simuladordeempresa.com/wp-content/kred.exe
94.229.72.116200 OK 502 B URL HTTP/1.1 simuladordeempresa.com/wp-content/kred.exe
IP 94.229.72.116:0
ASN #42831 UK Dedicated Servers Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (502), with no line terminators
Hash 47ce96b539db7950079b7c4e1353839e
9ac0379c523787e1f5e9e95c944dfd38f680dff8
1d5c54b39f4fb6cb72a76bf29d7f045d239c2a6da8f3361a2b8a9026d7b7d8f6
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata high ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
GET /wp-content/kred.exe HTTP/1.1
Host: simuladordeempresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 502
content-type: text/html; charset=utf-8
date: Tue, 21 Feb 2023 09:40:11 GMT
server: nginx
set-cookie: sid=bca9d07a-b1cb-11ed-8998-b78240a735e7; path=/; domain=.simuladordeempresa.com; expires=Sun, 11 Mar 2091 12:54:19 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 13d4983fb8a0ee2cb855663cc9d8f6a0
1f85fc46435f86d7f414e310670c9afe27ea9532
f4bc8150273c4fc6e90c9df8e074823a78dc8409bfcc00616265e24d7d663498
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4BC8150273C4FC6E90C9DF8E074823A78DC8409BFCC00616265E24D7D663498"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4566
Expires: Tue, 21 Feb 2023 10:56:18 GMT
Date: Tue, 21 Feb 2023 09:40:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48b5fafb12e15fbede4669b549518d50
ee82e527d3c45ebbc1865cd56b93e1be5ac933db
94036245b7831c01d3112f661bd909369c9b3af89ab37be7fb07f2254a7df7d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94036245B7831C01D3112F661BD909369C9B3AF89AB37BE7FB07F2254A7DF7D5"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4268
Expires: Tue, 21 Feb 2023 10:51:20 GMT
Date: Tue, 21 Feb 2023 09:40:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 97d7dde89cca188d19690d7bf759d034
7ec36525c8b5e8e278f0c5f26da3316687d89041
f8b500f9b1e8188807aab20f8e2540b5b2e888b13ff5f6f6211bbc28056f23e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8B500F9B1E8188807AAB20F8E2540B5B2E888B13FF5F6F6211BBC28056F23E8"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3941
Expires: Tue, 21 Feb 2023 10:45:53 GMT
Date: Tue, 21 Feb 2023 09:40:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ukitxBCilfZALM2NhB+CK5uCoPFAZLfBr+nl9M85I3ZfLb2VNca218YxaIpSJUk2Ci9J+F1t0VIPTc12LTy5gw==
x-amz-request-id: 9F6GBKMHZQ0CWD2Z
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Tue, 21 Feb 2023 08:52:41 GMT
age: 2851
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
content-length: 5348
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Feb 2023 09:38:04 GMT
content-type: application/json
age: 128
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 09:40:12 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
simuladordeempresa.com/favicon.ico
94.229.72.116404 Not Found 9 B URL HTTP/1.1 simuladordeempresa.com/favicon.ico
IP 94.229.72.116:0
ASN #42831 UK Dedicated Servers Limited
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: simuladordeempresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://simuladordeempresa.com/wp-content/kred.exe
Cookie: sid=bca9d07a-b1cb-11ed-8998-b78240a735e7
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Tue, 21 Feb 2023 09:40:11 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, Pragma, Expires, Cache-Control, Retry-After, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Feb 2023 09:20:35 GMT
age: 1177
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94d194d4728ee415fb180610c25cb8cb
9b6a935fd24c43f427d6377d2d278592dcbcb372
cada2d0987669f945549c8f526568c04c4e0a3b662fb2c3efd30efe3a40e2577
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CADA2D0987669F945549C8F526568C04C4E0A3B662FB2C3EFD30EFE3A40E2577"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4148
Expires: Tue, 21 Feb 2023 10:49:21 GMT
Date: Tue, 21 Feb 2023 09:40:13 GMT
Connection: keep-alive
simuladordeempresa.com/wp-content/kred.exe?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3Njk3OTYxMiwiaWF0IjoxNjc2OTcyNDEyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDJzcjFnazN0djNqYmFvNGcyM3VvNDEiLCJuYmYiOjE2NzY5NzI0MTIsInRzIjoxNjc2OTcyNDEyMDEyMjY0fQ.3HV7cRa3NKrJS26AHdeNY2m2MvIa1qlQFNc30MLpwwE&sid=bca9d07a-b1cb-11ed-8998-b78240a735e7
94.229.72.116302 Found 11 B URL HTTP/1.1 simuladordeempresa.com/wp-content/kred.exe?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3Njk3OTYxMiwiaWF0IjoxNjc2OTcyNDEyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDJzcjFnazN0djNqYmFvNGcyM3VvNDEiLCJuYmYiOjE2NzY5NzI0MTIsInRzIjoxNjc2OTcyNDEyMDEyMjY0fQ.3HV7cRa3NKrJS26AHdeNY2m2MvIa1qlQFNc30MLpwwE&sid=bca9d07a-b1cb-11ed-8998-b78240a735e7
IP 94.229.72.116:0
ASN #42831 UK Dedicated Servers Limited
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /wp-content/kred.exe?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3Njk3OTYxMiwiaWF0IjoxNjc2OTcyNDEyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDJzcjFnazN0djNqYmFvNGcyM3VvNDEiLCJuYmYiOjE2NzY5NzI0MTIsInRzIjoxNjc2OTcyNDEyMDEyMjY0fQ.3HV7cRa3NKrJS26AHdeNY2m2MvIa1qlQFNc30MLpwwE&sid=bca9d07a-b1cb-11ed-8998-b78240a735e7 HTTP/1.1
Host: simuladordeempresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://simuladordeempresa.com/wp-content/kred.exe
Cookie: sid=bca9d07a-b1cb-11ed-8998-b78240a735e7
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Tue, 21 Feb 2023 09:40:12 GMT
location: http://r.redirekted.com/redirect?redirect_id=fc12eaa97b015917f56713086892b6b4&request_id=6c08baaeb438f3538834edf31fb76189
server: nginx
set-cookie: sid=bca9d07a-b1cb-11ed-8998-b78240a735e7; path=/; domain=.simuladordeempresa.com; expires=Sun, 11 Mar 2091 12:54:20 GMT; max-age=2147483647; HttpOnly
push.services.mozilla.com/
