track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pub34f894808bd64252900ff985e33dd58b&sub2=4b01ed8e_a251613s106
34.141.179.97302 Found 0 B URL HTTP/1.1 track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pub34f894808bd64252900ff985e33dd58b&sub2=4b01ed8e_a251613s106
IP 34.141.179.97:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pub34f894808bd64252900ff985e33dd58b&sub2=4b01ed8e_a251613s106 HTTP/1.1
Host: track.gositego.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 09 Jan 2023 21:48:02 GMT
Content-Length: 0
Connection: keep-alive
X-Adjust-Use-Original-Forwarded-For: 1
Location: https://t3.blowingwnd.com/p.php?p=c:8pnojh5wwryg9ycmq&d=61b86bb2caff0c3520644fec&pid=CLICKID&s=SUBID&pid=63bc8b9288d6b30001f40f65&s=930_4b01ed8e_a251613s106
Set-Cookie: afclick=63bc8b9288d6b30001f40f65; expires=Tue, 09 Jan 2024 21:48:02 GMT; secure; SameSite=None
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8000
Expires: Tue, 10 Jan 2023 00:01:22 GMT
Date: Mon, 09 Jan 2023 21:48:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1f67827b21be68d925837dd729590f2d
dc24511141f5352e496b300d7d7e81b0cffb7475
afb1850e7c16f02d267a1310f1681367ecf598816fc62bd02447ffcd26117a9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFB1850E7C16F02D267A1310F1681367ECF598816FC62BD02447FFCD26117A9F"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11099
Expires: Tue, 10 Jan 2023 00:53:01 GMT
Date: Mon, 09 Jan 2023 21:48:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 09 Jan 2023 21:41:42 GMT
content-type: application/json
age: 380
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89a058935fd04697c87e9441fbb466a9
59b5b08119374b1da34cff7e43a7c6dc80103f6e
3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9285
Expires: Tue, 10 Jan 2023 00:22:47 GMT
Date: Mon, 09 Jan 2023 21:48:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ij15lvfodEORDpXRCZ6z+oC5cXnZvRiu3R416N+44cWdmdy7DePvioQsQRwO+6yw55xXAPHhkJQ=
x-amz-request-id: CBAH22CX4X412GHN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 09 Jan 2023 21:16:22 GMT
age: 1900
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 21:48:02 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fc2156f9a43af959498fa2bd0451a763
68525b128febf90ae7052366a1f2a6fd0b5a7ecd
48e0de781800209da3cb0091a1db3d1f596b42235c36b9467ca607db6da3b7c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48E0DE781800209DA3CB0091A1DB3D1F596B42235C36B9467CA607DB6DA3B7C6"
Last-Modified: Mon, 09 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8507
Expires: Tue, 10 Jan 2023 00:09:49 GMT
Date: Mon, 09 Jan 2023 21:48:02 GMT
Connection: keep-alive
t3.blowingwnd.com/p.php?p=c:8pnojh5wwryg9ycmq&d=61b86bb2caff0c3520644fec&pid=CLICKID&s=SUBID&pid=63bc8b9288d6b30001f40f65&s=930_4b01ed8e_a251613s106
51.161.115.163302 Found 0 B URL HTTP/1.1 t3.blowingwnd.com/p.php?p=c:8pnojh5wwryg9ycmq&d=61b86bb2caff0c3520644fec&pid=CLICKID&s=SUBID&pid=63bc8b9288d6b30001f40f65&s=930_4b01ed8e_a251613s106
IP 51.161.115.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p.php?p=c:8pnojh5wwryg9ycmq&d=61b86bb2caff0c3520644fec&pid=CLICKID&s=SUBID&pid=63bc8b9288d6b30001f40f65&s=930_4b01ed8e_a251613s106 HTTP/1.1
Host: t3.blowingwnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 09 Jan 2023 21:48:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 1217p3t0dz
Raund: xi
Location: https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_4b01ed8e_a251613s106
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 09 Jan 2023 21:33:44 GMT
age: 858
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c2cc4df0ce1f92face9cc4d3427441f
a5175c8241d512a884cb33e652b08e0f430f476a
a354e61e0c6ed0061d0bc4ddb2bfe5f2614db83c9769483c75a08060572d3185
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A354E61E0C6ED0061D0BC4DDB2BFE5F2614DB83C9769483C75A08060572D3185"
Last-Modified: Sun, 08 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3533
Expires: Mon, 09 Jan 2023 22:46:55 GMT
Date: Mon, 09 Jan 2023 21:48:02 GMT
Connection: keep-alive
ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_4b01ed8e_a251613s106
51.83.143.92200 OK 508 B URL HTTP/1.1 ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_4b01ed8e_a251613s106
IP 51.83.143.92:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (558)
Hash 903647f1d5798d074dfdf7b1e1e21901
160b5e0083db6a1d11ff5806c0410a8610fe2780
47857280c3942fdd7add4cc30d4a1d04ef1a20b0110f53926412ac2a145acc5a
Analyzer Verdict Alert quad9 Sinkholed
GET /f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_4b01ed8e_a251613s106 HTTP/1.1
Host: ron.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 21:48:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=63bc8b93bc99bb339c23d15e; expires=Thu, 12-Jan-2023 21:48:03 GMT; Max-Age=259200; path=/; domain=ron.trffclb.com; HttpOnly
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8e0c910ffff02061a1806b1aa8cf9d2
c5bf0e7ad96e89b17a657fcb1e1cd1aa6d15ab89
896f08fa0030a1313df1f05ef47c5d1f11caa9094380fc026b95193164005448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 831
Cache-Control: max-age=127956
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:03 GMT
Etag: "63bbd928-1d7"
Expires: Wed, 11 Jan 2023 09:20:39 GMT
Last-Modified: Mon, 09 Jan 2023 09:06:48 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_4b01ed8e_a251613s106&bv=1
51.83.143.92302 Found 0 B URL HTTP/1.1 ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_4b01ed8e_a251613s106&bv=1
IP 51.83.143.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_4b01ed8e_a251613s106&bv=1 HTTP/1.1
Host: ron.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_4b01ed8e_a251613s106
Cookie: bt-603611c5b7eaf46891533240=63bc8b93bc99bb339c23d15e
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 09 Jan 2023 21:48:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=ron.trffclb.com; HttpOnly
Round: 119cdtswvl
Raund: 12uf2w0vxv-2v5
Location: https://popcash.net/world/go/134600/317194
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d7685abebc990f7b356307a3929ce352
3f84d46bba7d5389271a83b63c10d37e57563216
c62acc72e7e09777c007282001c84803d069b89702236270de9e8671cf447677
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5314
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:03 GMT
Last-Modified: Mon, 09 Jan 2023 20:19:30 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ron.trffclb.com/favicon.ico
51.83.143.92200 OK 20 B URL HTTP/1.1 ron.trffclb.com/favicon.ico
IP 51.83.143.92:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: ron.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_4b01ed8e_a251613s106
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 21:48:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
push.services.mozilla.com/
35.83.217.74101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.217.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CtQgF+2ApBfeFEPVOck/rQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ns9yScevaVnnPu1kewCpIHIOAeQ=
popcash.net/world/go/134600/317194
172.67.194.203301 Moved Permanently 162 B URL HTTP/2 popcash.net/world/go/134600/317194
IP 172.67.194.203:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /world/go/134600/317194 HTTP/1.1
Host: popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ron.trffclb.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 09 Jan 2023 21:48:03 GMT
content-type: text/html
content-length: 162
location: http://ps.popcash.net/go/134600/317194
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05zh5FH1Sl9iTo2IroysNFd62MkCDYk8tw7itQwJVj5ib6F%2BbwKRmLJH%2BQhxpkHSXFmaCXS9sJCY7yjMJvnViOO3N2kPLR9GxZDC1W5KahGsWzumXyvrTnq5P2Q2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78705ff85cdcb512-OSL
X-Firefox-Spdy: h2
ps.popcash.net/go/134600/317194
54.205.43.136200 OK 270 B URL HTTP/1.1 ps.popcash.net/go/134600/317194
IP 54.205.43.136:0
File type HTML document, ASCII text
Hash fd7a42e3dd90c7bd8205577c81d94a6b
f347f80fc4bde9618d2d93ee047ff2a9dc089431
4600ff667c889101935a68cdb12a96335087891791e5eb473c99e0ee5a8cd449
Analyzer Verdict Alert fortinet Malware
GET /go/134600/317194 HTTP/1.1
Host: ps.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 09 Jan 2023 21:48:03 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 270
Connection: keep-alive
ps.popcash.net/ad/ad?p=134600&w=317194&t=3bf1d18ff0ef0bc5&r=&vw=1280&vh=0
54.205.43.136303 See Other 0 B URL HTTP/1.1 ps.popcash.net/ad/ad?p=134600&w=317194&t=3bf1d18ff0ef0bc5&r=&vw=1280&vh=0
IP 54.205.43.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ad/ad?p=134600&w=317194&t=3bf1d18ff0ef0bc5&r=&vw=1280&vh=0 HTTP/1.1
Host: ps.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ps.popcash.net/go/134600/317194
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Date: Mon, 09 Jan 2023 21:48:04 GMT
Location: http://leont-pfd.com/zcvisitor/4b74f222-9067-11ed-8f86-0a410dd5d4a3/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=484dcef0-98c9-11ec-814f-12beee04f19b#pc151445
Server: nginx
Content-Length: 0
Connection: keep-alive
leont-pfd.com/zcvisitor/4b74f222-9067-11ed-8f86-0a410dd5d4a3/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=484dcef0-98c9-11ec-814f-12beee04f19b
52.7.54.238302 0 B URL HTTP/1.1 leont-pfd.com/zcvisitor/4b74f222-9067-11ed-8f86-0a410dd5d4a3/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=484dcef0-98c9-11ec-814f-12beee04f19b
IP 52.7.54.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /zcvisitor/4b74f222-9067-11ed-8f86-0a410dd5d4a3/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=484dcef0-98c9-11ec-814f-12beee04f19b HTTP/1.1
Host: leont-pfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ps.popcash.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Mon, 09 Jan 2023 21:48:04 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://geotrkclknow.com/rot/ZrYlOOwRni7p0sNB
Server: abNkrgvw
ocsp.pki.goog/s/gts1p5/_jvK7pzkejU
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/_jvK7pzkejU
IP 142.250.74.131:0
Hash ebe4de9d8e4c92ca49cc250697acfec3
d3af28e16760cda379410d19e7ed439b97b34ffd
10d9794ec452fa803ab852ab2dc0bc967db35790bd45dec08605b97453c6226d
POST /s/gts1p5/_jvK7pzkejU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/_jvK7pzkejU
