.8200 OK 19 kB URL HTTP/2 addnature.app.baqend.com/v1/asset/https://cdn.cquotient.com/js/v2/gretel.min.js?bqcv=7eb1c203&bqsk=2.12.1
IP 151.101.2.8:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 0b5649a6c84f8da2120ac06540d86f79
70cafc5d8a61e7d21ec979b365ce152f8c7ac131
23ef389c1341676088655a06f1734979a7e3499ee6824c501ccb3f3e29de04e3
GET /v1/asset/https://cdn.cquotient.com/js/v2/gretel.min.js?bqcv=7eb1c203&bqsk=2.12.1 HTTP/1.1
Host: addnature.app.baqend.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.addnature.no/
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
baqend-created-at: Tue, 6 Dec 2022 13:58:48 GMT
baqend-custom-headers: {"createdat":"1670335128.752"}
baqend-size: 18678
content-encoding: gzip
content-type: application/javascript
createdat: 1670335128.752
last-modified: Wed, 18 Jan 2023 16:12:03 GMT
etag: "0b5649a6c84f8da2120ac06540d86f79--br"
accept-ranges: bytes
date: Sat, 21 Jan 2023 08:52:36 GMT
age: 30949946
cache-control: public,browser-ttl=1800,sw-max-age=31536000,max-age=30951746
x-served-by: cache-bma1679-BMA
x-cache: STORAGE, HIT
x-cache-hits: 13
x-timer: S1674291156.377092,VS0,VE1
access-control-allow-credentials: true
access-control-allow-origin: https://www.addnature.no
access-control-expose-headers: Location, ETag, Baqend-Authorization-Token, Baqend-Acl, Baqend-Size, Baqend-SW-Control, Baqend-Created-At, Date, Age, Baqend-Speed-Kit, Baqend-Custom-Headers, X-Served-By, X-Cache, X-Timer, Access-Control-Allow-Origin, Fastly-Io-Info, Server-Timing
timing-allow-origin: https://www.addnature.no
via: baqend
server-timing: pop;desc=BMA;dur=1,cache;desc=EDGE,hotness;desc=13,proto;desc=h2
content-length: 18678
X-Firefox-Spdy: h2
addnature.app.baqend.com/v1/speedkit/sw.js?r=7eb1c203-45d0-4d69-be72-96a11a00010c&v=2.12.1&gr=A
151.101.130.8200 OK 31 kB URL HTTP/2 addnature.app.baqend.com/v1/speedkit/sw.js?r=7eb1c203-45d0-4d69-be72-96a11a00010c&v=2.12.1&gr=A
IP 151.101.130.8:0
File type ASCII text, with very long lines (65478)
Hash 0f796fd1ee0ccad324781f503bda66b1
faf7433dd66e88dc5691163ba54979d2dbc55d5c
02e5cf3b764b861984fdf490f7bf9fd21e653f1a7fe02d23a2a0de7f3830fe01
GET /v1/speedkit/sw.js?r=7eb1c203-45d0-4d69-be72-96a11a00010c&v=2.12.1&gr=A HTTP/1.1
Host: addnature.app.baqend.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=31536000,sw-max-age=31536000
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
etag: "QnuOZnGdbOqxbLLPw9UYAA==--br"
accept-ranges: bytes
date: Sat, 21 Jan 2023 08:52:36 GMT
age: 433123
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1098
x-timer: S1674291156.444156,VS0,VE1
vary: Accept-Encoding, Origin
via: baqend
server-timing: pop;desc=BMA;dur=1,cache;desc=EDGE,hotness;desc=1098,proto;desc=h2
content-length: 31194
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081bd1bfab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081bd1cfab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/internal/jscript/dwanalytics-22.2.js
172.64.158.155200 OK 0 B URL HTTP/2 www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/internal/jscript/dwanalytics-22.2.js
IP 172.64.158.155:0
GET /on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/internal/jscript/dwanalytics-22.2.js HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: application/javascript
cache-control: public, max-age=2591487
cf-bgj: minify
cf-polished: origSize=6582
cross-origin-resource-policy: cross-origin
expires: Mon, 20 Feb 2023 03:00:07 GMT
last-modified: Sat, 21 Jan 2023 03:00:07 GMT
vary: accept-encoding
x-dw-request-base-id: inL3IDdVy2MBAAB_
cf-cache-status: HIT
age: 20381
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07ef8e6b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cquotient.com/js/v2/gretel.min.js
54.230.81.159200 OK 0 B URL HTTP/2 cdn.cquotient.com/js/v2/gretel.min.js
IP 54.230.81.159:0
GET /js/v2/gretel.min.js HTTP/1.1
Host: cdn.cquotient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 21 Jan 2023 08:10:43 GMT
last-modified: Wed, 18 Jan 2023 16:09:21 GMT