35.82.221.194101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.221.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zjOtk7fG1/HiF4B2ZB65YA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /YJh3tFCaBI52bwTNp2rxhyG2zs=
r.redirekted.com/redirect?redirect_id=fc12eaa97b015917f56713086892b6b4&request_id=6c08baaeb438f3538834edf31fb76189
66.165.243.160200 OK 804 B URL HTTP/1.1 r.redirekted.com/redirect?redirect_id=fc12eaa97b015917f56713086892b6b4&request_id=6c08baaeb438f3538834edf31fb76189
IP 66.165.243.160:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (303)
Hash 4f9821278b0a24bcdadf0515921c4523
ead401ed790490e5ba6bcfbcffa0150bb68922b3
014fc51b9e996ec9a8e4cdd30c704dfe63f56a9859cb1960a4d028c25e453b68
GET /redirect?redirect_id=fc12eaa97b015917f56713086892b6b4&request_id=6c08baaeb438f3538834edf31fb76189 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://simuladordeempresa.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.23.3
Date: Tue, 21 Feb 2023 09:40:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.1.13
r.redirekted.com/css/adren.css?n=3436737181
66.165.243.160200 OK 243 B URL HTTP/1.1 r.redirekted.com/css/adren.css?n=3436737181
IP 66.165.243.160:0
Hash f72acd3fece9f7cf58643616c745b2ea
92bc529a83c5466fbf6b9e702eef1e59644687a1
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
GET /css/adren.css?n=3436737181 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=fc12eaa97b015917f56713086892b6b4&request_id=6c08baaeb438f3538834edf31fb76189
HTTP/1.1 200 OK
Server: nginx/1.23.3
Date: Tue, 21 Feb 2023 09:40:13 GMT
Content-Type: text/css
Content-Length: 243
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-f3"
Accept-Ranges: bytes
r.redirekted.com/js/adren.min.js?n=3436737181
66.165.243.160200 OK 7.5 kB URL HTTP/1.1 r.redirekted.com/js/adren.min.js?n=3436737181
IP 66.165.243.160:0
File type ASCII text, with very long lines (7528), with no line terminators
Hash 9a9ec61d7e275f25fe83f0aa93bd2e41
8a3a23c432b601e9f8f8fe2b61f0fedbc341c9ac
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
GET /js/adren.min.js?n=3436737181 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=fc12eaa97b015917f56713086892b6b4&request_id=6c08baaeb438f3538834edf31fb76189
HTTP/1.1 200 OK
Server: nginx/1.23.3
Date: Tue, 21 Feb 2023 09:40:13 GMT
Content-Type: application/javascript
Content-Length: 7528
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-1d68"
Accept-Ranges: bytes
r.redirekted.com/favicon.ico
66.165.243.160200 OK 0 B URL HTTP/1.1 r.redirekted.com/favicon.ico
IP 66.165.243.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=fc12eaa97b015917f56713086892b6b4&request_id=6c08baaeb438f3538834edf31fb76189
HTTP/1.1 200 OK
Server: nginx/1.23.3
Date: Tue, 21 Feb 2023 09:40:13 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-0"
Accept-Ranges: bytes
r.redirekted.com/go?e=NA-pFFuHlX7j3p5bwXbHKCdfwVY5aqdfHsyj3L-AUssgPXw4QsYIaCdfQAukKW4DJr_xUCutlX7jKW51wXbDUM9STrVkKWzDTsyHwC9IvXvkKW8uxsmclL-IFr60aC49Ir_xaCutFBsImqjI2rXu2FltPLtAwq1kmZvyUCetlWSEmq51QAuEaEdRTnSgaFeLHVyj3K8gxXvk3F0xxsmEaCdRTEbAmCaD0ZlgvE0V2VXSFW8tHr-NTC9yFssEmBsAJs7D3F-IPBtgPX89ysbpvB-MaXv1KW1xmXyblK8gHC943p0DzX-taFdDlXYcvL5WJVyDaF-AUp-DGL9cxZm9SM8gRC-Hmpt9SA_pFC
66.165.243.160200 OK 1.8 kB URL HTTP/1.1 r.redirekted.com/go?e=NA-pFFuHlX7j3p5bwXbHKCdfwVY5aqdfHsyj3L-AUssgPXw4QsYIaCdfQAukKW4DJr_xUCutlX7jKW51wXbDUM9STrVkKWzDTsyHwC9IvXvkKW8uxsmclL-IFr60aC49Ir_xaCutFBsImqjI2rXu2FltPLtAwq1kmZvyUCetlWSEmq51QAuEaEdRTnSgaFeLHVyj3K8gxXvk3F0xxsmEaCdRTEbAmCaD0ZlgvE0V2VXSFW8tHr-NTC9yFssEmBsAJs7D3F-IPBtgPX89ysbpvB-MaXv1KW1xmXyblK8gHC943p0DzX-taFdDlXYcvL5WJVyDaF-AUp-DGL9cxZm9SM8gRC-Hmpt9SA_pFC
IP 66.165.243.160:0
File type HTML document, ASCII text, with very long lines (477)
Hash 013c59dd0efec305a8388b432efd4443
168194ae1706203303302daa796aba4200ef2c97
e1083f6fd1529b32ec417c0020eaea228ee5b60be841ad31818725da3e4100ec
GET /go?e=NA-pFFuHlX7j3p5bwXbHKCdfwVY5aqdfHsyj3L-AUssgPXw4QsYIaCdfQAukKW4DJr_xUCutlX7jKW51wXbDUM9STrVkKWzDTsyHwC9IvXvkKW8uxsmclL-IFr60aC49Ir_xaCutFBsImqjI2rXu2FltPLtAwq1kmZvyUCetlWSEmq51QAuEaEdRTnSgaFeLHVyj3K8gxXvk3F0xxsmEaCdRTEbAmCaD0ZlgvE0V2VXSFW8tHr-NTC9yFssEmBsAJs7D3F-IPBtgPX89ysbpvB-MaXv1KW1xmXyblK8gHC943p0DzX-taFdDlXYcvL5WJVyDaF-AUp-DGL9cxZm9SM8gRC-Hmpt9SA_pFC HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=fc12eaa97b015917f56713086892b6b4&request_id=6c08baaeb438f3538834edf31fb76189
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.23.3
Date: Tue, 21 Feb 2023 09:40:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.1.13
Set-Cookie: uuid=5201059491582407680; expires=Wed, 22-Feb-2023 09:40:13 GMT; Max-Age=86400
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20085
Date: Tue, 21 Feb 2023 07:49:37 GMT
Expires: Tue, 21 Feb 2023 09:49:37 GMT
Cache-Control: public, max-age=7200
Age: 6636
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
www.google-analytics.com/collect?v=1&_v=j99&a=1948619690&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHlX7j3p5bwXbHKCdfwVY5aqdfHsyj3L-AUssgPXw4QsYIaCdfQAukKW4DJr_xUCutlX7jKW51wXbDUM9STrVkKWzDTsyHwC9IvXvkKW8uxsmclL-IFr60aC49Ir_xaCutFBsImqjI2rXu2FltPLtAwq1kmZvyUCetlWSEmq51QAuEaEdRTnSgaFeLHVyj3K8gxXvk3F0xxsmEaCdRTEbAmCaD0ZlgvE0V2VXSFW8tHr-NTC9yFssEmBsAJs7D3F-IPBtgPX89ysbpvB-MaXv1KW1xmXyblK8gHC943p0DzX-taFdDlXYcvL5WJVyDaF-AUp-DGL9cxZm9SM8gRC-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1500224953.1676972414&tid=UA-32454353-1&_gid=1885880082.1676972414&cd1=oz9lo258n2kesUk8sT5ipz9hsTgfn3k8sUj%3D&z=1211878507
142.250.74.110200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j99&a=1948619690&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHlX7j3p5bwXbHKCdfwVY5aqdfHsyj3L-AUssgPXw4QsYIaCdfQAukKW4DJr_xUCutlX7jKW51wXbDUM9STrVkKWzDTsyHwC9IvXvkKW8uxsmclL-IFr60aC49Ir_xaCutFBsImqjI2rXu2FltPLtAwq1kmZvyUCetlWSEmq51QAuEaEdRTnSgaFeLHVyj3K8gxXvk3F0xxsmEaCdRTEbAmCaD0ZlgvE0V2VXSFW8tHr-NTC9yFssEmBsAJs7D3F-IPBtgPX89ysbpvB-MaXv1KW1xmXyblK8gHC943p0DzX-taFdDlXYcvL5WJVyDaF-AUp-DGL9cxZm9SM8gRC-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1500224953.1676972414&tid=UA-32454353-1&_gid=1885880082.1676972414&cd1=oz9lo258n2kesUk8sT5ipz9hsTgfn3k8sUj%3D&z=1211878507