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/_jvK7pzkejU
IP 142.250.74.131:0
Hash ebe4de9d8e4c92ca49cc250697acfec3
d3af28e16760cda379410d19e7ed439b97b34ffd
10d9794ec452fa803ab852ab2dc0bc967db35790bd45dec08605b97453c6226d
POST /s/gts1p5/_jvK7pzkejU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13616
Expires: Tue, 10 Jan 2023 01:35:00 GMT
Date: Mon, 09 Jan 2023 21:48:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13616
Expires: Tue, 10 Jan 2023 01:35:00 GMT
Date: Mon, 09 Jan 2023 21:48:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13616
Expires: Tue, 10 Jan 2023 01:35:00 GMT
Date: Mon, 09 Jan 2023 21:48:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13616
Expires: Tue, 10 Jan 2023 01:35:00 GMT
Date: Mon, 09 Jan 2023 21:48:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 405085aa-d0f5-4786-8fd7-46d74a6e8d1e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecaIxGdkIAMFaBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb3d6b-07f34cbf7e1df2fa7a4d8982;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 22:02:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mRyiYL1hTv7MvjLg92gwPBszcW1mqdKadIcQVG_rsQ6b15uyGkyZbQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 09:56:36 GMT
age: 42688
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210f951bd43cd838048f3568adb84c8c
db87b6eeaad681f1232c104dd4d0a902a921ed6d
b0d21c80c6c53ba04c8b216f6428a0e8b8eff4ca16f44c31782857d4a2749c39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9407
x-amzn-requestid: 08f125d6-46ed-4a83-98bc-94f688def00c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eP6aMG3loAMFU5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b63dda-06f1fa975f43a24564b86524;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 03:02:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JGCcqqJcMEq8Q_Ahhr8WO1OsuLLCGJez-l5GRzZuPE3H2ljsztTrIw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 05:39:19 GMT
age: 58125
etag: "db87b6eeaad681f1232c104dd4d0a902a921ed6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0473691ea0d4426c66441d3e049b139
2ba1b24cc0f903a534458642236adc8495d87519
5475d4935fea484eabbac57be8e5604952f59374e1ccf26392c3283d39b96a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 173c95c5-690c-4381-9cf1-cb31e4456f14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eQd8LF0YoAMFTUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b676b4-0b9191ab25e33cb436995203;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 07:05:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IrmxCeYWe4PYICmQKYgocQcPK3iE2QXWP3SJ4RZ5vGKXY46plVTF6w==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 14:53:28 GMT
age: 24876
etag: "2ba1b24cc0f903a534458642236adc8495d87519"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab696bdd-92ae-4c01-855b-6bbe0e8165ad.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab696bdd-92ae-4c01-855b-6bbe0e8165ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0189748e9478c37ab22a71c0826ca99
08186f7c9717eb7165ee8b9b803760da967b82e7
40a9b3a38f6799c2005bc7cc2716104b175a2178efc8029188b9aff19e598483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab696bdd-92ae-4c01-855b-6bbe0e8165ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8866
x-amzn-requestid: b4a6c607-98b7-4689-96c3-646756db23df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZblsHkmIAMFzKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba0c8a-02beb65706f8d3d44a812788;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 00:21:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SvWUcXyAY8ibl7_52JUaFjTAaTj80eZPR0Cx7rcLG27R58WoH36IIg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 09:02:48 GMT
age: 45916
etag: "08186f7c9717eb7165ee8b9b803760da967b82e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0defc5fd929d3ca7df12b102b551453
f44e4ac4a10991e12994e3b5d6f3cc1b1658967a
f551a1c156ec30405668d66bff9e1359805b773457602e44748be80cbb1f8a23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4687
x-amzn-requestid: 18bf71d4-030e-4a08-ae18-48fe037e6e0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ7GzXIAMFnFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-710f414a2d1b239f6d59d73a;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BH9GqW4F8x5-alQC2mwF8cXT20caU3Tn8jI1e3tuhDMYtKnrH3BBpQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:30:17 GMT
age: 65867
etag: "f44e4ac4a10991e12994e3b5d6f3cc1b1658967a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46239df3-17a1-48a0-95bc-7ac540c3def6.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46239df3-17a1-48a0-95bc-7ac540c3def6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0b75a93b9f0106516f046eb424b0c8d9
c9509f976390441bbd3bd7521cb1848f4f481fd0
0b69fd368ef68510387a871acfffe82afc4414163c661f76e574dffdcc94104a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46239df3-17a1-48a0-95bc-7ac540c3def6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12971
x-amzn-requestid: ed6346eb-d3ae-4343-8eab-b4321aad3135
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eXEBqG97IAMF3Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b91a0a-4eb212756fcc0d3175dd0225;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 07:06:50 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: piVacwljJRw0mj4FKxVcPcOyoIpQURO35i2_t8-y5hthIyoQshGB-Q==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 05:34:35 GMT
age: 58409
etag: "c9509f976390441bbd3bd7521cb1848f4f481fd0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e83a19c95cb0a5ade1c892854d581633
998ede57ce697ae02c1bd662f4ace5bcd6325844
7317712af7112a6999572576d4ed7cec2fde08674c324062f25b0d5bef0b0fe1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7317712AF7112A6999572576D4ED7CEC2FDE08674C324062F25B0D5BEF0B0FE1"
Last-Modified: Sun, 08 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 10 Jan 2023 03:48:04 GMT
Date: Mon, 09 Jan 2023 21:48:04 GMT
Connection: keep-alive
geotrkclknow.com/rot/ZrYlOOwRni7p0sNB
104.21.82.176302 Found 741 B URL HTTP/2 geotrkclknow.com/rot/ZrYlOOwRni7p0sNB
IP 104.21.82.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e6a451a6229f851be1051e3d90a41266
2e1135c6e2f6bcade043a3bded656a531904dbdb
d0a4ff648ae12b08cf59b09e5d41c7b16cfcc73aec8012bf24a87e4eda737bb4
GET /rot/ZrYlOOwRni7p0sNB HTTP/1.1
Host: geotrkclknow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ps.popcash.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 09 Jan 2023 21:48:04 GMT
content-type: text/html; charset=UTF-8
location: https://ubfbboxn.com/click?trvid=25893
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGNv9AEXZEsdT5yxR5ostj4XSRN6BXw4Up2QXonOUfvI7Dtd3qpk1zMH2A1fLtkoWVcoJgEOr5dNlRMLpYWE%2FEjkd5zRF%2FFAeUAvaMflzSEn6c%2BoBUCIOhktVEJpsyHlf8ch"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78705fff7a24b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ubfbboxn.com/click?jsreferer=ps.popcash.net&trvid=25893&trvjs=t
3.126.48.135200 OK 1.0 kB URL HTTP/2 ubfbboxn.com/click?jsreferer=ps.popcash.net&trvid=25893&trvjs=t
IP 3.126.48.135:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (307)
Hash d63e7f3850bd59a5d5536c622673dfda
275b6cea08fe093c3c6738dd6a6f49fa4ef90982
f4b1b68633ed3624037802fe3762b82b43c2cee451cef3e54a0486464d43ea43
GET /click?jsreferer=ps.popcash.net&trvid=25893&trvjs=t HTTP/1.1
Host: ubfbboxn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ubfbboxn.com/click?trvid=25893
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 21:48:04 GMT
content-type: text/html; charset=utf-8
content-length: 1003
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
set-cookie: ClickDataNG=H4sIAAAAAAAA_1xTXU_jOhD9K9E83StZqdMvilGFoOherQRlJWB52RfHmaYG147GdmgX-O8rJ9lS7UvlmTmdM3Pm5B1aJK-dBQFFznMODMKhQRCcgY_l45-3crZFCliB2EjjkYEyWr1-q9IftcZanhWqbsfAoJIBQRTzs8mE88ViykDJXSN1bRN6PFucTxhov_p-dexFLsigXQeYjcecAUWDKUpPrDShCncYti4BGHgXSXX1YsHASFtpWw_wIXoiAwKAgdtskFLtbLLgDEqSVm0HbFfrkdsQGi9Go1Y36IMj9Llyu5HR9tVf6uptOZvzxc_I-XjuY6mr5V9bK-fDMG6LNvaqNfLgYviiWkUitOoAAp4eboBBJH3CHctNWbq97Zg7fS9fPOEGCWnZ-LxxjZJ-m1sM_SSBWl0tO0mPiRe_DMBAN1dVReg9CDgv8nOeT8d5MZuelua9QtEjXdVoAwi4c7-0MXI0y3n2z7O2lXvz2foxK3jOL7JnbefTi2yffqgVBZ_l_N_sf1SvbjTmBecFL7L_NOHG7UddFZIg3QIg4HS_ZBRstcKjxVwadaBMd_M_vqyZ-pTk3nzXZ2A4trgmaat-lz5x5yo0p4m13GEfq54PVrI0OLp5uE2C-AYEXBu9zx6cicmJvjtptIHSsdb33R51P836_uPj3huXrRLgkJA6HE4KkC5PaMMq3XCwIela29vmJBVIWi9Vb3wPwkZjGKjog9uBeAfcByQrTfeRwefn7wAAAP__MVOC760DAAA=; Expires=Wed, 08 Feb 2023 21:48:04 GMT; SameSite=None; Secure
ClickDataNgFall=H4sIAAAAAAAA_1xTXU_jOhD9K9E83StZqdMvilGFoOherQRlJWB52RfHmaYG147GdmgX-O8rJ9lS7UvlmTmdM3Pm5B1aJK-dBQFFznMODMKhQRCcgY_l45-3crZFCliB2EjjkYEyWr1-q9IftcZanhWqbsfAoJIBQRTzs8mE88ViykDJXSN1bRN6PFucTxhov_p-dexFLsigXQeYjcecAUWDKUpPrDShCncYti4BGHgXSXX1YsHASFtpWw_wIXoiAwKAgdtskFLtbLLgDEqSVm0HbFfrkdsQGi9Go1Y36IMj9Llyu5HR9tVf6uptOZvzxc_I-XjuY6mr5V9bK-fDMG6LNvaqNfLgYviiWkUitOoAAp4eboBBJH3CHctNWbq97Zg7fS9fPOEGCWnZ-LxxjZJ-m1sM_SSBWl0tO0mPiRe_DMBAN1dVReg9CDgv8nOeT8d5MZuelua9QtEjXdVoAwi4c7-0MXI0y3n2z7O2lXvz2foxK3jOL7JnbefTi2yffqgVBZ_l_N_sf1SvbjTmBecFL7L_NOHG7UddFZIg3QIg4HS_ZBRstcKjxVwadaBMd_M_vqyZ-pTk3nzXZ2A4trgmaat-lz5x5yo0p4m13GEfq54PVrI0OLp5uE2C-AYEXBu9zx6cicmJvjtptIHSsdb33R51P836_uPj3huXrRLgkJA6HE4KkC5PaMMq3XCwIela29vmJBVIWi9Vb3wPwkZjGKjog9uBeAfcByQrTfeRwefn7wAAAP__MVOC760DAAA=; Expires=Wed, 08 Feb 2023 21:48:04 GMT
X-Firefox-Spdy: h2
ubfbboxn.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3ZpcGVzdG9yZXMuY29tL2xpbmtzP2lkdz01NjA4XHUwMDI2c3ViaWQ9MWlpZWdhNzFjZ3YyIiwiUmVkaXJlY3RXb3JkaW5nIjoiICIsIlJlZGlyZWN0VGl0bGUiOiJSZWRpcmVjdGlvbi4uLiIsIlJlZGlyZWN0TGlua1RleHQiOiIgIiwiSW5zdGFsbElkIjoyMDAxfQ==
3.126.48.135200 OK 636 B URL HTTP/2 ubfbboxn.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3ZpcGVzdG9yZXMuY29tL2xpbmtzP2lkdz01NjA4XHUwMDI2c3ViaWQ9MWlpZWdhNzFjZ3YyIiwiUmVkaXJlY3RXb3JkaW5nIjoiICIsIlJlZGlyZWN0VGl0bGUiOiJSZWRpcmVjdGlvbi4uLiIsIlJlZGlyZWN0TGlua1RleHQiOiIgIiwiSW5zdGFsbElkIjoyMDAxfQ==
IP 3.126.48.135:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 84b213d875afda4b4454a2eb345ab3b7
12121689b3ebdf4fb10dd60dfb36f9c49190a9c7
f2863ee3d49751498a5a9f0c55fac554f35d8172287de41a5a09db215f06f732
GET /double?t=2&d=eyJVUkwiOiJodHRwczovL3ZpcGVzdG9yZXMuY29tL2xpbmtzP2lkdz01NjA4XHUwMDI2c3ViaWQ9MWlpZWdhNzFjZ3YyIiwiUmVkaXJlY3RXb3JkaW5nIjoiICIsIlJlZGlyZWN0VGl0bGUiOiJSZWRpcmVjdGlvbi4uLiIsIlJlZGlyZWN0TGlua1RleHQiOiIgIiwiSW5zdGFsbElkIjoyMDAxfQ== HTTP/1.1