etag: W/"0497920c3a1175f967fd3029b4026318"
x-amz-server-side-encryption: AES256
cache-control: max-age=3600
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZcuJYp3P4EqPbGVILu2MRqEAq4qNXZoCn5jK2Bh1zwanDp8dm4oowg==
age: 2511
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/svg/symbol/icons.svg
172.64.158.155200 OK 0 B URL HTTP/2 www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/svg/symbol/icons.svg
IP 172.64.158.155:0
GET /on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/svg/symbol/icons.svg HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: image/svg+xml
x-dw-request-base-id: XQptHihVy2MBAAB_
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=2591926
expires: Mon, 20 Feb 2023 02:59:52 GMT
last-modified: Wed, 11 Jan 2023 16:07:09 GMT
cf-cache-status: HIT
age: 20381
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=ZPxdcfospv.umyzg2QYGcKURtcNc0KrVZjUJkt3_t9U-1674291153-0-Ae7Tawd71jFV4R-qBiUo--4dxlPdcD2o_U9Jf4g4HaLH-Lko54-zo_GDNChzNlc7tcgY5cvSENTurAu1yN3WnOn0elrQXFZ-sgvQvQYDPp6k"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=ZPxdcfospv.umyzg2QYGcKURtcNc0KrVZjUJkt3_t9U-1674291153-0-Ae7Tawd71jFV4R-qBiUo--4dxlPdcD2o_U9Jf4g4HaLH-Lko54-zo_GDNChzNlc7tcgY5cvSENTurAu1yN3WnOn0elrQXFZ-sgvQvQYDPp6k; report-to cf-csp-endpoint
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07f692cb517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/js/productdetails.js
172.64.158.155200 OK 0 B URL HTTP/2 www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/js/productdetails.js
IP 172.64.158.155:0
GET /on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/js/productdetails.js HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==; baqend-speedkit-user-id=UX9kdasxp5peM5rr1kRPic90u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
content-type: application/javascript
cache-control: public, max-age=2591648
cf-bgj: minify
cf-polished: origSize=102184
cross-origin-resource-policy: cross-origin
expires: Mon, 20 Feb 2023 03:02:50 GMT
last-modified: Wed, 11 Jan 2023 16:07:09 GMT
vary: accept-encoding
x-dw-request-base-id: inKRPtpVy2MBAAB_
cf-cache-status: HIT
age: 20382
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced0815b1fb517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081cd2cfab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 988
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
server: cloudflare
cf-ray: 78ced07f5b61fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
widgets.trustedshops.com/reviews/tsSticker/tsProductStickerSummary.js
143.204.55.60200 OK 0 B URL HTTP/2 widgets.trustedshops.com/reviews/tsSticker/tsProductStickerSummary.js
IP 143.204.55.60:0
GET /reviews/tsSticker/tsProductStickerSummary.js HTTP/1.1
Host: widgets.trustedshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 16 Nov 2021 07:59:27 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sat, 21 Jan 2023 08:01:09 GMT
etag: W/"3187a0bc20d24ed887ab98a23e20fd1d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LCs8iTpqbQ8Banm5bEp2Iq2u8Pk5lBj2Jj1RL7LZNvU2mWKLIHaRZw==
age: 3085
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 990
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
server: cloudflare
cf-ray: 78ced07fcb97fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 988
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
server: cloudflare
cf-ray: 78ced07f5b5ffab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 989
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
server: cloudflare
cf-ray: 78ced07f5b66fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/-/Library-Sites-addnature/no_NO/v1674269784959/topfeature-icons/f_2950.svg
172.64.158.155404 Not Found 0 B URL HTTP/2 www.addnature.no/on/demandware.static/-/Library-Sites-addnature/no_NO/v1674269784959/topfeature-icons/f_2950.svg
IP 172.64.158.155:0
GET /on/demandware.static/-/Library-Sites-addnature/no_NO/v1674269784959/topfeature-icons/f_2950.svg HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sat, 21 Jan 2023 08:52:34 GMT