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j99&a=1948619690&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHlX7j3p5bwXbHKCdfwVY5aqdfHsyj3L-AUssgPXw4QsYIaCdfQAukKW4DJr_xUCutlX7jKW51wXbDUM9STrVkKWzDTsyHwC9IvXvkKW8uxsmclL-IFr60aC49Ir_xaCutFBsImqjI2rXu2FltPLtAwq1kmZvyUCetlWSEmq51QAuEaEdRTnSgaFeLHVyj3K8gxXvk3F0xxsmEaCdRTEbAmCaD0ZlgvE0V2VXSFW8tHr-NTC9yFssEmBsAJs7D3F-IPBtgPX89ysbpvB-MaXv1KW1xmXyblK8gHC943p0DzX-taFdDlXYcvL5WJVyDaF-AUp-DGL9cxZm9SM8gRC-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1500224953.1676972414&tid=UA-32454353-1&_gid=1885880082.1676972414&cd1=oz9lo258n2kesUk8sT5ipz9hsTgfn3k8sUj%3D&z=1211878507 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Mon, 20 Feb 2023 11:51:03 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 78551
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 68b8f4bfb8e386ee070003be036b3eed
2766fd78fb678348b8ba598d2e6c6f89acc11daf
bbc631effde1308e99aa4763fd1d63773b23a608782d4b89fde8b57b47626311
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2438
Cache-Control: max-age=117065
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:14 GMT
Etag: "63f3ae41-1d7"
Expires: Wed, 22 Feb 2023 18:11:19 GMT
Last-Modified: Mon, 20 Feb 2023 17:30:41 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/offersearchGo?.ts=1676908645033&.sig=25JXDUr7BKlOeY4r9gP_82Md07c-&affiliationId=96965866&comId=100541924&country=no&offerId=0814c71bc80de85d85e18148103914e3&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJCSIQXWymX2uzFeL3W9ZGXkc0Xc0KB75GsUAGXW5KWvuRM8ElLxkapw9Ss6ZJF9IlVakKWjuHsytQF8gwW&custom2=jKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB
95.211.116.26200 OK 31 kB URL HTTP/1.1 no-go.kelkoogroup.net/offersearchGo?.ts=1676908645033&.sig=25JXDUr7BKlOeY4r9gP_82Md07c-&affiliationId=96965866&comId=100541924&country=no&offerId=0814c71bc80de85d85e18148103914e3&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJCSIQXWymX2uzFeL3W9ZGXkc0Xc0KB75GsUAGXW5KWvuRM8ElLxkapw9Ss6ZJF9IlVakKWjuHsytQF8gwW&custom2=jKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12878)
Hash 32d6eac59f5f1558a6b51ef390806c85
fd9ac1ac9077bb931d67086e8eb80144a2b86aa6
cd7c5cb25fc14ba8b213c6a5d80bda271fe5e889c5cd46bd054717b301b64e4f
GET /offersearchGo?.ts=1676908645033&.sig=25JXDUr7BKlOeY4r9gP_82Md07c-&affiliationId=96965866&comId=100541924&country=no&offerId=0814c71bc80de85d85e18148103914e3&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJCSIQXWymX2uzFeL3W9ZGXkc0Xc0KB75GsUAGXW5KWvuRM8ElLxkapw9Ss6ZJF9IlVakKWjuHsytQF8gwW&custom2=jKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://r.redirekted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1676972414142_403730
clickId: 107698111_1676972414136_892350
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=0AChOTxu7tZ2Xl8cE7TmJ7WKv6a7DcHKoR7ORHHgUckvZmO6zAdpO_IZzXSfe8I2lzErPCB4rLijyKbodveVoS5Nr-jI5Hcoe9x4f5WRh~LFDp4gbaO-Q0HC_RThYf8d; Max-Age=31536000; Expires=Wed, 21 Feb 2024 09:40:14 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c626f-186735854b8-2535e; Max-Age=31536000; Expires=Wed, 21 Feb 2024 09:40:14 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
X-DataDome: protected
Request-Time: PT0.01863S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Tue, 21 Feb 2023 09:40:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 31358
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed6b428c070706c22840932790f7cda9590bc7a8e1d587b24ceca08765a48f237cf32b1ed050f464fa9e1be4d7bbbdbe2a7f62f96da533fcb7bc4efb6073c19043300508cd26357cdbf39be54bfd8efb6a2fad63911123fcb2a939a6ddb11d4b52df447e33da7b41f78e633b1926a92b1cb8ca72447a54c27bddbb6298b34f83c9a9b955ebecf855f147d05b931b71e62f729502b5dd24678ae5bf063bde8696c2329fa9a0a3f3f647ff52ede4cb79ab408c7c23f032e0816b12e09184c55510f50039ee353af79c1c33b610bce27dc863674cd2aea052ae8599ca654c65a1fc99a69911181709ba8d188d10398102cf757604f7939ce20a61e6eda47d1f60325ed21b269e6001a2f7363eb545fad274117f5d0edd649dcb89a587a7eac357fc545ddbf266568b356c271fb67b605e8506edb3564e5f56a7f6312a03e9b36b3479f1098c16744df7c4871a4622b82d28cb66feaed547ebf36d01c4c869a0ebfcd3631aa82d604007c073107e6cf5232233b485651ff64fbf1544e3ae9f216e7bf4cb786b08e40ff67155610049bd13e6fa45ef986d660220a6
95.211.116.26200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed6b428c070706c22840932790f7cda9590bc7a8e1d587b24ceca08765a48f237cf32b1ed050f464fa9e1be4d7bbbdbe2a7f62f96da533fcb7bc4efb6073c19043300508cd26357cdbf39be54bfd8efb6a2fad63911123fcb2a939a6ddb11d4b52df447e33da7b41f78e633b1926a92b1cb8ca72447a54c27bddbb6298b34f83c9a9b955ebecf855f147d05b931b71e62f729502b5dd24678ae5bf063bde8696c2329fa9a0a3f3f647ff52ede4cb79ab408c7c23f032e0816b12e09184c55510f50039ee353af79c1c33b610bce27dc863674cd2aea052ae8599ca654c65a1fc99a69911181709ba8d188d10398102cf757604f7939ce20a61e6eda47d1f60325ed21b269e6001a2f7363eb545fad274117f5d0edd649dcb89a587a7eac357fc545ddbf266568b356c271fb67b605e8506edb3564e5f56a7f6312a03e9b36b3479f1098c16744df7c4871a4622b82d28cb66feaed547ebf36d01c4c869a0ebfcd3631aa82d604007c073107e6cf5232233b485651ff64fbf1544e3ae9f216e7bf4cb786b08e40ff67155610049bd13e6fa45ef986d660220a6