Host: ubfbboxn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ClickDataNG=H4sIAAAAAAAA_1xTXU_jOhD9K9E83StZqdMvilGFoOherQRlJWB52RfHmaYG147GdmgX-O8rJ9lS7UvlmTmdM3Pm5B1aJK-dBQFFznMODMKhQRCcgY_l45-3crZFCliB2EjjkYEyWr1-q9IftcZanhWqbsfAoJIBQRTzs8mE88ViykDJXSN1bRN6PFucTxhov_p-dexFLsigXQeYjcecAUWDKUpPrDShCncYti4BGHgXSXX1YsHASFtpWw_wIXoiAwKAgdtskFLtbLLgDEqSVm0HbFfrkdsQGi9Go1Y36IMj9Llyu5HR9tVf6uptOZvzxc_I-XjuY6mr5V9bK-fDMG6LNvaqNfLgYviiWkUitOoAAp4eboBBJH3CHctNWbq97Zg7fS9fPOEGCWnZ-LxxjZJ-m1sM_SSBWl0tO0mPiRe_DMBAN1dVReg9CDgv8nOeT8d5MZuelua9QtEjXdVoAwi4c7-0MXI0y3n2z7O2lXvz2foxK3jOL7JnbefTi2yffqgVBZ_l_N_sf1SvbjTmBecFL7L_NOHG7UddFZIg3QIg4HS_ZBRstcKjxVwadaBMd_M_vqyZ-pTk3nzXZ2A4trgmaat-lz5x5yo0p4m13GEfq54PVrI0OLp5uE2C-AYEXBu9zx6cicmJvjtptIHSsdb33R51P836_uPj3huXrRLgkJA6HE4KkC5PaMMq3XCwIela29vmJBVIWi9Vb3wPwkZjGKjog9uBeAfcByQrTfeRwefn7wAAAP__MVOC760DAAA=; ClickDataNgFall=H4sIAAAAAAAA_1xTXU_jOhD9K9E83StZqdMvilGFoOherQRlJWB52RfHmaYG147GdmgX-O8rJ9lS7UvlmTmdM3Pm5B1aJK-dBQFFznMODMKhQRCcgY_l45-3crZFCliB2EjjkYEyWr1-q9IftcZanhWqbsfAoJIBQRTzs8mE88ViykDJXSN1bRN6PFucTxhov_p-dexFLsigXQeYjcecAUWDKUpPrDShCncYti4BGHgXSXX1YsHASFtpWw_wIXoiAwKAgdtskFLtbLLgDEqSVm0HbFfrkdsQGi9Go1Y36IMj9Llyu5HR9tVf6uptOZvzxc_I-XjuY6mr5V9bK-fDMG6LNvaqNfLgYviiWkUitOoAAp4eboBBJH3CHctNWbq97Zg7fS9fPOEGCWnZ-LxxjZJ-m1sM_SSBWl0tO0mPiRe_DMBAN1dVReg9CDgv8nOeT8d5MZuelua9QtEjXdVoAwi4c7-0MXI0y3n2z7O2lXvz2foxK3jOL7JnbefTi2yffqgVBZ_l_N_sf1SvbjTmBecFL7L_NOHG7UddFZIg3QIg4HS_ZBRstcKjxVwadaBMd_M_vqyZ-pTk3nzXZ2A4trgmaat-lz5x5yo0p4m13GEfq54PVrI0OLp5uE2C-AYEXBu9zx6cicmJvjtptIHSsdb33R51P836_uPj3huXrRLgkJA6HE4KkC5PaMMq3XCwIela29vmJBVIWi9Vb3wPwkZjGKjog9uBeAfcByQrTfeRwefn7wAAAP__MVOC760DAAA=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 21:48:04 GMT
content-type: text/html; charset=utf-8
content-length: 636
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash aecbc67b4ca7584174ea85cfe2d17843
be5c6d99ff606be2773d611e8c88fbcfb23f2e38
63f2c9ac2e1394be71dfa27403f9864fe5c9802f85409e8376dfef1bfe6805fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:05 GMT
Server: ECS (amb/6B75)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash aecbc67b4ca7584174ea85cfe2d17843
be5c6d99ff606be2773d611e8c88fbcfb23f2e38
63f2c9ac2e1394be71dfa27403f9864fe5c9802f85409e8376dfef1bfe6805fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:05 GMT
Last-Modified: Mon, 09 Jan 2023 21:48:05 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 91cba10bd0047fb1891ee59eb4043b28
66f89233d887d6b2ed2dbbcd8c8342be4d537bda
48c78dd8309ed5108781040d02e502fb6fd94eec917f268da47517895d3596b8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 21:48:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 12:48:24 GMT
Expires: Sat, 14 Jan 2023 12:48:23 GMT
Etag: "66f89233d887d6b2ed2dbbcd8c8342be4d537bda"
Cache-Control: max-age=399017,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 787060057a9eb505-OSL
hellofresheuro.sjv.io/c/229435/1285779/9318?subId1=1iiega71cgv2
35.227.211.136302 Found 241 B URL HTTP/2 hellofresheuro.sjv.io/c/229435/1285779/9318?subId1=1iiega71cgv2
IP 35.227.211.136:0
File type HTML document, ASCII text
Hash fa4ff64ebcdf97fbc4c757e057f50f78
75c25187c8c1840a5be5e954de1e74d163fb8a38
63f13ada84a8d7a10f92be351063b75be2109c4a584a7ea843ee52e9a53a0b52
GET /c/229435/1285779/9318?subId1=1iiega71cgv2 HTTP/1.1
Host: hellofresheuro.sjv.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipestores.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 09 Jan 2023 21:48:05 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
location: https://www.ojrq.net/p/?return=https%3A%2F%2Fhellofresheuro.sjv.io%2Fc%2F229435%2F1285779%2F9318%3FsubId1%3D1iiega71cgv2%26level%3D1%26srcref%3Dhttps%253A%252F%252Fvipestores.com%252F&cid=9318&tpsync=yes
content-type: text/html; charset=utf-8
content-length: 241
date: Mon, 09 Jan 2023 21:48:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 738c469a3e016a4079ec95e503183b03
cc6a28e203fde59aca8d4b1db0226ef7c47a0d7c
120a4f2d2fd16bd3863b290af6ac774d8752f5e48eeceb059cbd36076b60cd59
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 21:48:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 07:08:00 GMT
Expires: Sat, 14 Jan 2023 07:07:59 GMT
Etag: "cc6a28e203fde59aca8d4b1db0226ef7c47a0d7c"
Cache-Control: max-age=378593,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 787060083f6eb500-OSL
www.ojrq.net/p/?return=https%3A%2F%2Fhellofresheuro.sjv.io%2Fc%2F229435%2F1285779%2F9318%3FsubId1%3D1iiega71cgv2%26level%3D1%26srcref%3Dhttps%253A%252F%252Fvipestores.com%252F&cid=9318&tpsync=yes
34.95.127.121302 Found 0 B URL HTTP/2 www.ojrq.net/p/?return=https%3A%2F%2Fhellofresheuro.sjv.io%2Fc%2F229435%2F1285779%2F9318%3FsubId1%3D1iiega71cgv2%26level%3D1%26srcref%3Dhttps%253A%252F%252Fvipestores.com%252F&cid=9318&tpsync=yes
IP 34.95.127.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/?return=https%3A%2F%2Fhellofresheuro.sjv.io%2Fc%2F229435%2F1285779%2F9318%3FsubId1%3D1iiega71cgv2%26level%3D1%26srcref%3Dhttps%253A%252F%252Fvipestores.com%252F&cid=9318&tpsync=yes HTTP/1.1
Host: www.ojrq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vipestores.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 09 Jan 2023 21:48:05 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
set-cookie: brwsr=4c8e2b02-9067-11ed-861d-efd8bbf4fe1b; Domain=.ojrq.net; Path=/; Secure; Max-Age=62208000; Expires=Sun, 29 Dec 2024 21:48:05 GMT; HttpOnly; SameSite=None
location: https://hellofresheuro.sjv.io/c/229435/1285779/9318?subId1=1iiega71cgv2&level=1&srcref=https%3A%2F%2Fvipestores.com%2F&brwsr=4c8e2b02-9067-11ed-861d-efd8bbf4fe1b&brwsrsig=3%3APSP0R0YWaRzfwwzgw8pw6LUjsyy8
content-length: 0
date: Mon, 09 Jan 2023 21:48:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hellofresheuro.sjv.io/c/229435/1285779/9318?subId1=1iiega71cgv2&level=1&srcref=https%3A%2F%2Fvipestores.com%2F&brwsr=4c8e2b02-9067-11ed-861d-efd8bbf4fe1b&brwsrsig=3%3APSP0R0YWaRzfwwzgw8pw6LUjsyy8
35.227.211.136301 Moved Permanently 0 B URL HTTP/2 hellofresheuro.sjv.io/c/229435/1285779/9318?subId1=1iiega71cgv2&level=1&srcref=https%3A%2F%2Fvipestores.com%2F&brwsr=4c8e2b02-9067-11ed-861d-efd8bbf4fe1b&brwsrsig=3%3APSP0R0YWaRzfwwzgw8pw6LUjsyy8
IP 35.227.211.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/229435/1285779/9318?subId1=1iiega71cgv2&level=1&srcref=https%3A%2F%2Fvipestores.com%2F&brwsr=4c8e2b02-9067-11ed-861d-efd8bbf4fe1b&brwsrsig=3%3APSP0R0YWaRzfwwzgw8pw6LUjsyy8 HTTP/1.1
Host: hellofresheuro.sjv.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vipestores.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 09 Jan 2023 21:48:05 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
set-cookie: brwsr=4c8e2b02-9067-11ed-861d-efd8bbf4fe1b; Domain=.sjv.io; Path=/; Secure; Max-Age=62208000; Expires=Sun, 29 Dec 2024 21:48:05 GMT; HttpOnly; SameSite=None
irld=Lyn-yHPyTXV%3AJ122X5tQwEWzMXduS6vymtxdRwGnXPJw970St; Path=/; Secure; Max-Age=15552000; Expires=Sat, 8 Jul 2023 21:48:05 GMT; HttpOnly; SameSite=None
location: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
content-length: 0
date: Mon, 09 Jan 2023 21:48:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 91cba10bd0047fb1891ee59eb4043b28
66f89233d887d6b2ed2dbbcd8c8342be4d537bda
48c78dd8309ed5108781040d02e502fb6fd94eec917f268da47517895d3596b8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 21:48:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 12:48:24 GMT
Expires: Sat, 14 Jan 2023 12:48:23 GMT
Etag: "66f89233d887d6b2ed2dbbcd8c8342be4d537bda"
Cache-Control: max-age=399017,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 787060080efdb505-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 738c469a3e016a4079ec95e503183b03
cc6a28e203fde59aca8d4b1db0226ef7c47a0d7c
120a4f2d2fd16bd3863b290af6ac774d8752f5e48eeceb059cbd36076b60cd59
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 21:48:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 07:08:00 GMT
Expires: Sat, 14 Jan 2023 07:07:59 GMT
Etag: "cc6a28e203fde59aca8d4b1db0226ef7c47a0d7c"
Cache-Control: max-age=378593,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 787060090878b500-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 628bf27a87bb7dbf5e4d207769137d95
9f237af627d00d25e20986b5a1ec8b93ce9fb10a
95c6fd5d06f13489edc8d186bb0fc6173ff76e9703150e81d38687ed79affa54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5373
Cache-Control: max-age=90410
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:06 GMT
Etag: "63bb34c4-116"
Expires: Tue, 10 Jan 2023 22:54:56 GMT
Last-Modified: Sun, 08 Jan 2023 21:25:24 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 628bf27a87bb7dbf5e4d207769137d95
9f237af627d00d25e20986b5a1ec8b93ce9fb10a
95c6fd5d06f13489edc8d186bb0fc6173ff76e9703150e81d38687ed79affa54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5373
Cache-Control: max-age=90410
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:06 GMT
Etag: "63bb34c4-116"
Expires: Tue, 10 Jan 2023 22:54:56 GMT
Last-Modified: Sun, 08 Jan 2023 21:25:24 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278
www.hellofresh.no/assets/fonts/source-sans-pro-v11/latin-regular.woff2
104.18.22.147200 OK 16 kB URL HTTP/2 www.hellofresh.no/assets/fonts/source-sans-pro-v11/latin-regular.woff2
IP 104.18.22.147:0
File type Web Open Font Format (Version 2), TrueType, length 15908, version 1.0\012- data
Hash 76d8cbb0496cb184eff868152b67ad45
d4ae4e38ca7bb859c359e9df16efeb35a009053c
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
GET /assets/fonts/source-sans-pro-v11/latin-regular.woff2 HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: binary/octet-stream
content-length: 15908
cache-control: public, max-age=31536000
etag: "76d8cbb0496cb184eff868152b67ad45"
last-modified: Thu, 21 Feb 2019 10:26:05 GMT
x-amz-id-2: lCxG++WPbVh5oiFWO+zo+JoLL5eC4Y7BG3Q6N2mHep0Y70Blb7voxX+ZKegGQXPfisk3WzgjPvI=
x-amz-request-id: 5JS9KJP4HHPJ6T5S
x-envoy-upstream-service-time: 39
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 15576437
expires: Tue, 09 Jan 2024 21:48:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600edd8e0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hellofresh.no/assets/fonts/agrandir-v1/Agrandir-HelloFresh_Regular.woff2