content-type: text/html;charset=ISO-8859-1
vary: Accept-Encoding
x-dw-request-base-id: inJF-tGny2MBAAB_
cross-origin-resource-policy: cross-origin
x-error: 1
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=RKpvlBdTxRYme3Ex9aanFoLvE0pQgr4PNns09UDQG6g-1674291154-0-AWaXXPpuuglWPIir9ZKGdgstovJpCRAkmrn8FRzpWVI5hYvZISbXjb22wOtuBjFTj-Ee9Aj3HZHlLuCwjy9S9hz0Xs7QsuBZSjzdEaR7i_C1"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=RKpvlBdTxRYme3Ex9aanFoLvE0pQgr4PNns09UDQG6g-1674291154-0-AWaXXPpuuglWPIir9ZKGdgstovJpCRAkmrn8FRzpWVI5hYvZISbXjb22wOtuBjFTj-Ee9Aj3HZHlLuCwjy9S9hz0Xs7QsuBZSjzdEaR7i_C1; report-to cf-csp-endpoint
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07ed8cfb517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 991
Origin: https://www.addnature.no
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:36 GMT
server: cloudflare
cf-ray: 78ced08d3c1bfab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 740
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
server: cloudflare
cf-ray: 78ced07f6b6bfab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 886
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced084ef0cfab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081dd3efab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.addnature.no/wrapper-sw.js?r=7eb1c203-45d0-4d69-be72-96a11a00010c&v=2.12.1&gr=A
172.64.158.155200 OK 0 B URL HTTP/2 www.addnature.no/wrapper-sw.js?r=7eb1c203-45d0-4d69-be72-96a11a00010c&v=2.12.1&gr=A
IP 172.64.158.155:0
GET /wrapper-sw.js?r=7eb1c203-45d0-4d69-be72-96a11a00010c&v=2.12.1&gr=A HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==; baqend-speedkit-user-id=UX9kdasxp5peM5rr1kRPic90u
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
content-type: text/javascript;charset=UTF-8
content-security-policy: frame-ancestors 'self'
x-dw-request-base-id: inJgbwpXy2MBAAB_
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
last-modified: Sat, 21 Jan 2023 08:52:34 GMT
cf-cache-status: MISS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced0846e68b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.addnature.no/wrapper-sw.js?r=7eb1c203-45d0-4d69-be72-96a11a00010c&v=2.12.1&gr=A
172.64.158.155200 OK 0 B URL HTTP/2 www.addnature.no/wrapper-sw.js?r=7eb1c203-45d0-4d69-be72-96a11a00010c&v=2.12.1&gr=A
IP 172.64.158.155:0
GET /wrapper-sw.js?r=7eb1c203-45d0-4d69-be72-96a11a00010c&v=2.12.1&gr=A HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==; baqend-speedkit-user-id=UX9kdasxp5peM5rr1kRPic90u; OptanonConsent=isIABGlobal=false&datestamp=Sat+Jan+21+2023+08%3A52%3A35+GMT%2B0000+(Coordinated+Universal+Time)&version=6.13.0&hosts=&consentId=c09366bc-5504-4a1d-a8a2-489968c06529&interactionCount=0&landingPath=https%3A%2F%2Fwww.addnature.no%2Fbergans-roros-dunlys-jakke-med-hette-dame-M881808.html%3Fvgid%3DG1451016%26c%3D816%26_cid%3D22_-1220_236648_236649_236650_4287159_0_kelkoo.no%26utm_source%3Dkelkoo%26utm_medium%3Dpsm%26utm_campaign%3DJakker%2520og%2520Vester%26utm_content%3DBergans%26utm_term%3D1451016&groups=C0002%3A0%2CC0004%3A0%2CC0003%3A0%2CC0001%3A1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:36 GMT
content-type: text/javascript;charset=UTF-8
content-security-policy: frame-ancestors 'self'
x-dw-request-base-id: inJgbwpXy2MBAAB_
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
last-modified: Sat, 21 Jan 2023 08:52:36 GMT
cf-cache-status: MISS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced08f9c0db517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/js/tns.js
172.64.158.155200 OK 0 B URL HTTP/2 www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/js/tns.js
IP 172.64.158.155:0
GET /on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/js/tns.js HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==; baqend-speedkit-user-id=UX9kdasxp5peM5rr1kRPic90u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cross-origin-resource-policy: cross-origin
expires: Mon, 20 Feb 2023 03:08:43 GMT
last-modified: Wed, 11 Jan 2023 16:07:09 GMT
vary: accept-encoding