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed6b428c070706c22840932790f7cda9590bc7a8e1d587b24ceca08765a48f237cf32b1ed050f464fa9e1be4d7bbbdbe2a7f62f96da533fcb7bc4efb6073c19043300508cd26357cdbf39be54bfd8efb6a2fad63911123fcb2a939a6ddb11d4b52df447e33da7b41f78e633b1926a92b1cb8ca72447a54c27bddbb6298b34f83c9a9b955ebecf855f147d05b931b71e62f729502b5dd24678ae5bf063bde8696c2329fa9a0a3f3f647ff52ede4cb79ab408c7c23f032e0816b12e09184c55510f50039ee353af79c1c33b610bce27dc863674cd2aea052ae8599ca654c65a1fc99a69911181709ba8d188d10398102cf757604f7939ce20a61e6eda47d1f60325ed21b269e6001a2f7363eb545fad274117f5d0edd649dcb89a587a7eac357fc545ddbf266568b356c271fb67b605e8506edb3564e5f56a7f6312a03e9b36b3479f1098c16744df7c4871a4622b82d28cb66feaed547ebf36d01c4c869a0ebfcd3631aa82d604007c073107e6cf5232233b485651ff64fbf1544e3ae9f216e7bf4cb786b08e40ff67155610049bd13e6fa45ef986d660220a6 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1676908645033&.sig=25JXDUr7BKlOeY4r9gP_82Md07c-&affiliationId=96965866&comId=100541924&country=no&offerId=0814c71bc80de85d85e18148103914e3&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJCSIQXWymX2uzFeL3W9ZGXkc0Xc0KB75GsUAGXW5KWvuRM8ElLxkapw9Ss6ZJF9IlVakKWjuHsytQF8gwW&custom2=jKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB
Connection: keep-alive
Cookie: datadome=0AChOTxu7tZ2Xl8cE7TmJ7WKv6a7DcHKoR7ORHHgUckvZmO6zAdpO_IZzXSfe8I2lzErPCB4rLijyKbodveVoS5Nr-jI5Hcoe9x4f5WRh~LFDp4gbaO-Q0HC_RThYf8d; kelkooID=a4c626f-186735854b8-2535e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1676972414142_403730
clickId: 107698111_1676972414136_892350
country: no
Request-Time: PT0.001377S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Tue, 21 Feb 2023 09:40:14 GMT
Content-Type: image/png
Content-Length: 68
dd.kelkoogroup.net/tags.js
54.230.111.93200 OK 55 kB URL HTTP/2 dd.kelkoogroup.net/tags.js
IP 54.230.111.93:0
File type ASCII text, with very long lines (65431)
Hash b3861bce128b759c07684345961d1bfa
8d081ac79c6177543a440803952a59e9358bcff3
f6651659c70064781f695090331682788f7584a3096a5d6ed6e58c0800287454
GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=0AChOTxu7tZ2Xl8cE7TmJ7WKv6a7DcHKoR7ORHHgUckvZmO6zAdpO_IZzXSfe8I2lzErPCB4rLijyKbodveVoS5Nr-jI5Hcoe9x4f5WRh~LFDp4gbaO-Q0HC_RThYf8d; kelkooID=a4c626f-186735854b8-2535e; _ga=GA1.2.529611576.1676972414; _gid=GA1.2.778436330.1676972414
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 55097
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Fri, 17 Feb 2023 13:54:04 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront), 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
date: Tue, 21 Feb 2023 08:55:01 GMT
cache-control: max-age=3600, public
expires: Tue, 21 Feb 2023 09:54:58 GMT
etag: "41481-5f4e5a57473d5-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: pDkbL5669ECmWdLrGWSPdaP1yMsKA8WP57X4cG0P-J0jlOLK9mWwuw==
age: 2716
X-Firefox-Spdy: h2
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed6b428c070706c22840932790f7cda9590bc7a8e1d587b24ceca08765a48f237cf32b1ed050f464fa9e1be4d7bbbdbe2a7f62f96da533fcb7bc4efb6073c19043300508cd26357cdbf39be54bfd8efb6a2fad63911123fcb2a939a6ddb11d4b52df447e33da7b41f78e633b1926a92b1cb8ca72447a54c27bddbb6298b34f83c9a9b955ebecf855f147d05b931b71e62f729502b5dd24678ae5bf063bde8696c2329fa9a0a3f3f647ff52ede4cb79ab408c7c23f032e0816b12e09184c55510f50039ee353af79c1c33b610bce27dc863674cd2aea052ae8599ca654c65a1fc99a69911181709ba8d188d10398102cf757604f7939ce20a61e6eda47d1f60325ed21b269e6001a2f7363eb545fad274117f5d0edd649dcb89a587a7eac357fc545ddbf266568b356c271fb67b605e8506edb3564e5f56a7f6312a03e9b36b3479f1098c16744df7c4871a4622b82d28cb66feaed547ebf36d01c4c869a0ebfcd3631aa82d604007c073107e6cf5232233b485651ff64fbf1544e3ae9f216e7bf4cb786b08e40ff67155610049bd13e6fa45ef986d660220a6
95.211.116.26200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed6b428c070706c22840932790f7cda9590bc7a8e1d587b24ceca08765a48f237cf32b1ed050f464fa9e1be4d7bbbdbe2a7f62f96da533fcb7bc4efb6073c19043300508cd26357cdbf39be54bfd8efb6a2fad63911123fcb2a939a6ddb11d4b52df447e33da7b41f78e633b1926a92b1cb8ca72447a54c27bddbb6298b34f83c9a9b955ebecf855f147d05b931b71e62f729502b5dd24678ae5bf063bde8696c2329fa9a0a3f3f647ff52ede4cb79ab408c7c23f032e0816b12e09184c55510f50039ee353af79c1c33b610bce27dc863674cd2aea052ae8599ca654c65a1fc99a69911181709ba8d188d10398102cf757604f7939ce20a61e6eda47d1f60325ed21b269e6001a2f7363eb545fad274117f5d0edd649dcb89a587a7eac357fc545ddbf266568b356c271fb67b605e8506edb3564e5f56a7f6312a03e9b36b3479f1098c16744df7c4871a4622b82d28cb66feaed547ebf36d01c4c869a0ebfcd3631aa82d604007c073107e6cf5232233b485651ff64fbf1544e3ae9f216e7bf4cb786b08e40ff67155610049bd13e6fa45ef986d660220a6
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed6b428c070706c22840932790f7cda9590bc7a8e1d587b24ceca08765a48f237cf32b1ed050f464fa9e1be4d7bbbdbe2a7f62f96da533fcb7bc4efb6073c19043300508cd26357cdbf39be54bfd8efb6a2fad63911123fcb2a939a6ddb11d4b52df447e33da7b41f78e633b1926a92b1cb8ca72447a54c27bddbb6298b34f83c9a9b955ebecf855f147d05b931b71e62f729502b5dd24678ae5bf063bde8696c2329fa9a0a3f3f647ff52ede4cb79ab408c7c23f032e0816b12e09184c55510f50039ee353af79c1c33b610bce27dc863674cd2aea052ae8599ca654c65a1fc99a69911181709ba8d188d10398102cf757604f7939ce20a61e6eda47d1f60325ed21b269e6001a2f7363eb545fad274117f5d0edd649dcb89a587a7eac357fc545ddbf266568b356c271fb67b605e8506edb3564e5f56a7f6312a03e9b36b3479f1098c16744df7c4871a4622b82d28cb66feaed547ebf36d01c4c869a0ebfcd3631aa82d604007c073107e6cf5232233b485651ff64fbf1544e3ae9f216e7bf4cb786b08e40ff67155610049bd13e6fa45ef986d660220a6 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1676908645033&.sig=25JXDUr7BKlOeY4r9gP_82Md07c-&affiliationId=96965866&comId=100541924&country=no&offerId=0814c71bc80de85d85e18148103914e3&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJCSIQXWymX2uzFeL3W9ZGXkc0Xc0KB75GsUAGXW5KWvuRM8ElLxkapw9Ss6ZJF9IlVakKWjuHsytQF8gwW&custom2=jKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=0AChOTxu7tZ2Xl8cE7TmJ7WKv6a7DcHKoR7ORHHgUckvZmO6zAdpO_IZzXSfe8I2lzErPCB4rLijyKbodveVoS5Nr-jI5Hcoe9x4f5WRh~LFDp4gbaO-Q0HC_RThYf8d; kelkooID=a4c626f-186735854b8-2535e; _ga=GA1.2.529611576.1676972414; _gid=GA1.2.778436330.1676972414
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1676972414142_403730
clickId: 107698111_1676972414136_892350