104.18.22.147200 OK 24 kB URL HTTP/2 www.hellofresh.no/assets/fonts/agrandir-v1/Agrandir-HelloFresh_Regular.woff2
IP 104.18.22.147:0
File type Web Open Font Format (Version 2), CFF, length 23704, version 3.-32768\012- data
Hash 021fc9cc68ba65a1b90ac6cc63f14e6b
80d9a94446ef23cfbf8b84129f4e3006e85af3f2
460c21e6ad4856a0b727beb6175ecf7dad82ae8f91d4b9639ba693e8ce8409cb
GET /assets/fonts/agrandir-v1/Agrandir-HelloFresh_Regular.woff2 HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: binary/octet-stream
content-length: 23704
etag: "021fc9cc68ba65a1b90ac6cc63f14e6b"
last-modified: Tue, 02 Mar 2021 13:26:12 GMT
x-amz-id-2: ZuOvCbZ7fKykGGyglENX39EniluGQpMIDO9/R+bkNGmtDYTc8E32kkz1i1MSU/e+DUSio1JluQ0=
x-amz-request-id: AX25XJZW4WSXG6R4
x-envoy-upstream-service-time: 42
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 15576605
expires: Tue, 10 Jan 2023 01:48:06 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600edd920b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hellofresh.no/assets/fonts/source-sans-pro-v11/latin-600.woff2
104.18.22.147200 OK 16 kB URL HTTP/2 www.hellofresh.no/assets/fonts/source-sans-pro-v11/latin-600.woff2
IP 104.18.22.147:0
File type Web Open Font Format (Version 2), TrueType, length 15784, version 1.0\012- data
Hash b3866d3fbe239e8754f4db4795ce2817
a0c7bead0f83f1a6419f026c899de3af7c9e55e2
d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60
GET /assets/fonts/source-sans-pro-v11/latin-600.woff2 HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: binary/octet-stream
content-length: 15784
cache-control: public, max-age=31536000
etag: "b3866d3fbe239e8754f4db4795ce2817"
last-modified: Thu, 21 Feb 2019 10:26:04 GMT
x-amz-id-2: 3/Jlg40Az8Y7WTmIW13IDqbdK9DLZpUaKu+2KZ2J1TZ+Fvbiku0Ld5yobyT+qoD0wYJeYKEPzJQ=
x-amz-request-id: FB2QKEDH4XSJEVKE
x-envoy-upstream-service-time: 22
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 14910921
expires: Tue, 09 Jan 2024 21:48:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600edd930b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 7.7 kB IP 93.184.220.29:0
Hash 92bc307ca31ae96c8edde1f991ac8b70
416f1ec0a4d437c7bf167fd07f711bdf63a12649
f9c24ead4525be4cd44423cdb339a543db5a03a90ba99b59ff9742536ceb1964
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6042
Cache-Control: max-age=148663
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:07 GMT
Etag: "63bc15b4-117"
Expires: Wed, 11 Jan 2023 15:05:50 GMT
Last-Modified: Mon, 09 Jan 2023 13:25:08 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 24 kB IP 93.184.220.29:0
Hash 3859d8eda7d5cfac548e9d773f3cbbbc
432cfd1ec4c89cedb9ee9bccdc99383c2630a80f
ed928917ca081b6ac8c77ddccd6d1894fa0d24c975a2158005a38e8c37b36dff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6430
Cache-Control: max-age=149051
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:07 GMT
Etag: "63bc15b4-117"
Expires: Wed, 11 Jan 2023 15:12:18 GMT
Last-Modified: Mon, 09 Jan 2023 13:25:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 28 kB IP 93.184.220.29:0
Hash df556d2e28a0c7ff779d27f1cec2b495
f5676d3adec0a80cef7d120c567f580eae70d680
aa3ccdc95c54525062f2f1134ccf3f60ddebd01e2fa0b5e8c3dab38ac2530cf2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6274
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:07 GMT
Last-Modified: Mon, 09 Jan 2023 20:03:34 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/11431.f36d0a75f8d6a955.js
104.18.22.147200 OK 22 kB URL HTTP/2 www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/11431.f36d0a75f8d6a955.js
IP 104.18.22.147:0
File type ASCII text, with very long lines (33297)
Hash 735781f947ba379892f18f1af2d1d825
76cac3c0d6339a33eddf8c4310c79382a088c07f
e55708778f2928be3a7cff41abf929ab8c6a317410656049ee1d00b3a06567f9
GET /assets/releases/web-infra/_next/static/chunks/11431.f36d0a75f8d6a955.js HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
etag: W/"7e7d40542848a5814e8699cc69f4b4ee"
last-modified: Tue, 13 Dec 2022 14:41:35 GMT
x-amz-id-2: aG38Dj9eRKv6T6gO78eD489bxqLa9cbyfpuLHbo2pKi8pVjqAGilx+Z1BlyNWI/b+05W7GvKcp8=
x-amz-request-id: V5W888E3268E90RD
x-envoy-upstream-service-time: 30
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2358322
expires: Tue, 09 Jan 2024 21:48:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600eeda50b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 2.7 kB IP 93.184.220.29:0
Hash 8fe578b8e5f79adc9e1aef89d0bbe093
32a6ba1cfe10c11cc6c6e47a2f0b5263e6bbbcff
61f3cd2356fa054e85b7b1e9b0c146f6a716c4945f443dc304817dce45619d10
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:07 GMT
Etag: "63bc15b4-117"
Server: ECS (amb/6B98)
Content-Length: 279
www.hellofresh.com/assets/fonts/agrandir-v1/Agrandir-HelloFresh_Regular.woff2
104.18.10.23200 OK 24 kB URL HTTP/2 www.hellofresh.com/assets/fonts/agrandir-v1/Agrandir-HelloFresh_Regular.woff2
IP 104.18.10.23:0
File type Web Open Font Format (Version 2), CFF, length 23704, version 3.-32768\012- data
Hash 021fc9cc68ba65a1b90ac6cc63f14e6b
80d9a94446ef23cfbf8b84129f4e3006e85af3f2
460c21e6ad4856a0b727beb6175ecf7dad82ae8f91d4b9639ba693e8ce8409cb
GET /assets/fonts/agrandir-v1/Agrandir-HelloFresh_Regular.woff2 HTTP/1.1
Host: www.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hellofresh.no
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:07 GMT
content-type: binary/octet-stream
content-length: 23704
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 3000
etag: "021fc9cc68ba65a1b90ac6cc63f14e6b"
last-modified: Tue, 02 Mar 2021 13:26:12 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-id-2: ZLka0EL93w1NcKjSvbHFfH5qT27fOoaDxTZWOvzJLiut0szNCAGSEkzYKHTzTytmEG380yYratY=
x-amz-request-id: 9NJ4S9WSJ1B5CYPV
x-envoy-upstream-service-time: 48
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 14910637
expires: Tue, 10 Jan 2023 01:48:07 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=F320RDxeD7FKxf9pMmrZ2pQvpk7Ldk3lkQK298PRnvQ-1673300887-0-AeRQacdEMTUM+Jj4ZPSGmtqd62bFMh2DZcLx9FxYjCSi/Z4Dd++jiGlIzzwmIl8CcSBRtt7dCa4o+QaYXJDHMSljarCEAGUSdtQCU9Xb+nL9; path=/; expires=Mon, 09-Jan-23 22:18:07 GMT; domain=.hellofresh.com; HttpOnly; Secure; SameSite=None
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600fed3eb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hellofresh.com/assets/fonts/source-sans-pro-v11/latin-regular.woff2
104.18.10.23200 OK 16 kB URL HTTP/2 www.hellofresh.com/assets/fonts/source-sans-pro-v11/latin-regular.woff2
IP 104.18.10.23:0
File type Web Open Font Format (Version 2), TrueType, length 15908, version 1.0\012- data
Hash 76d8cbb0496cb184eff868152b67ad45
d4ae4e38ca7bb859c359e9df16efeb35a009053c
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
GET /assets/fonts/source-sans-pro-v11/latin-regular.woff2 HTTP/1.1
Host: www.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hellofresh.no
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:07 GMT
content-type: binary/octet-stream
content-length: 15908
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: public, max-age=31536000
etag: "76d8cbb0496cb184eff868152b67ad45"
last-modified: Thu, 21 Feb 2019 10:26:05 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-id-2: 9wphEsbWaEEvxp2EdyEvMddLdPNTB9Yy0ef8oEHYO3XzofHu8q1q/pALEufthLS49LP92xdN/oc=
x-amz-request-id: 9NJ9VPQEJ2CKC5Z8
x-envoy-upstream-service-time: 34
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 16298195
expires: Tue, 09 Jan 2024 21:48:07 GMT
accept-ranges: bytes
set-cookie: __cf_bm=hKMwCOIDvBDx2FNllXKZh2eIrqgEeHlUvHkQnQO6TcU-1673300887-0-AfpTpwmBvktLtMUHYlP9bfdFbfPJS/yM/utM6we9XS+6Rig/6p9j+IhcIYWqBVg/DmxLXZq4YfNH6E3j9yAyZ05jslDOlq81APQmojpaVMSM; path=/; expires=Mon, 09-Jan-23 22:18:07 GMT; domain=.hellofresh.com; HttpOnly; Secure; SameSite=None
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600fed49b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/73158.fee9a8b09a48493d.js
104.18.22.147200 OK 6.7 kB URL HTTP/2 www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/73158.fee9a8b09a48493d.js
IP 104.18.22.147:0
File type ASCII text, with very long lines (16787)
Hash 5ed4d4f6c4a0b5b4f051b86b2ca85756
f9165a9156d5a3a727efb3ae474897e9c38a8f4d
61f824cd377ddff095afdf2f7fbd7f8d3d4306aef6d5a59ad35da3790829f8f1
GET /assets/releases/web-infra/_next/static/chunks/73158.fee9a8b09a48493d.js HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
etag: W/"343e27d52cdbbc9ee668c88b0ff08e3d"
last-modified: Mon, 02 Jan 2023 16:17:29 GMT
x-amz-id-2: GngjePdlnWnOUzPy5CKV9RLSeyWp9t/UdWZRehO+Dz7Co3KjXZ4DLIDhx3OSqv/sqfhLBPJZFpI=
x-amz-request-id: AWRF06E28SQA71GQ
x-envoy-upstream-service-time: 39
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 624559
expires: Tue, 09 Jan 2024 21:48:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600eedac0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.hellofresh.com/au/cms/banners/hero/BTS_LP_Tablet.jpg
104.18.11.23200 OK 596 kB URL HTTP/2 cdn.hellofresh.com/au/cms/banners/hero/BTS_LP_Tablet.jpg
IP 104.18.11.23:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2046x1300, components 3\012- data
Size 596 kB (596435 bytes)
Hash 28c9fdee3ccdcb715c2528368d8f506e
547c31a42e2cf36ad9100fabd6429c95dfa3a6f1
5c0089594141b5ad1518ffa6a73b5171aef4692cb6f59757d3f427b1cccec186
GET /au/cms/banners/hero/BTS_LP_Tablet.jpg HTTP/1.1
Host: cdn.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:07 GMT
content-type: image/jpeg
content-length: 596435
cf-bgj: h2pri
etag: "28c9fdee3ccdcb715c2528368d8f506e"
last-modified: Tue, 14 Sep 2021 08:20:24 GMT
x-amz-id-2: 09dDxT3GxLcaL17wY91k/WNsa3zuDMsoXnIjTQe3496uFdOIe2+Hd9R8ybv06UVZx5kgpC1MaaY=
x-amz-request-id: Q51XR8B2W1Q7C350
x-amz-version-id: NA2hwIR7pChwaqKeqPnYjDKC2t6fcpUM
cf-cache-status: HIT
age: 4940829
expires: Tue, 10 Jan 2023 01:48:07 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=AOJJMnahrpbHZJxlSlm6HCqIzPr0dsZEWZ_LhTjO35U-1673300887-0-AXpMAdAal1maFz08wIoDqa6YFAiFJ0hTuSKFTK0l7fzh2MimvWKn11OJnjMfzB6Nc9YFBfagOYYn/kzgFQlb83DMvhod0WOX9jNxzGzlHIjP; path=/; expires=Mon, 09-Jan-23 22:18:07 GMT; domain=.hellofresh.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 787060101ba3b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.hellofresh.com/gb/cms/landing_pages/resolution/reason-check-mark-copy.png