x-dw-request-base-id: XQrydTtXy2MBAAB_
cf-cache-status: HIT
age: 20382
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced0815b09b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced0818cf8fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/js/app.js
172.64.158.155200 OK 0 B URL HTTP/2 www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/js/app.js
IP 172.64.158.155:0
GET /on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/js/app.js HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: application/javascript
cache-control: public, max-age=2591506
cf-bgj: minify
cf-polished: origSize=394147
cross-origin-resource-policy: cross-origin
expires: Mon, 20 Feb 2023 03:00:26 GMT
last-modified: Wed, 11 Jan 2023 16:07:09 GMT
vary: accept-encoding
x-dw-request-base-id: inJJJUpVy2MBAAB_
cf-cache-status: HIT
age: 19142
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07ee8dbb517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/internal/jscript/dwac-21.7.js
172.64.158.155200 OK 0 B URL HTTP/2 www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/internal/jscript/dwac-21.7.js
IP 172.64.158.155:0
GET /on/demandware.static/Sites-addnature-no-Site/-/no_NO/v1674269784959/internal/jscript/dwac-21.7.js HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: application/javascript
cache-control: public, max-age=2591483
cf-bgj: minify
cf-polished: origSize=5013
cross-origin-resource-policy: cross-origin
expires: Mon, 20 Feb 2023 03:00:03 GMT
last-modified: Sat, 21 Jan 2023 03:00:03 GMT
vary: accept-encoding
x-dw-request-base-id: XQqmIDNVy2MBAAB_
cf-cache-status: HIT
age: 20381
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07ef8e7b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 989
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
server: cloudflare
cf-ray: 78ced07f5b63fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 989
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
server: cloudflare
cf-ray: 78ced07f5b64fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/default/dw5f3c1696/svg/loader.svg
172.64.158.155200 OK 0 B URL HTTP/2 www.addnature.no/on/demandware.static/Sites-addnature-no-Site/-/default/dw5f3c1696/svg/loader.svg
IP 172.64.158.155:0
GET /on/demandware.static/Sites-addnature-no-Site/-/default/dw5f3c1696/svg/loader.svg HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: image/svg+xml
x-dw-request-base-id: XQqTmmCXxmMBAAB_
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=2592000
expires: Thu, 16 Feb 2023 12:41:04 GMT
last-modified: Wed, 11 Jan 2023 16:07:09 GMT
cf-cache-status: HIT
age: 331889
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07ee8d9b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 726
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
server: cloudflare
cf-ray: 78ced07f6b6cfab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/-/Library-Sites-addnature/no_NO/v1674269784959/topfeature-icons/f_11490.svg
172.64.158.155404 Not Found 0 B URL HTTP/2 www.addnature.no/on/demandware.static/-/Library-Sites-addnature/no_NO/v1674269784959/topfeature-icons/f_11490.svg
IP 172.64.158.155:0
GET /on/demandware.static/-/Library-Sites-addnature/no_NO/v1674269784959/topfeature-icons/f_11490.svg HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sat, 21 Jan 2023 08:52:34 GMT
content-type: text/html;charset=ISO-8859-1
vary: Accept-Encoding
x-dw-request-base-id: inJE-tGny2MBAAB_
cross-origin-resource-policy: cross-origin
x-error: 1
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07ed8d1b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/-/Library-Sites-addnature/no_NO/v1674269784959/topfeature-icons/f_6183.svg
172.64.158.155404 Not Found 0 B URL HTTP/2 www.addnature.no/on/demandware.static/-/Library-Sites-addnature/no_NO/v1674269784959/topfeature-icons/f_6183.svg
IP 172.64.158.155:0
GET /on/demandware.static/-/Library-Sites-addnature/no_NO/v1674269784959/topfeature-icons/f_6183.svg HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sat, 21 Jan 2023 08:52:34 GMT