country: no
Request-Time: PT0.004288S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Tue, 21 Feb 2023 09:40:14 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
no-go.kelkoogroup.net/favicon.ico
95.211.116.26404 Not Found 1.1 kB URL HTTP/1.1 no-go.kelkoogroup.net/favicon.ico
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8560de521c4990c7c870121fc9643508
0cacf7a6b96cceeb6ceae74d5f14dc87406a6f39
73a434285c3a752bc8c44aebd50e10f1a766853cbc7184e78d5c934c7b52b620
GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1676908645033&.sig=25JXDUr7BKlOeY4r9gP_82Md07c-&affiliationId=96965866&comId=100541924&country=no&offerId=0814c71bc80de85d85e18148103914e3&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJCSIQXWymX2uzFeL3W9ZGXkc0Xc0KB75GsUAGXW5KWvuRM8ElLxkapw9Ss6ZJF9IlVakKWjuHsytQF8gwW&custom2=jKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB
Connection: keep-alive
Cookie: datadome=0AChOTxu7tZ2Xl8cE7TmJ7WKv6a7DcHKoR7ORHHgUckvZmO6zAdpO_IZzXSfe8I2lzErPCB4rLijyKbodveVoS5Nr-jI5Hcoe9x4f5WRh~LFDp4gbaO-Q0HC_RThYf8d; kelkooID=a4c626f-186735854b8-2535e; _ga=GA1.2.529611576.1676972414; _gid=GA1.2.778436330.1676972414
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Request-Time: PT0.000302S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Tue, 21 Feb 2023 09:40:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1144
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed6b428c070706c22840932790f7cda9590bc7a8e1d587b24ceca08765a48f237cf32b1ed050f464fa9e1be4d7bbbdbe2a7f62f96da533fcb7bc4efb6073c19043300508cd26357cdbf39be54bfd8efb6a2fad63911123fcb2a939a6ddb11d4b52df447e33da7b41f78e633b1926a92b1cb8ca72447a54c27bddbb6298b34f83c9a9b955ebecf855f147d05b931b71e62f729502b5dd24678ae5bf063bde8696c2329fa9a0a3f3f647ff52ede4cb79ab408c7c23f032e0816b12e09184c55510f50039ee353af79c1c33b610bce27dc863674cd2aea052ae8599ca654c65a1fc99a69911181709ba8d188d10398102cf757604f7939ce20a61e6eda47d1f60325ed21b269e6001a2f7363eb545fad274117f5d0edd649dcb89a587a7eac357fc545ddbf266568b356c271fb67b605e8506edb3564e5f56a7f6312a03e9b36b3479f1098c16744df7c4871a4622b82d28cb66feaed547ebf36d01c4c869a0ebfcd3631aa82d604007c073107e6cf5232233b485651ff64fbf1544e3ae9f216e7bf4cb786b08e40ff67155610049bd13e6fa45ef986d660220a6&url=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Fmias-mat%2F%3Fkk%3Da4c626f-186735854b8-2535e%26utm_source%3Dgoogle%26utm_campaign%3Dfeed%26utm_medium%3Dkatalog%26utm_term%3D434819&initiator=timeout
95.211.116.26303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed6b428c070706c22840932790f7cda9590bc7a8e1d587b24ceca08765a48f237cf32b1ed050f464fa9e1be4d7bbbdbe2a7f62f96da533fcb7bc4efb6073c19043300508cd26357cdbf39be54bfd8efb6a2fad63911123fcb2a939a6ddb11d4b52df447e33da7b41f78e633b1926a92b1cb8ca72447a54c27bddbb6298b34f83c9a9b955ebecf855f147d05b931b71e62f729502b5dd24678ae5bf063bde8696c2329fa9a0a3f3f647ff52ede4cb79ab408c7c23f032e0816b12e09184c55510f50039ee353af79c1c33b610bce27dc863674cd2aea052ae8599ca654c65a1fc99a69911181709ba8d188d10398102cf757604f7939ce20a61e6eda47d1f60325ed21b269e6001a2f7363eb545fad274117f5d0edd649dcb89a587a7eac357fc545ddbf266568b356c271fb67b605e8506edb3564e5f56a7f6312a03e9b36b3479f1098c16744df7c4871a4622b82d28cb66feaed547ebf36d01c4c869a0ebfcd3631aa82d604007c073107e6cf5232233b485651ff64fbf1544e3ae9f216e7bf4cb786b08e40ff67155610049bd13e6fa45ef986d660220a6&url=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Fmias-mat%2F%3Fkk%3Da4c626f-186735854b8-2535e%26utm_source%3Dgoogle%26utm_campaign%3Dfeed%26utm_medium%3Dkatalog%26utm_term%3D434819&initiator=timeout
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed6b428c070706c22840932790f7cda9590bc7a8e1d587b24ceca08765a48f237cf32b1ed050f464fa9e1be4d7bbbdbe2a7f62f96da533fcb7bc4efb6073c19043300508cd26357cdbf39be54bfd8efb6a2fad63911123fcb2a939a6ddb11d4b52df447e33da7b41f78e633b1926a92b1cb8ca72447a54c27bddbb6298b34f83c9a9b955ebecf855f147d05b931b71e62f729502b5dd24678ae5bf063bde8696c2329fa9a0a3f3f647ff52ede4cb79ab408c7c23f032e0816b12e09184c55510f50039ee353af79c1c33b610bce27dc863674cd2aea052ae8599ca654c65a1fc99a69911181709ba8d188d10398102cf757604f7939ce20a61e6eda47d1f60325ed21b269e6001a2f7363eb545fad274117f5d0edd649dcb89a587a7eac357fc545ddbf266568b356c271fb67b605e8506edb3564e5f56a7f6312a03e9b36b3479f1098c16744df7c4871a4622b82d28cb66feaed547ebf36d01c4c869a0ebfcd3631aa82d604007c073107e6cf5232233b485651ff64fbf1544e3ae9f216e7bf4cb786b08e40ff67155610049bd13e6fa45ef986d660220a6&url=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Fmias-mat%2F%3Fkk%3Da4c626f-186735854b8-2535e%26utm_source%3Dgoogle%26utm_campaign%3Dfeed%26utm_medium%3Dkatalog%26utm_term%3D434819&initiator=timeout HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/offersearchGo?.ts=1676908645033&.sig=25JXDUr7BKlOeY4r9gP_82Md07c-&affiliationId=96965866&comId=100541924&country=no&offerId=0814c71bc80de85d85e18148103914e3&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=j3BvtxsmImM0RJCSIQXWymX2uzFeL3W9ZGXkc0Xc0KB75GsUAGXW5KWvuRM8ElLxkapw9Ss6ZJF9IlVakKWjuHsytQF8gwW&custom2=jKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB
Connection: keep-alive
Cookie: datadome=0AChOTxu7tZ2Xl8cE7TmJ7WKv6a7DcHKoR7ORHHgUckvZmO6zAdpO_IZzXSfe8I2lzErPCB4rLijyKbodveVoS5Nr-jI5Hcoe9x4f5WRh~LFDp4gbaO-Q0HC_RThYf8d; kelkooID=a4c626f-186735854b8-2535e; _ga=GA1.2.529611576.1676972414; _gid=GA1.2.778436330.1676972414
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1676972414142_403730
clickId: 107698111_1676972414136_892350
country: no
Location: https://www.friskforlag.no/produkt/mias-mat/?kk=a4c626f-186735854b8-2535e&utm_source=google&utm_campaign=feed&utm_medium=katalog&utm_term=434819
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=7etCmt19tFZrkoAYo7gg1SPvvw~k3IH0pP04SG3bstR4lzkmS4Zic~WZ3nDekW1B5xEZZJEEO8KleIxKJf22ppOE2bqkjul~trSXv0NKyxXY~OPzui64hiRsFlIE8WqS; Max-Age=31536000; Expires=Wed, 21 Feb 2024 09:40:14 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