104.18.11.23200 OK 1.6 kB URL HTTP/2 cdn.hellofresh.com/gb/cms/landing_pages/resolution/reason-check-mark-copy.png
IP 104.18.11.23:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash e4378df8bebcf9bbc8ba9ead5702899e
518ac6b70262a0dd2d2b0dcff99f15704a1720b6
912080697605bebbd5a1571eb2e561ca5eac35c8904198fa093a79ba8f8f90bb
GET /gb/cms/landing_pages/resolution/reason-check-mark-copy.png HTTP/1.1
Host: cdn.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:07 GMT
content-type: image/png
content-length: 1569
x-amz-id-2: STnALr1jKFq3KCIHQwX7cTP2ftyrW+xRvfR/oUSr9c5CaHYYjC7crwi86Jq+vgwuo9IoWwLkr2Q=
x-amz-request-id: KDS5WSHFNJ3E8NTP
last-modified: Wed, 14 Aug 2019 13:24:12 GMT
etag: "e4378df8bebcf9bbc8ba9ead5702899e"
x-amz-version-id: null
cf-cache-status: HIT
age: 24195822
expires: Tue, 10 Jan 2023 01:48:07 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=Y5SMdWUXPGIf4A091p1V99L.mKtGfi6gADfycE6EVX0-1673300887-0-AYxeyAkzX0UXkGkUF5KLytyQKnLonEwX22JQo9sPZnt99iq3hmLbomGRttIfr5VAT8Shz9nT6V2X/fStISzyzi/uEY+VPW1GMdvtZ+RcFZSr; path=/; expires=Mon, 09-Jan-23 22:18:07 GMT; domain=.hellofresh.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 787060104bd3b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 67efa309cd1a12359fd7a5f70e366655
85ee5c0f2d9deeacbfe1a38bd18eb724138f066c
6872e796d42a65959b21ea56670a5c11643aa3bc06d51275b68dd3b23b0e1844
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 13 kB IP 93.184.220.29:0
Hash ce7ceaf7f9cc2b5e33bc6e874b439cf9
18f7045343fcf2cac88997ee051415faae7695be
29d4543d41e22534af4e3d3eb7514e6c619228667c2acdcc64c841fb5dbbe6c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:07 GMT
Etag: "63bc15b4-117"
Last-Modified: Mon, 09 Jan 2023 21:48:07 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
img.hellofresh.com/f_auto,fl_lossy,q_auto/hellofresh_website/gb/cms/icons/icon_review.svg
23.38.201.77200 OK 226 B URL HTTP/2 img.hellofresh.com/f_auto,fl_lossy,q_auto/hellofresh_website/gb/cms/icons/icon_review.svg
IP 23.38.201.77:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 141dde902e3063eb268d206d245427ac
b095c04427762ae762ddb3372229feb1ca3c03df
2e5a2afd4a4d04ad49a50028351b55180ae6110cde4fe2cb5049a154f2e7e6ea
GET /f_auto,fl_lossy,q_auto/hellofresh_website/gb/cms/icons/icon_review.svg HTTP/1.1
Host: img.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="icon_review.webp"
content-type: image/webp
etag: "141dde902e3063eb268d206d245427ac"
last-modified: Sat, 10 Oct 2020 04:56:27 GMT
content-length: 226
date: Mon, 09 Jan 2023 21:48:07 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=4;start=2023-01-09T21:48:07.142Z;desc=hit,rtt;dur=5
X-Firefox-Spdy: h2
img.hellofresh.com/f_auto,fl_lossy,q_auto/hellofresh_website/be/cms/landing_pages/icon-instagram.svg
23.38.201.77200 OK 258 B URL HTTP/2 img.hellofresh.com/f_auto,fl_lossy,q_auto/hellofresh_website/be/cms/landing_pages/icon-instagram.svg
IP 23.38.201.77:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bd2715fda7834cefbabd5e9bfdac652c
70bc45ac4e8dd257e243436dd39cdbdc46b806e5
c4f1422e96cba148b1f19325b85d8d73a97f69388f6f6f025bf56e296c7857c9
GET /f_auto,fl_lossy,q_auto/hellofresh_website/be/cms/landing_pages/icon-instagram.svg HTTP/1.1
Host: img.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="icon-instagram.webp"
content-type: image/webp
etag: "bd2715fda7834cefbabd5e9bfdac652c"
last-modified: Fri, 11 Feb 2022 10:44:31 GMT
content-length: 258
date: Mon, 09 Jan 2023 21:48:07 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=3;start=2023-01-09T21:48:07.146Z;desc=hit,rtt;dur=5
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 811ca06908bf97d7faf33645ab0acba8
911c080c7d2042a06e6c46579b81312d7a289719
87e258f6b3b938eeccd2eb093b9f8c0cd1cfe2953bd09b0755a37f6b54a07105
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6042
Cache-Control: max-age=148663
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:07 GMT
Etag: "63bc15b4-117"
Expires: Wed, 11 Jan 2023 15:05:50 GMT
Last-Modified: Mon, 09 Jan 2023 13:25:08 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtm.js?id=GTM-KMWJG5K
142.250.74.168200 OK 99 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KMWJG5K
IP 142.250.74.168:0
File type ASCII text, with very long lines (55692)
Hash 462e89320c4db98bf7139136e18e1c1f
aec789e32a0fd502974519513528afe07101b792
b179311d9836fca421ec86d68408b4087d04c52097593cac1b51a661811d8b6c
GET /gtm.js?id=GTM-KMWJG5K HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 09 Jan 2023 21:48:07 GMT
expires: Mon, 09 Jan 2023 21:48:07 GMT
cache-control: private, max-age=900
last-modified: Mon, 09 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85417
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.hellofresh.com/f_auto,fl_lossy,q_auto/hellofresh_website/be/cms/landing_pages/icon-facebook.svg
23.38.201.77200 OK 148 B URL HTTP/2 img.hellofresh.com/f_auto,fl_lossy,q_auto/hellofresh_website/be/cms/landing_pages/icon-facebook.svg
IP 23.38.201.77:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 25a295a551b7b2b421c8297166eabe03
7c65f16425576ddaa1bd0a8ebd05fee8e99af6c3
e05fe32b622f725d30adeeda1b91502830182d340a97ba4f4a1bf27b24b2fb0f
GET /f_auto,fl_lossy,q_auto/hellofresh_website/be/cms/landing_pages/icon-facebook.svg HTTP/1.1
Host: img.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="icon-facebook.webp"
content-type: image/webp
etag: "25a295a551b7b2b421c8297166eabe03"
last-modified: Fri, 11 Feb 2022 10:44:31 GMT
content-length: 148
date: Mon, 09 Jan 2023 21:48:07 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=3;start=2023-01-09T21:48:07.152Z;desc=hit,rtt;dur=5
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NX6F8ZR
142.250.74.168200 OK 70 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NX6F8ZR
IP 142.250.74.168:0
File type ASCII text, with very long lines (29182)
Hash ddeb65ed7aa8447c23e3a31aadcaad1b
ba8cc16dc68cbf2dc61e35f1be492276c7af83d6
774adfc7b51571be8bd94c44aafb20636583d77ca163efe469d1ba2bb4c6354e
GET /gtm.js?id=GTM-NX6F8ZR HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 09 Jan 2023 21:48:07 GMT
expires: Mon, 09 Jan 2023 21:48:07 GMT
cache-control: private, max-age=900
last-modified: Mon, 09 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57718
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.hellofresh.com/f_auto,fl_lossy,q_auto,w_500/hellofresh_website/dk/cms/Landing%20pages/Global_HIW_Gif__NO.gif
23.38.201.77200 OK 109 kB URL HTTP/2 img.hellofresh.com/f_auto,fl_lossy,q_auto,w_500/hellofresh_website/dk/cms/Landing%20pages/Global_HIW_Gif__NO.gif
IP 23.38.201.77:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 109 kB (108780 bytes)
Hash dd6faba5e781cac2c670424233f4569c
106c516140e8d0a9b5b52f6d48d6e6aee1feb281
24ddb7fb525fb0d1eab86060ffb79d4f829058534d00359c1c16943cfa2ec23d
GET /f_auto,fl_lossy,q_auto,w_500/hellofresh_website/dk/cms/Landing%20pages/Global_HIW_Gif__NO.gif HTTP/1.1
Host: img.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="Global_HIW_Gif__NO.webp"
content-type: image/webp
etag: "dd6faba5e781cac2c670424233f4569c"
last-modified: Wed, 01 Dec 2021 11:02:49 GMT
content-length: 108780
date: Mon, 09 Jan 2023 21:48:07 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=3;start=2023-01-09T21:48:07.157Z;desc=hit,rtt;dur=6
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 67efa309cd1a12359fd7a5f70e366655
85ee5c0f2d9deeacbfe1a38bd18eb724138f066c
6872e796d42a65959b21ea56670a5c11643aa3bc06d51275b68dd3b23b0e1844
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22ed7abf241e6b37eea2768548720463
ff588647c82e3c88bc91671d4ad608485b3cd97f
f145bdc63a7639b6003311239a877bae5dd2456e55a7d0aec15a6b29e6f6ea0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F145BDC63A7639B6003311239A877BAE5DD2456E55A7D0AEC15A6B29E6F6EA0B"
Last-Modified: Mon, 09 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8919
Expires: Tue, 10 Jan 2023 00:16:46 GMT
Date: Mon, 09 Jan 2023 21:48:07 GMT
Connection: keep-alive
o46710.ingest.sentry.io/api/5396938/envelope/?sentry_key=5c397ef08a6c49098d09dfd70fddf09e&sentry_version=7&sentry_client=sentry.javascript.react%2F7.20.0
34.120.195.249200 OK 2 B URL HTTP/2 o46710.ingest.sentry.io/api/5396938/envelope/?sentry_key=5c397ef08a6c49098d09dfd70fddf09e&sentry_version=7&sentry_client=sentry.javascript.react%2F7.20.0
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/5396938/envelope/?sentry_key=5c397ef08a6c49098d09dfd70fddf09e&sentry_version=7&sentry_client=sentry.javascript.react%2F7.20.0 HTTP/1.1
Host: o46710.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hellofresh.no/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.hellofresh.no
Content-Length: 421
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 21:48:07 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://www.hellofresh.no
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22ed7abf241e6b37eea2768548720463
ff588647c82e3c88bc91671d4ad608485b3cd97f
f145bdc63a7639b6003311239a877bae5dd2456e55a7d0aec15a6b29e6f6ea0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F145BDC63A7639B6003311239A877BAE5DD2456E55A7D0AEC15A6B29E6F6EA0B"
Last-Modified: Mon, 09 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8919
Expires: Tue, 10 Jan 2023 00:16:46 GMT
Date: Mon, 09 Jan 2023 21:48:07 GMT
Connection: keep-alive
img.hellofresh.com/w_96,q_auto,f_auto,c_limit,fl_lossy/hellofresh_website/logo/ModularLandingPages/Logo6.png
23.38.201.77200 OK 4.9 kB URL HTTP/2 img.hellofresh.com/w_96,q_auto,f_auto,c_limit,fl_lossy/hellofresh_website/logo/ModularLandingPages/Logo6.png
IP 23.38.201.77:0
Hash 5004098385b3ccbb74f0cf07fd01f641
9ed887ee648edbe2487200a98caa1bb5d142cc26
7f836bbaf70312509ad3fec7bb5e6c6ebfe17bf8d96a9f59f1d886c1a56867b2
GET /w_96,q_auto,f_auto,c_limit,fl_lossy/hellofresh_website/logo/ModularLandingPages/Logo6.png HTTP/1.1
Host: img.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Cookie: __cf_bm=Y5SMdWUXPGIf4A091p1V99L.mKtGfi6gADfycE6EVX0-1673300887-0-AYxeyAkzX0UXkGkUF5KLytyQKnLonEwX22JQo9sPZnt99iq3hmLbomGRttIfr5VAT8Shz9nT6V2X/fStISzyzi/uEY+VPW1GMdvtZ+RcFZSr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="Logo6.webp"
content-type: image/webp
etag: "09fbd5cdf8d5764f0de7d7e3e384fb91"