content-type: text/html;charset=ISO-8859-1
vary: Accept-Encoding
x-dw-request-base-id: XQpg3NGny2MBAAB_
cross-origin-resource-policy: cross-origin
x-error: 1
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07ed8d0b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081cd2efab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced0818cf6fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081bd19fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081dd3dfab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/-/Library-Sites-addnature/no_NO/v1674269784959/tm-js/addnature-no/anno_production.js
172.64.158.155200 OK 0 B URL HTTP/2 www.addnature.no/on/demandware.static/-/Library-Sites-addnature/no_NO/v1674269784959/tm-js/addnature-no/anno_production.js
IP 172.64.158.155:0
GET /on/demandware.static/-/Library-Sites-addnature/no_NO/v1674269784959/tm-js/addnature-no/anno_production.js HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
content-type: application/javascript
cache-control: public, max-age=2591478
cf-bgj: minify
cf-polished: origSize=39692
cross-origin-resource-policy: cross-origin
expires: Mon, 20 Feb 2023 02:59:57 GMT
last-modified: Tue, 30 Aug 2022 13:14:47 GMT
vary: accept-encoding
x-dw-request-base-id: XQpnHy1Vy2MBAAB_
cf-cache-status: HIT
age: 20381
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07eb8a0b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1302
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:33 GMT
server: cloudflare
cf-ray: 78ced07fab83fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.addnature.no/on/demandware.static/-/Library-Sites-addnature/no_NO/v1674269784959/topfeature-icons/f_2949.svg
172.64.158.155404 Not Found 0 B URL HTTP/2 www.addnature.no/on/demandware.static/-/Library-Sites-addnature/no_NO/v1674269784959/topfeature-icons/f_2949.svg
IP 172.64.158.155:0
GET /on/demandware.static/-/Library-Sites-addnature/no_NO/v1674269784959/topfeature-icons/f_2949.svg HTTP/1.1
Host: www.addnature.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.addnature.no/bergans-roros-dunlys-jakke-med-hette-dame-M881808.html?vgid=G1451016&c=816&_cid=22_-1220_236648_236649_236650_4287159_0_kelkoo.no&utm_source=kelkoo&utm_medium=psm&utm_campaign=Jakker%20og%20Vester&utm_content=Bergans&utm_term=1451016
Cookie: sid=XelOwv6cAsiZAdmC7CSbtHkOtmBHhXnjVws; dwanonymous_803bf9f7a6242e90119d6af72a2236f6=abLA6ReCS0PJOhO3jn0dwIxivG; __anact=%5B%7B%22activityType%22%3A%22viewSearch%22%2C%22parameters%22%3A%7B%22cookieId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22searchText%22%3A%221451016_4287171%22%2C%22suggestedSearchText%22%3A%22__UNDEFINED__%22%2C%22products%22%3A%5B%5D%2C%22showProducts%22%3Afalse%2C%22personalized%22%3Afalse%2C%22refinements%22%3A%22%5B%5D%22%2C%22searchID%22%3A%2221613875-c054-46e0-b918-b7cb1e083c22%22%2C%22locale%22%3A%22no_NO%22%2C%22queryLocale%22%3A%22no_NO%22%2C%22realm%22%3A%22BCZL%22%2C%22siteId%22%3A%22addnature-no%22%2C%22instanceType%22%3A%22prd%22%7D%7D%5D; __cq_dnt=1; dw_dnt=1; dwsid=3JQmyCg42nXL49Q215vFvPhz3mqRIaFeBekKNjm0ynSgZHvcyhAW016v2KL2M7oUUBYLgZ7r7azTdbEZm7h5ug==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sat, 21 Jan 2023 08:52:34 GMT
content-type: text/html;charset=ISO-8859-1
vary: Accept-Encoding
x-dw-request-base-id: XQpf3NGny2MBAAB_
cross-origin-resource-policy: cross-origin
x-error: 1
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 78ced07ed8cdb517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
104.18.21.157200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM
IP 104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=OvxST_ZrlSsQP0X.zzsW06t_r8L2edk3c2JbO8aWGHQ-1674291153-0-AZXtlk9_yXZDJyQq6_AEdvPqFsRonb34ccp9PaOpWEFSrd_4J5aBMHyUishPk_38bwcxDzhchOWzKGPtfL3jZ-Nu2B1MqwkLaKqtBGyhknrM HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 953
Origin: https://www.addnature.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:52:34 GMT
server: cloudflare
cf-ray: 78ced081cd25fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2