X-DataDome: protected
Request-Time: PT0.012416S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Tue, 21 Feb 2023 09:40:14 GMT
Content-Length: 0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2170
Expires: Tue, 21 Feb 2023 10:16:24 GMT
Date: Tue, 21 Feb 2023 09:40:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2170
Expires: Tue, 21 Feb 2023 10:16:24 GMT
Date: Tue, 21 Feb 2023 09:40:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2170
Expires: Tue, 21 Feb 2023 10:16:24 GMT
Date: Tue, 21 Feb 2023 09:40:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2170
Expires: Tue, 21 Feb 2023 10:16:24 GMT
Date: Tue, 21 Feb 2023 09:40:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf1e2195-c852-4c89-889b-f430610b2b64.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf1e2195-c852-4c89-889b-f430610b2b64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8731ce65b0b488344705b96716fc85d6
eb4964fb506fa5be323d666243923744c31c8fdf
d0af8b820331858a0b1c68b4e011da8fe441327c0e369a4c2a30d8d011c89b8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf1e2195-c852-4c89-889b-f430610b2b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4144
x-amzn-requestid: 1bdb8c7a-f0d7-4271-bd3b-2ec3b465f561
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Aj8-kEMGIAMF1dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f17529-1390788e6c72f3326441edd0;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 01:02:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FmoqjnFhHQnhhV053HbdBMIMdDiLDSK7hpIOYqSvzcjDVMPEebCQ-Q==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 14:13:07 GMT
age: 70027
etag: "eb4964fb506fa5be323d666243923744c31c8fdf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c5a0bab7d34e51ee6476be179b356ba
87917d3cf520d73b7b1029f44505e7700413d51d
136e727a99409218318247b645558fad485ed84bcd90bd43a5895492cb317d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6879
x-amzn-requestid: 18c46562-f8d9-4f7f-8ea0-1bb46e206f80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANnahEWgIAMFwYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e885dc-50a7cfe4693b4efb038ce1a7;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 06:23:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K3teFfj79RPIRVaLUr5b2XMz3Jb5g8AeZCce6ZAAZmjOSJWr1QIsNw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 09:13:17 GMT
age: 1617
etag: "87917d3cf520d73b7b1029f44505e7700413d51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2979dbd8-5e4b-4b69-9ad7-7457a9340546.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2979dbd8-5e4b-4b69-9ad7-7457a9340546.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0069a196f8b45e350860582312bc91f
abf2b8a79e5a32e0415604175e06bde712af52f9
8bdcae73ce29f1041c696b053262245747d67786f80823da402ebc4bd633365b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2979dbd8-5e4b-4b69-9ad7-7457a9340546.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3688
x-amzn-requestid: efc78b3d-3eee-4a49-be91-3527af796fcd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AeLpWGfXoAMFTUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ef263b-48614c321cb9e831768a9098;Sampled=0
x-amzn-remapped-date: Fri, 17 Feb 2023 07:01:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0WQvgAfl2NXAknJKJAGALPgfZ4DGNEJG5CeOiSwkT5z1sLkbAqs7YA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 09:41:14 GMT
age: 86340
etag: "abf2b8a79e5a32e0415604175e06bde712af52f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef868b47-b321-439e-bf82-15d1c2530384.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef868b47-b321-439e-bf82-15d1c2530384.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83e6132f67f7260c438854ee306526a4
da52ad870b7961e0dffb76cb204c1634c1045bcc
9375c53e5d6519f5d765dcd4a4c2e24e372d9dc507fc3331ba122c7d08babc34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef868b47-b321-439e-bf82-15d1c2530384.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9944
x-amzn-requestid: 11509d28-5502-4a01-8991-96d6cf2efd4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ARBMIGeqoAMFkpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e9e24d-77c90ef925dc9b1c7ff6561b;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 07:10:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: v3CuK8nOPRT8XXDy3SROYVosiN-o4BFEFJCZYqwr5Y6SLhydHcobdg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 08:23:41 GMT
age: 4593
etag: "da52ad870b7961e0dffb76cb204c1634c1045bcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F062afd3d-1408-45f9-8a87-8676271020ec.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F062afd3d-1408-45f9-8a87-8676271020ec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f4f15374ec09bd3d657f2c8f0fa886c
fb01a0ee84a88cf6f8cacea78c5b9cd444a41a9c
a63f93c3413c34897706ede836bf8aaf186a7002a901df0dc5481d381af5b849
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F062afd3d-1408-45f9-8a87-8676271020ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7349
x-amzn-requestid: 76a8d55e-1e03-44d3-8c54-189007f4cf2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AhffeElfIAMFWOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f0792f-30cb18357e326d222d1078b8;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 07:07:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n6XdCksCYvpPD8Otqr9wPB8zPPfSTer7MiRdZHKdacvrMsw3njP_Nw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 11:21:08 GMT
age: 80346
etag: "fb01a0ee84a88cf6f8cacea78c5b9cd444a41a9c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f0c0c1-7e65-42b7-b8ac-5ed24c4924e6.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f0c0c1-7e65-42b7-b8ac-5ed24c4924e6.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d5b1f36b0fce0c27bc55b1b565fc036