last-modified: Tue, 27 Dec 2022 10:47:31 GMT
x-request-id: c0cb39bd04782c063b9ed0d61d18fe4d
content-length: 1396
date: Mon, 09 Jan 2023 21:48:07 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=3;start=2023-01-09T21:48:07.980Z;desc=hit,rtt;dur=7
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3f8519215c79bf0bda8ca785973338bf
698469ea9e098802ca4409527a2255d3afa432bf
11cf7fc28654c888264faf34e369cb80a977c45e661034467fc0abeda7aa9a16
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5613
Cache-Control: max-age=122686
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:08 GMT
Etag: "63bbb1e9-117"
Expires: Wed, 11 Jan 2023 07:52:54 GMT
Last-Modified: Mon, 09 Jan 2023 06:19:21 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.149.64200 OK 8.1 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.149.64:0
File type ASCII text, with very long lines (24742)
Hash 59d0843ea535a679e836bfdc4fd847c9
8c8938ff086a2b05eb9e431cb8ff7150f50c7b48
6f5b514345f75508ac2e5827b6e50c804a3d5ec2aa44975ec6a2bdfcb438fd17
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:08 GMT
content-type: application/javascript
content-length: 8053
content-encoding: gzip
content-md5: WdCEPqU1pnnoNr/cT9hHyQ==
last-modified: Fri, 06 Jan 2023 16:07:56 GMT
etag: 0x8DAF0002C908A6C
x-ms-request-id: 98f26f26-d01e-013d-372c-222b95000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 8269
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78706017087db4e8-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Ifmjw5UV6aI
142.250.74.131200 OK 210 kB URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Ifmjw5UV6aI
IP 142.250.74.131:0
Size 210 kB (209619 bytes)
Hash c9250d7efc31e06f47c711b6019d01ac
08b4bab3ec3ad21f44cf152861cde7becba0df64
8b392a56a88790b00a0776a877a4ee98075d02d4f5157401dcf561924d68f3b8
POST /s/gts1d4/Ifmjw5UV6aI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 5f50243889e1a5a23307b112680097bb
be56e369467b533d86a90a4e61d234ff919d7525
730bc6c7ad16184a81ca66e5bce7ef370ea67248d17af399ed118fd1571a0798
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 09 Jan 2023 21:48:08 GMT
Last-Modified: Mon, 09 Jan 2023 20:17:51 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2I55BTWGdggOt1wbDEiOU3Xa6num7KdhPn-9lV8t2Zq6LHCfiH2ETw==
Age: 5418
cdn.cookielaw.org/consent/dba35d25-ed8a-4c6b-a9d4-17eb16750212/dba35d25-ed8a-4c6b-a9d4-17eb16750212.json
104.16.149.64200 OK 1.5 kB URL HTTP/2 cdn.cookielaw.org/consent/dba35d25-ed8a-4c6b-a9d4-17eb16750212/dba35d25-ed8a-4c6b-a9d4-17eb16750212.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (3589), with no line terminators
Hash 5a246f29933430a7cc3fc1a41c7ea972
bac1e0da3cdbbdfa43d887eb1f2555f424d0ed03
0311ae414b8fd8c12cbc39746a1b46688dff2944dbcef795bf790fc73226144b
GET /consent/dba35d25-ed8a-4c6b-a9d4-17eb16750212/dba35d25-ed8a-4c6b-a9d4-17eb16750212.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hellofresh.no
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:08 GMT
content-type: application/x-javascript
content-length: 1489
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: WiRvKZM0MKfMP8GkHH6pcg==
last-modified: Thu, 24 Mar 2022 17:03:29 GMT
etag: 0x8DA0DB83809970C
x-ms-request-id: 32d930e1-001e-003b-7436-599ab8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 62418
expires: Tue, 10 Jan 2023 21:48:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 787060188cf2b4ee-OSL
X-Firefox-Spdy: h2
web-chat-tag-cdn.s3.eu-west-1.amazonaws.com/live/chat-live.js
52.218.116.122200 OK 52 kB URL HTTP/1.1 web-chat-tag-cdn.s3.eu-west-1.amazonaws.com/live/chat-live.js
IP 52.218.116.122:0
File type Unicode text, UTF-8 text, with very long lines (65459)
Hash ec8dd6d937918496f3c59ae6e5282e19
995ac5384ad2d8af99878eca6c420cc1b8304ba8
fef1a51483bbfd1e9f802995724f9d40469e451e4aeb577b3bc45687357df304
GET /live/chat-live.js HTTP/1.1
Host: web-chat-tag-cdn.s3.eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: RrfnYTtRAWniN2HvkR0lXyTxaf4LI8DosBWRCT63DqRjdHx3ZRDPLbvU77SvtR4wxz+wEto2ZyA=
x-amz-request-id: MZXQRDSC60QR0H9B
Date: Mon, 09 Jan 2023 21:48:09 GMT
x-amz-replication-status: FAILED
Last-Modified: Fri, 23 Dec 2022 12:18:04 GMT
ETag: "ec8dd6d937918496f3c59ae6e5282e19"
Cache-Control: no-cache,max-age=0,immutable
Content-Encoding: gzip
x-amz-version-id: LFDevC4oYPGlvvTYZoD0SqRaWa8PdV5x
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 52442
tms.hft.hellofresh.no/measurement-script
34.110.220.115200 OK 254 kB URL HTTP/2 tms.hft.hellofresh.no/measurement-script
IP 34.110.220.115:0
Size 254 kB (253715 bytes)
Hash 8eef9cf97e51b87372f18da05dec863a
3afe8a8ba7c038acc58f1b4f69ead49571c7b5b0
1889b2d948c543d7d05827fb76c866eb6790fa1526b2a0c7df254232c801a89f
GET /measurement-script HTTP/1.1
Host: tms.hft.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-ranges: none
x-cloud-trace-context: c8e45f1508375a6a785e47b7d8a2efee
date: Mon, 09 Jan 2023 21:48:08 GMT
server: Google Frontend
content-length: 219146
via: 1.1 google
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Ifmjw5UV6aI
142.250.74.131200 OK 2.9 kB URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Ifmjw5UV6aI
IP 142.250.74.131:0
Hash a9b1ae415967658d9884d7a98daf5d51
25fe364406d6bea649262e6bf5019de703977d52
f9d155c017f2da25df1c671079fe82a44513afe93c0df0cf27a8ae3b7bda7e11
POST /s/gts1d4/Ifmjw5UV6aI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
188.114.99.234200 OK 81 kB URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 188.114.99.234:0
File type JSON data\012- , ASCII text, with very long lines (65396)
Hash e61636cdeb1ba33d07b8ee70a419c40f
036762f3c58b7138da52068ebc1ea37edf917540
e9f512b60a58a0087295dd28273f6a1bb9b74512d197ed8d739da16753d9df95
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hellofresh.no
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:08 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 787060194a2ab521-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
web-chat-tag-cdn.s3.eu-west-1.amazonaws.com/live/602.js
52.218.116.122200 OK 6.5 kB URL HTTP/1.1 web-chat-tag-cdn.s3.eu-west-1.amazonaws.com/live/602.js
IP 52.218.116.122:0
File type ASCII text, with very long lines (16174)
Hash 4fe7ae4a40dd8f2f40a3f586a70eca31
c6cfbaa1ff3b5dbbf644a2c8e5b89d1f3c7fdd15
a1752c50200e40e9b56f5799f45ed1d9c4af41916973bc956ecdc66c6bcf0720
GET /live/602.js HTTP/1.1
Host: web-chat-tag-cdn.s3.eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: sc4MS698dn0GdRQgNhzsBjSXw3spDp5H2nxew5rnABjBPmH2IbVlJYLzpcJb1aZy6qbMuO3yOf4=
x-amz-request-id: MZXQGG4HSKA8Q0PK
Date: Mon, 09 Jan 2023 21:48:09 GMT
x-amz-replication-status: FAILED
Last-Modified: Fri, 23 Dec 2022 12:18:04 GMT
ETag: "4fe7ae4a40dd8f2f40a3f586a70eca31"
Cache-Control: no-cache,max-age=0,immutable
Content-Encoding: gzip
x-amz-version-id: AuXBCcT5HRAwaVopAfQvLpgWndBPaPVj
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 6479
web-chat-tag-cdn.s3.eu-west-1.amazonaws.com/live/core-bubble.js
52.218.116.122200 OK 1.0 kB URL HTTP/1.1 web-chat-tag-cdn.s3.eu-west-1.amazonaws.com/live/core-bubble.js
IP 52.218.116.122:0
File type ASCII text, with very long lines (2132), with no line terminators
Hash 4f9eca1bb3e3abc3a0b39117cc9b54d2
67a1564ce97d6e7d5c0139de09a4bdaf35cca517
f275a273641cea011f4a9cba98091e0cf57090db9f6e0a8b35b919d629ffd0af
GET /live/core-bubble.js HTTP/1.1
Host: web-chat-tag-cdn.s3.eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: mgNo4s3JIwEUmpYR7Trc9exxHvWvlFIOjlh1N+aBOfOwZGqxx2VY0uqo2wT6xhrB0wnEFyOafl4=
x-amz-request-id: MZXW5ZCAPZ893Z9C
Date: Mon, 09 Jan 2023 21:48:09 GMT
x-amz-replication-status: FAILED
Last-Modified: Fri, 23 Dec 2022 12:18:04 GMT
ETag: "4f9eca1bb3e3abc3a0b39117cc9b54d2"
Cache-Control: no-cache,max-age=0,immutable
Content-Encoding: gzip
x-amz-version-id: D4PeBedJfgDje8e6yzXBnrb6BW07KxII
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 1031
cdn3.optimizely.com/js/geo4.js
104.110.9.127200 OK 302 B URL HTTP/1.1 cdn3.optimizely.com/js/geo4.js
IP 104.110.9.127:0
Hash 56e10233eaa57653e63ee929e1c619cf
864e4dfc0f6b0a2d73680b80eb476003b303eab7
4515bfcea10a9dfd175ba279138db6023e67d536edb9c9b542b4af85d8fc7146
GET /js/geo4.js HTTP/1.1
Host: cdn3.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AmazonS3
Content-Length: 302
Content-Type: application/javascript
x-amz-id-2: +tkr/7Ns7kenSzCK7455ZyE4sN+8K/pZ+M8ci8OpfMRII6vk5qGLnhIQW4kmSFsTbjS5D/kX93I=
Unused62: 8096267
x-amz-version-id: F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
x-amz-server-side-encryption: AES256
ETag: "8777c006589ecabfa3d63a6b5bf24393"
x-amz-replication-status: COMPLETED
x-amz-request-id: M8KPVV219SSHET6W
Cache-Control: max-age=46454
Date: Mon, 09 Jan 2023 21:48:08 GMT
Connection: keep-alive
cdn.cookielaw.org/consent/dba35d25-ed8a-4c6b-a9d4-17eb16750212/1974ae4d-21d2-4d6b-9857-228eede9d155/en.json
104.16.149.64200 OK 13 kB URL HTTP/2 cdn.cookielaw.org/consent/dba35d25-ed8a-4c6b-a9d4-17eb16750212/1974ae4d-21d2-4d6b-9857-228eede9d155/en.json
IP 104.16.149.64:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (52736), with no line terminators
Hash 64905c28fee7087e41b026df86019c3a
2316ec15d0eee8a72d24ff5cd92e1816a173ab7b
f7b17e915641c72661fc9086769a61a6d6d0d5827967840f9d9fb4771253a785
GET /consent/dba35d25-ed8a-4c6b-a9d4-17eb16750212/1974ae4d-21d2-4d6b-9857-228eede9d155/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hellofresh.no/
Origin: https://www.hellofresh.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:09 GMT
content-type: application/x-javascript
content-length: 12696
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: ZJBcKP7nCH5BsCbfhgGcOg==
last-modified: Thu, 24 Mar 2022 17:03:30 GMT
etag: 0x8DA0DB838CE0408
x-ms-request-id: f5f1c29d-d01e-00b1-18a1-3f209b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 65778
expires: Tue, 10 Jan 2023 21:48:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870601ceb2fb4ee-OSL
X-Firefox-Spdy: h2
a10561433763.cdn.optimizely.com/client_storage/a10561433763.html
104.110.8.48200 OK 933 B URL HTTP/2 a10561433763.cdn.optimizely.com/client_storage/a10561433763.html
IP 104.110.8.48:0
File type HTML document, ASCII text, with very long lines (1371)
Hash 8d55c8ea3412babf8ab7a149489f2b97
80c69bdefc8bc54ae6a759586b4b67edc6997182
fbe62691281c45f91368cc12bf78c2dc202681868c5dc29a84219cf5169b68f1
GET /client_storage/a10561433763.html HTTP/1.1
Host: a10561433763.cdn.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KJv/tkY9VEcnPWlfyXeu5QQL2hrouaFVGrOTI6lTP905zt52x+lZaEPcQ3GiMkIEjWcH8P8Bscg=
x-amz-request-id: 3HFV97YE0Y4YKDVX
x-amz-replication-status: COMPLETED
last-modified: Fri, 06 Jan 2023 16:19:46 GMT
etag: "8d55c8ea3412babf8ab7a149489f2b97"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: RK6ccjCRh7dmVVOZP_W6r80xrWIDiSn7
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: AmazonS3
content-length: 933
vary: Accept-Encoding
cache-control: max-age=120
date: Mon, 09 Jan 2023 21:48:09 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="3";dur=0,cdnip;desc="104.110.8.48";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.32.0/assets/otFloatingRoundedIcon.json
104.16.149.64200 OK 3.8 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.32.0/assets/otFloatingRoundedIcon.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (12537)
Hash bc553ebbad3b4169074812236c5abde7
a10efd019ec0717559f3a00d705899fcd360fb1e
c8f3010e2203276c0921484571ea442eb9708a898fb90bb19884ef3ab89daf3e
GET /scripttemplates/6.32.0/assets/otFloatingRoundedIcon.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hellofresh.no/
Origin: https://www.hellofresh.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:09 GMT
content-type: application/json
content-length: 3789
content-encoding: gzip
content-md5: vFU+u607QWkHSBIjbFq95w==
last-modified: Fri, 18 Mar 2022 16:29:15 GMT
etag: 0x8DA08FC717A55ED
x-ms-request-id: c4691d25-d01e-0093-57a1-3f4ead000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 65828
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870601d4bb0b4ee-OSL
X-Firefox-Spdy: h2
www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/9157.81420923b2a139db.js
104.18.22.147200 OK 6.3 kB URL HTTP/2 www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/9157.81420923b2a139db.js
IP 104.18.22.147:0
File type ASCII text, with very long lines (23278)
Hash a9ac1947cdb7e4135705495ceacb707c
71bbbb055d74146492e0d0e2da16f2dce046f14a
773b78f54f17e8f8d04c96253172abfb56dd9ac80ed19e3f620694d74198c405
GET /assets/releases/web-infra/_next/static/chunks/9157.81420923b2a139db.js HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
etag: W/"8a1ae07054ec11d8527c3dbf135d1b9f"
last-modified: Fri, 30 Dec 2022 11:20:28 GMT
x-amz-id-2: qmyynyh08fPmydkUwPGR2Xewzdsw4G6RvmZImsSErYpbzmyyeLG8orKAr36gOT9V5AYi7DiRKbLloR9STPJMwg==
x-amz-request-id: JNHK0J7QMXRQCVYA
x-envoy-upstream-service-time: 38
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 901371
expires: Tue, 09 Jan 2024 21:48:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600eed9e0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.32.0/assets/otCommonStyles.css
104.16.149.64200 OK 4.7 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.32.0/assets/otCommonStyles.css
IP 104.16.149.64:0
Hash f06064667f9b6227f656a96e6649b5df
821f974dfa5281b46277aa3e0dae9330763bebe1
2ef7ced2d277883ff961df5b1e5d81c08448e4edc04d485debef093a844c3651
GET /scripttemplates/6.32.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hellofresh.no/
Origin: https://www.hellofresh.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:09 GMT
content-type: text/css
content-md5: SHFDtZO2nDZuiPDW83p1IQ==
last-modified: Fri, 18 Mar 2022 16:29:27 GMT
x-ms-request-id: 8001b0d3-c01e-00c3-72a1-3f51a5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 65828
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870601d4bb2b4ee-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 9dfd233cfc1c02cc301d9fc1e466b2c4
0805e12628d7b5aef3f40e1dc6c788c38d9bfd87
22160dbf0fe9e02d1bdcf122b973cd7f4d94dbc0535002cbdaafc0abce73da11
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 09 Jan 2023 21:48:09 GMT
Last-Modified: Mon, 09 Jan 2023 20:15:48 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oes_cKEU0hr3vjZ5LHcWM--mi6vyaQPHq0BZXauStS4er1F-xjocqQ==
Age: 5541
errors.client.optimizely.com/log
34.226.43.89200 OK 13 B URL HTTP/1.1 errors.client.optimizely.com/log
IP 34.226.43.89:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /log HTTP/1.1
Host: errors.client.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.hellofresh.no/
Origin: https://www.hellofresh.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://www.hellofresh.no
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Mon, 09 Jan 2023 21:48:09 GMT
Content-Length: 13
Connection: keep-alive
www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/69485.7ae09911a226dc90.js
104.18.22.147200 OK 6.9 kB URL HTTP/2 www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/69485.7ae09911a226dc90.js
IP 104.18.22.147:0
File type ASCII text, with very long lines (11400)
Hash 581874366612ad390b055f3d395330d4
e25f4371536287b56c0cf85344ec68bf09d9b618
457fa43fd20364016282502b9f9277847fe901f9638525b7b54088ba4939d17b
GET /assets/releases/web-infra/_next/static/chunks/69485.7ae09911a226dc90.js HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
etag: W/"59e2747e929bc2e839c218fa533d8a1d"
last-modified: Fri, 30 Dec 2022 10:00:56 GMT
x-amz-id-2: L5WZT1khcBCyH4Dl5S1wF8EjQHSDoTngpqeHL3O0hCZoiFu2gci6z7UPOoLKeyhxazEaK6GP970=
x-amz-request-id: PEP4SQ7HFDE4YHST
x-envoy-upstream-service-time: 37
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 906339
expires: Tue, 09 Jan 2024 21:48:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600efdb90b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash f79a41367369b29b85f107b4d6efbf5b
aa77ae923d0600d66e398cd33cabb95d36cca71e
a7560f1a47ea2245fe318a5275f411fa94f5cedf6378c9e8b07bd1799588aeb3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 09 Jan 2023 21:48:10 GMT
Last-Modified: Mon, 09 Jan 2023 20:06:08 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QVWtyJ9-5Cyoecdf7rkDGohKqQcxxwGVNEIqHrMWp5Im_dcxPlPQvQ==
Age: 6122
logx.optimizely.com/v1/events
18.209.129.143204 No Content 0 B URL HTTP/1.1 logx.optimizely.com/v1/events
IP 18.209.129.143:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/events HTTP/1.1
Host: logx.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2234
Origin: https://www.hellofresh.no
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.hellofresh.no
Access-Control-Expose-Headers: X-Results-Data-Source
Content-Type: text/plain
Date: Mon, 09 Jan 2023 21:48:10 GMT
Server: nginx/1.21.0
Timing-Allow-Origin: *
X-Request-Id: d70e8a14-6c86-4b0f-8aa5-1d207630ef3a
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e631c8487092f33e40abd5a168053c77
e00c8392b31952f0f85b81ee2724535b97d30ca2
d67c4cd1d2ccbde08d0d7a7a34c7257f5a1c1e3a886ac3c016f35bd6475496ef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4473
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:11 GMT
Last-Modified: Mon, 09 Jan 2023 20:33:39 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
vipestores.com/links?idw=5608&subid=1iiega71cgv2
188.114.96.1200 OK 0 B URL HTTP/2 vipestores.com/links?idw=5608&subid=1iiega71cgv2
IP 188.114.96.1:0
GET /links?idw=5608&subid=1iiega71cgv2 HTTP/1.1
Host: vipestores.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:05 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImNUdFBQNkVVS3l3Rllic091aDU5K1E9PSIsInZhbHVlIjoiU3h2a0ZFT0NzZlRZSUhocVdscVNoTXFGNlNiYm8vNzFOM3A1N2Y1cHViS1Vodjdxc1M4NENnNmlRSDFXSjQ4TyIsIm1hYyI6ImYzNTEwNTg2ZjkzMTRhMzZkYzIxZjNjMzJiNjAyMGMyMWQ0MjNjMzYxZmJlYWE1NDA0ZDgyMThlNGEwMTY3N2EifQ%3D%3D; expires=Mon, 09-Jan-2023 23:48:05 GMT; Max-Age=7200; path=/; samesite=lax
vipstores_session=eyJpdiI6InNjNE9td2U5c2NsM2VYQjlpVWh6c3c9PSIsInZhbHVlIjoiWWE1bUZPZEU2Z1pIWVJIV2RUdVp3d3BWbUtTaXA0bzRLd0F0eDhrcEtYeTNVVXNkd2EwUG9iSmE5Y1l2eVlrdyIsIm1hYyI6ImI4ZDM0NWRjZmJjNGMyN2Y2ZGRjOGQwMWI3ZjYzMzYwODMzZGYwZWFjZGNkYmYzN2VlZjEzZjNlZDQxNzUzNTAifQ%3D%3D; expires=Mon, 09-Jan-2023 23:48:05 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKLVhggLfVQpd4vcfaMds356U5wA%2FO2EjaYFAC3PMlGWuQjBpf3Kip7hvMjoAbTje18vDC1IZ4Sul%2BjtUHRR9N5zHZZxmABqGOxRe1etMB1XyRXsqVfUfKTqY1JLvLQjwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78706003da54b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/27081.2e253a86426f2b6b.js
104.18.22.147200 OK 0 B URL HTTP/2 www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/27081.2e253a86426f2b6b.js
IP 104.18.22.147:0
GET /assets/releases/web-infra/_next/static/chunks/27081.2e253a86426f2b6b.js HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
etag: W/"e1223e117d502372d73299cd969e6dcb"
last-modified: Fri, 02 Dec 2022 08:10:04 GMT
x-amz-id-2: hb2VlWPeKuc1Ot4m+ixkgR1d+MsNwLUlHdSYSYz/iV4iXu/vdeozE9BJ2F3vxchNrk63CaN5vhE=
x-amz-request-id: 6ZHYV1E0Y9GYC4PT
x-envoy-upstream-service-time: 46
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 3331982
expires: Tue, 09 Jan 2024 21:48:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600edd940b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/96728-083f69f75d5fcb34.js
104.18.22.147200 OK 0 B URL HTTP/2 www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/96728-083f69f75d5fcb34.js
IP 104.18.22.147:0
GET /assets/releases/web-infra/_next/static/chunks/96728-083f69f75d5fcb34.js HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
etag: W/"75becef08b50d24e8e9d78e6ac70ff84"
last-modified: Thu, 01 Dec 2022 14:30:30 GMT
x-amz-id-2: Xb6fMt/+P5XatjSpDpigrGOzaZgb0Mk13zRFTc65/zZWPQIGK1ej3ffuD6J5eNCXppaHzF/Ozw0=
x-amz-request-id: XCP6PRNF5H85W1BW
x-envoy-upstream-service-time: 12
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 3395506
expires: Tue, 09 Jan 2024 21:48:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600edd960b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/58989.27f517411f39292a.js
104.18.22.147200 OK 0 B URL HTTP/2 www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/58989.27f517411f39292a.js
IP 104.18.22.147:0
GET /assets/releases/web-infra/_next/static/chunks/58989.27f517411f39292a.js HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
etag: W/"e7cc013e8103cdc84b37ea066aa6adec"
last-modified: Tue, 03 Jan 2023 14:05:24 GMT
x-amz-id-2: KqYQFGDnkWj1qfDty2LWmiv/bzq2uNa7AqA1YQvOuNuUbaBRwV+Re5u0uWE3q/J4PNOsHzbgamU=
x-amz-request-id: 5HV7Y11HBC9YC6GZ
x-envoy-upstream-service-time: 27