b6b3c4f523346bcad001b251c984d18aee522d33
d03c32dc9a6ffce9b147d6db39df6a7bd3a3a47f778242e3194aa82357138d6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f0c0c1-7e65-42b7-b8ac-5ed24c4924e6.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13379
x-amzn-requestid: 304b3dbc-34c8-45f6-bc57-0cb24d8bcd71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AkTwpHiPoAMFUwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f1999d-428a7455204ae54c4383071b;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 03:38:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wEimr3MFrSkUXiNK08bsd0FgzCvyhJyigthdZRTpH6-V1t88W6pNNQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 21:54:43 GMT
age: 42331
etag: "b6b3c4f523346bcad001b251c984d18aee522d33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c58fba8cc6a5ac015ef7f1b1161644b4
b010cbd94176e69a8787027a02a7f36fbbde0d8d
4898d9bcda452c5ce9887e79326e717ed79038bcff133b504ada711c629a59b4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=153184
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:14 GMT
Etag: "63f444de-116"
Expires: Thu, 23 Feb 2023 04:13:18 GMT
Last-Modified: Tue, 21 Feb 2023 04:13:18 GMT
Server: nginx
Content-Length: 278
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 446d7fa1238d724d94aea6e15d7ac030
deca2051c23fa7a8d2c2d67384010bbdad654ae0
d15084005782be01f9464bdb44592d8bd19f48f0560719d830bbfda845580125
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 21 Feb 2023 09:40:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 18 Feb 2023 01:51:19 GMT
Expires: Sat, 25 Feb 2023 01:51:18 GMT
Etag: "deca2051c23fa7a8d2c2d67384010bbdad654ae0"
Cache-Control: max-age=602511,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1117
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79ce84f7693cb51e-OSL
api-js.datadome.co/js/
16.170.115.88200 OK 235 B IP 16.170.115.88:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7294ace6d62bde2a48164adfdff08e67
1ff03c9af52dc1e937150a622ae6c51cdd68bf33
f7312792271fe5354f7c1fc87cb811a34641656482322fd0c3257946c55453c5
POST /js/ HTTP/1.1
Host: api-js.datadome.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4556
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:14 GMT
content-type: application/json;charset=utf-8
content-length: 235
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 407d753a19cf29f7e27cbabf2541ca22
fe7158003086e2aeef7a0260d3d3ec1146c75279
01c56979cebd97e7d0f83354f75f2772a502d6e41d1e49852d37bb997b23afd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1676908645033%26.sig%3D25JXDUr7BKlOeY4r9gP_82Md07c-%26affiliationId%3D96965866%26comId%3D100541924%26country%3Dno%26offerId%3D0814c71bc80de85d85e18148103914e3%26service%3D37%26tokenId%3D35e025c3-2943-4e2d-874f-eaee491f9fab%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Dj3BvtxsmImM0RJCSIQXWymX2uzFeL3W9ZGXkc0Xc0KB75GsUAGXW5KWvuRM8ElLxkapw9Ss6ZJF9IlVakKWjuHsytQF8gwW%26custom2%3DjKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965866%7C100541924%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Friskforlag.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=529611576.1676972414&tid=UA-168544891-6&_gid=778436330.1676972414&_r=1&cd1=96965866&cd2=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1676972414142_403730&cd3=100541924&cd4=a4c626f-186735854b8-2535e&cd5=&cd6=96965866%7C100541924%7C&z=868726783
142.250.74.110200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1676908645033%26.sig%3D25JXDUr7BKlOeY4r9gP_82Md07c-%26affiliationId%3D96965866%26comId%3D100541924%26country%3Dno%26offerId%3D0814c71bc80de85d85e18148103914e3%26service%3D37%26tokenId%3D35e025c3-2943-4e2d-874f-eaee491f9fab%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Dj3BvtxsmImM0RJCSIQXWymX2uzFeL3W9ZGXkc0Xc0KB75GsUAGXW5KWvuRM8ElLxkapw9Ss6ZJF9IlVakKWjuHsytQF8gwW%26custom2%3DjKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965866%7C100541924%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Friskforlag.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=529611576.1676972414&tid=UA-168544891-6&_gid=778436330.1676972414&_r=1&cd1=96965866&cd2=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1676972414142_403730&cd3=100541924&cd4=a4c626f-186735854b8-2535e&cd5=&cd6=96965866%7C100541924%7C&z=868726783
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1676908645033%26.sig%3D25JXDUr7BKlOeY4r9gP_82Md07c-%26affiliationId%3D96965866%26comId%3D100541924%26country%3Dno%26offerId%3D0814c71bc80de85d85e18148103914e3%26service%3D37%26tokenId%3D35e025c3-2943-4e2d-874f-eaee491f9fab%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Dj3BvtxsmImM0RJCSIQXWymX2uzFeL3W9ZGXkc0Xc0KB75GsUAGXW5KWvuRM8ElLxkapw9Ss6ZJF9IlVakKWjuHsytQF8gwW%26custom2%3DjKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965866%7C100541924%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Friskforlag.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=529611576.1676972414&tid=UA-168544891-6&_gid=778436330.1676972414&_r=1&cd1=96965866&cd2=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1676972414142_403730&cd3=100541924&cd4=a4c626f-186735854b8-2535e&cd5=&cd6=96965866%7C100541924%7C&z=868726783 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Tue, 21 Feb 2023 09:40:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 407d753a19cf29f7e27cbabf2541ca22
fe7158003086e2aeef7a0260d3d3ec1146c75279
01c56979cebd97e7d0f83354f75f2772a502d6e41d1e49852d37bb997b23afd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c58fba8cc6a5ac015ef7f1b1161644b4
b010cbd94176e69a8787027a02a7f36fbbde0d8d
4898d9bcda452c5ce9887e79326e717ed79038bcff133b504ada711c629a59b4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=153184