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 546045
expires: Tue, 09 Jan 2024 21:48:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600eed9f0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/15048.c02a3ee93060f03b.js
104.18.22.147200 OK 0 B URL HTTP/2 www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/15048.c02a3ee93060f03b.js
IP 104.18.22.147:0
GET /assets/releases/web-infra/_next/static/chunks/15048.c02a3ee93060f03b.js HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
etag: W/"b428a80996142a09ed263d3a3209c565"
last-modified: Mon, 05 Dec 2022 13:45:33 GMT
x-amz-id-2: 9/BmaxVvvArH3fmUZ3rFG7EZ6NyNFk1d9hbw1UXR0WV2BGOgwidr1hZZv2QBwtWNoc2FWe6k3Ws=
x-amz-request-id: 1Y01203N1969H10G
x-envoy-upstream-service-time: 26
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 3052659
expires: Tue, 09 Jan 2024 21:48:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600eeda30b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/90080.abce0a8caee5d0ae.js
104.18.22.147200 OK 0 B URL HTTP/2 www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/90080.abce0a8caee5d0ae.js
IP 104.18.22.147:0
GET /assets/releases/web-infra/_next/static/chunks/90080.abce0a8caee5d0ae.js HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
etag: W/"48f2f2fe98775c559c2c9935f0d93976"
last-modified: Tue, 03 Jan 2023 14:05:26 GMT
x-amz-id-2: nO62jHzCiUk0gUGXqNzwlbukhO7jnUJlEcuUDA063ILbdXWwthF8ITcp7m6DE/A4pC+O7nDNTUA=
x-amz-request-id: 5HV3B5KRJCWCZCF3
x-envoy-upstream-service-time: 28
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 546045
expires: Tue, 09 Jan 2024 21:48:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600efdba0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vipestores.com/no/food/hellofreshno
188.114.96.1200 OK 0 B URL HTTP/2 vipestores.com/no/food/hellofreshno
IP 188.114.96.1:0
GET /no/food/hellofreshno HTTP/1.1
Host: vipestores.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImNUdFBQNkVVS3l3Rllic091aDU5K1E9PSIsInZhbHVlIjoiU3h2a0ZFT0NzZlRZSUhocVdscVNoTXFGNlNiYm8vNzFOM3A1N2Y1cHViS1Vodjdxc1M4NENnNmlRSDFXSjQ4TyIsIm1hYyI6ImYzNTEwNTg2ZjkzMTRhMzZkYzIxZjNjMzJiNjAyMGMyMWQ0MjNjMzYxZmJlYWE1NDA0ZDgyMThlNGEwMTY3N2EifQ%3D%3D; vipstores_session=eyJpdiI6InNjNE9td2U5c2NsM2VYQjlpVWh6c3c9PSIsInZhbHVlIjoiWWE1bUZPZEU2Z1pIWVJIV2RUdVp3d3BWbUtTaXA0bzRLd0F0eDhrcEtYeTNVVXNkd2EwUG9iSmE5Y1l2eVlrdyIsIm1hYyI6ImI4ZDM0NWRjZmJjNGMyN2Y2ZGRjOGQwMWI3ZjYzMzYwODMzZGYwZWFjZGNkYmYzN2VlZjEzZjNlZDQxNzUzNTAifQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:05 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InJ6Vmo4TzNBUlhXRXFhanMvMWhpMHc9PSIsInZhbHVlIjoiTTQwUys5SEhwbXNwZ01IVCswZGhrMmRyODA4d2pmSjVWZVlRQ1M4bUxSYjR3RGxXRkcwS3Z2anpSNzRWa0xmciIsIm1hYyI6ImY3NmU0YzY2NWFlOTExY2IwMGRmYjk3Nzk0YmNiZjk3MWY2NTliNTg2NGVlYTk4YjgwYWVlZWFhOTFhMWUxZmYifQ%3D%3D; expires=Mon, 09-Jan-2023 23:48:05 GMT; Max-Age=7200; path=/; samesite=lax
vipstores_session=eyJpdiI6Im1FeHI4b0plenJlR1FyNEtqaTlVSWc9PSIsInZhbHVlIjoiSWo4U0pkcHRBQnNvbXdvU0hQak9YaW8vQk1pdEt0SGsxa1JvTFVjcnZDM2Flb3FmbndXb3JPNzlUTFNsMStNTSIsIm1hYyI6IjE3NjMzMTEyOGJkMTFiZDFmZGU0MzgxYTNmM2FmNzU4OGIzNDM4NzZiMGIzOWY2MDE4ODBkMDMwZDdkMmRhZGIifQ%3D%3D; expires=Mon, 09-Jan-2023 23:48:05 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpkTCyVXaMdp1KL1gWf5%2BI1bFHUzlHD51VRI8fklD%2Fa30Cql25UQ%2BHWrujO1QrZ7lHLYmE8JF3IfvzpmHKyIarWe5yqwHc9I24zrYfMd9OKZxfkQClt2gJzceyHhJxvtSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 787060049b6eb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
104.18.22.147200 OK 0 B URL HTTP/2 www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
IP 104.18.22.147:0
GET /pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vipestores.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: text/html; charset=utf-8
cf-ray: 78706009a8950b41-OSL
cache-control: public, max-age=14400
content-language: nb-NO
vary: Accept-Encoding
cf-cache-status: MISS
x-content-type-options: nosniff
x-envoy-upstream-service-time: 329
x-frame-options: SAMEORIGIN
x-powered-by: Next.js
x-xss-protection: 1; mode=block
set-cookie: hf_landing_page=NO-ValueMessaging-Main-Page; Path=/pages/inspiration-delivered; expires=Mon Jan 23 2023 21:48:06 GMT+0000 (Coordinated Universal Time)
__cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; path=/; expires=Mon, 09-Jan-23 22:18:06 GMT; domain=.hellofresh.no; HttpOnly; Secure; SameSite=None
__cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886; path=/; domain=.hellofresh.no; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/38579-889b7a07fe69de4d.js
104.18.22.147200 OK 0 B URL HTTP/2 www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/38579-889b7a07fe69de4d.js
IP 104.18.22.147:0
GET /assets/releases/web-infra/_next/static/chunks/38579-889b7a07fe69de4d.js HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
etag: W/"508a45550fc4ea5c442d6374fd38a152"
last-modified: Fri, 21 Oct 2022 10:46:29 GMT
x-amz-id-2: LFiqf+Jg83UUMULwyQSskY3hVK4jIAqbJtrps/7joVKy9MWKtTLLO2eo8yZKlOeqASIyptwtmH4=
x-amz-request-id: HGGSAXXS4EQH80VS
x-envoy-upstream-service-time: 46
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 3540871
expires: Tue, 09 Jan 2024 21:48:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600edd970b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/40412-0ac930b68918dd80.js
104.18.22.147200 OK 0 B URL HTTP/2 www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/40412-0ac930b68918dd80.js
IP 104.18.22.147:0
GET /assets/releases/web-infra/_next/static/chunks/40412-0ac930b68918dd80.js HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
etag: W/"c3991178d212d2e9560c26dac74c9018"
last-modified: Thu, 01 Dec 2022 14:30:27 GMT
x-amz-id-2: jN7GVXjy7dLTyqVjsCtYPw9aldwJ6MMn7wlCGsxQi40nR8dxspztC0vkuUyUtogBJBArQQJ4JXE=
x-amz-request-id: 9VWJDEE72KPDBFGS
x-envoy-upstream-service-time: 25
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 3395492
expires: Tue, 09 Jan 2024 21:48:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600eeda80b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.optimizely.com/js/10774230797.js
23.38.200.155200 OK 0 B URL HTTP/2 cdn.optimizely.com/js/10774230797.js
IP 23.38.200.155:0
GET /js/10774230797.js HTTP/1.1
Host: cdn.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ms1c0/iby45OrcEKN3lvFT4WCJhqpWAEm+rGXpNrvst5BdetmluyOfm9YopRt4fTVDfcFachiPU=
x-amz-request-id: 7GCG2FWHT0KT7WTW
x-amz-replication-status: PENDING
last-modified: Fri, 06 Jan 2023 16:21:32 GMT
etag: "bfd740a5c03ef9f908f650faf1ea7047"
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 24971
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: op3dfFP885.pHHDLoHs76kG2avPpWzyz
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
server: AmazonS3
content-length: 242322
vary: Accept-Encoding
cache-control: max-age=600
date: Mon, 09 Jan 2023 21:48:08 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="2";dur=0,cdnip;desc="23.38.200.155";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/lp-hero-productConfiguratorSection.abdccb6c06786309.js
104.18.22.147200 OK 0 B URL HTTP/2 www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/lp-hero-productConfiguratorSection.abdccb6c06786309.js
IP 104.18.22.147:0
GET /assets/releases/web-infra/_next/static/chunks/lp-hero-productConfiguratorSection.abdccb6c06786309.js HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
etag: W/"8a5720797f51dbd1ad87a5f1c8321e18"
last-modified: Thu, 22 Dec 2022 12:14:36 GMT
x-amz-id-2: zdqsaK4xo+MyerFbLr6UyvrDopRJMaBDIYEBGpf52j6i2nsu9xflhSqck1HquQSo7dUyTbPB5tI=
x-amz-request-id: Q7N9320YVVGBKTKC
x-envoy-upstream-service-time: 28
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1589320
expires: Tue, 09 Jan 2024 21:48:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600eeda00b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/77156.834942a7a399f921.js
104.18.22.147200 OK 0 B URL HTTP/2 www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/77156.834942a7a399f921.js
IP 104.18.22.147:0
GET /assets/releases/web-infra/_next/static/chunks/77156.834942a7a399f921.js HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
etag: W/"7a97c96da40e7a07d5538e5ed99b1758"
last-modified: Thu, 05 Jan 2023 08:40:55 GMT
x-amz-id-2: Z1qvgpigmdeE2QBLQkuXSgcKzsPazUJaFgRaNZZp4d/PQ7PEubL5+Rft5+96Rws59nSg5qMl8zY=
x-amz-request-id: K6Y6MC82GXWGBJT9
x-envoy-upstream-service-time: 35
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 392509
expires: Tue, 09 Jan 2024 21:48:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600eeda60b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/lp-hero-contentModuleSection.3d9cc755a24bc52e.js
104.18.22.147200 OK 0 B URL HTTP/2 www.hellofresh.no/assets/releases/web-infra/_next/static/chunks/lp-hero-contentModuleSection.3d9cc755a24bc52e.js
IP 104.18.22.147:0
GET /assets/releases/web-infra/_next/static/chunks/lp-hero-contentModuleSection.3d9cc755a24bc52e.js HTTP/1.1
Host: www.hellofresh.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.no/pages/inspiration-delivered?irclickid=weX2I2RxqxyNUEFX6ETKYS8DUkAwWERlD1MORM0&irgwc=1&utm_source=affiliate&utm_medium=cpo&utm_campaign=NO_0_WEB_0_BAU_IR_NWK_VIPAffiliateNetwork_DIS-1099-AMT-4_VIP1099_VIP%20Affiliate%20Network_229435&utm_content=TEXT_LINK&c=VIP1099&dis=communication_one
Cookie: __cf_bm=S_2lsmNIiPUzJfCdqwewq.AKLde5QYirKQklqCbL0KU-1673300886-0-AR9SOWIGz67pkETvC5mY/Yc5CdMGR4V+wRwKVL/8Y1nWq8XUycrJDsc3nV3Kx7Mh5xUFo34+IGWLLJOcGOb1WKfD93QqiWFKzRc+UzQ4qIQf; __cfruid=343d50f1f5eb53a2b991b10e711fb16863770a24-1673300886
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:48:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
etag: W/"4d8b7c8dad90855e001717f4ccd5b13c"
last-modified: Tue, 03 Jan 2023 15:25:10 GMT
x-amz-id-2: p0g8mMo22bDDKgObi06l5BoF2loRs0h8OXxIzW7dFLdhoxFdTQwUmZ4TG7QfSrKcxRPyL30d+s0=
x-amz-request-id: 4S9BT33MMTQKRV11
x-envoy-upstream-service-time: 41
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 541276
expires: Tue, 09 Jan 2024 21:48:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7870600efdc10b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 0 B IP 93.184.220.29:0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:48:07 GMT
Etag: "63bc15b4-117"
Server: ECS (amb/6B75)
Content-Length: 279