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:15 GMT
Etag: "63f444de-116"
Expires: Thu, 23 Feb 2023 04:13:19 GMT
Last-Modified: Tue, 21 Feb 2023 04:13:18 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
s.kk-resources.com/leadtag.js
54.230.111.25200 OK 2.6 kB URL HTTP/1.1 s.kk-resources.com/leadtag.js
IP 54.230.111.25:0
File type C source, ASCII text, with very long lines (6910)
Hash b9c7aa9898d0e7b5d8dfa27c81eda1ac
3e22a4f4ac1fd469128de60e1a80433513242071
980531f0a81016e3a7a4c3fa56f75e7b791f1f4c09296992221bd766b91a53a0
GET /leadtag.js HTTP/1.1
Host: s.kk-resources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2595
Connection: keep-alive
X-Gravitee-Transaction-Id: 9919f267-1bce-4571-99f2-671bced571f3
X-Gravitee-Request-Id: 9919f267-1bce-4571-99f2-671bced571f3
ETag: "5b560af5c5cc011d6033fa536ca449e7fa364c69"
Request-Time: 6
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Thu, 02 Feb 2023 12:33:09 GMT
Content-Encoding: gzip
Date: Tue, 21 Feb 2023 08:42:52 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9oRHWp8_-5jF8yFhG8or_0ojAfTKAy44KKtWp_r9NfNwnfa937crYQ==
Age: 3443
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 407d753a19cf29f7e27cbabf2541ca22
fe7158003086e2aeef7a0260d3d3ec1146c75279
01c56979cebd97e7d0f83354f75f2772a502d6e41d1e49852d37bb997b23afd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleoptimize.com/optimize.js?id=GTM-W4VNJVH
142.250.74.78200 OK 46 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=GTM-W4VNJVH
IP 142.250.74.78:0
File type ASCII text, with very long lines (2411)
Hash d5b9c1bb2ac1bdc7212667b07d12ff6f
679a1f3223d4e717af8b0c2266b12b11341eb0e6
08bd379833c645c15bce6273c7604c14c6fe6a15c4f18e22695c99d25fdebe09
GET /optimize.js?id=GTM-W4VNJVH HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Feb 2023 09:40:15 GMT
expires: Tue, 21 Feb 2023 09:40:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45780
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.friskforlag.no/wp-content/themes/bootcommerce-child-main/img/logo/frisk.svg
162.159.152.23200 OK 33 kB URL HTTP/2 www.friskforlag.no/wp-content/themes/bootcommerce-child-main/img/logo/frisk.svg
IP 162.159.152.23:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1636)
Hash 6649467054aa126e8ddddc761d9d4315
372d5a9a622f2a714bd9754e3fa7caa22380716a
dbd67fa4f0ebe7e8231e107547ad24c4b9f543a1420e68ec23370006379890b4
GET /wp-content/themes/bootcommerce-child-main/img/logo/frisk.svg HTTP/1.1
Host: www.friskforlag.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/produkt/mias-mat/?kk=a4c626f-186735854b8-2535e&utm_source=google&utm_campaign=feed&utm_medium=katalog&utm_term=434819
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Fmias-mat%2F%3Fkk%3Da4c626f-186735854b8-2535e%26utm_source%3Dgoogle%26utm_campaign%3Dfeed%26utm_medium%3Dkatalog%26utm_term%3D434819; __cf_bm=QSSFm_s6aXjGootgRvHZb8vmwbqRUqD9KTjpzBlr3bQ-1676972415-0-ATq2jWH0TLe7+I45tF59rN5PSpkZv0UVjs9JmtJsMvgieB2L43dgruM9e7Ki323DWgkC6eCISoNrDr3s6M/nExI=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:15 GMT
content-type: image/svg+xml
last-modified: Thu, 12 May 2022 12:09:55 GMT
etag: W/"6c3-5decf6f9d49db"
expires: Tue, 28 Feb 2023 09:40:15 GMT
cache-control: public, max-age=604800
vary: Accept-Encoding
x-frontend-cache: MISS
cf-cache-status: HIT
age: 81570
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=4mucY9aOWC2b7GbAluIJKU4lRCH7dkAXPXFEJz55AKE-1676972415-0-AX5CWODfEoDj4oGojNfRfz_43tQzZ4XaGIXusceQl96Oorchj17S8wfCI_P-mRZ2lwVfl-rl43C-oPo1v_qM6wv4Pzg6hz-SAr023dXidlOnAbwcBaNA-1bWGh88T7uXjQ"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=4mucY9aOWC2b7GbAluIJKU4lRCH7dkAXPXFEJz55AKE-1676972415-0-AX5CWODfEoDj4oGojNfRfz_43tQzZ4XaGIXusceQl96Oorchj17S8wfCI_P-mRZ2lwVfl-rl43C-oPo1v_qM6wv4Pzg6hz-SAr023dXidlOnAbwcBaNA-1bWGh88T7uXjQ; report-to cf-csp-endpoint
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
servebolt: acd
server: cloudflare
cf-ray: 79ce84fb3a990b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a84510cdefe00a45e67aab37e7f03e1a
ecd67c85ceae1744aad2a5c2d55570e3ec8958bd
2856660071702dbd8dbaf043a841c03fff188d4ac3c68da0be20585a22329878
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2856660071702DBD8DBAF043A841C03FFF188D4AC3C68DA0BE20585A22329878"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12374
Expires: Tue, 21 Feb 2023 13:06:29 GMT
Date: Tue, 21 Feb 2023 09:40:15 GMT
Connection: keep-alive
www.friskforlag.no/wp-content/cache/perfmatters/www.friskforlag.no/fonts/b2479bee511c.google-fonts.css
162.159.152.23200 OK 2.3 kB URL HTTP/2 www.friskforlag.no/wp-content/cache/perfmatters/www.friskforlag.no/fonts/b2479bee511c.google-fonts.css
IP 162.159.152.23:0
File type ASCII text, with very long lines (567), with no line terminators
Hash d3970ad2b642fc9301d2fdaddc87c661
7f448d3ea58b45b69cdaf6f3498d7c3969bab183
125b02954294c4aad696e0f3362af2f0d14f146c0abe26a5e7ef937f83157bdc
GET /wp-content/cache/perfmatters/www.friskforlag.no/fonts/b2479bee511c.google-fonts.css HTTP/1.1
Host: www.friskforlag.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/produkt/mias-mat/?kk=a4c626f-186735854b8-2535e&utm_source=google&utm_campaign=feed&utm_medium=katalog&utm_term=434819
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Fmias-mat%2F%3Fkk%3Da4c626f-186735854b8-2535e%26utm_source%3Dgoogle%26utm_campaign%3Dfeed%26utm_medium%3Dkatalog%26utm_term%3D434819; __cf_bm=QSSFm_s6aXjGootgRvHZb8vmwbqRUqD9KTjpzBlr3bQ-1676972415-0-ATq2jWH0TLe7+I45tF59rN5PSpkZv0UVjs9JmtJsMvgieB2L43dgruM9e7Ki323DWgkC6eCISoNrDr3s6M/nExI=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:15 GMT
content-type: text/css
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=670
etag: W/"29e-5ded7ba127ed0"
expires: Wed, 21 Feb 2024 09:40:15 GMT
last-modified: Thu, 12 May 2022 22:03:24 GMT
vary: Accept-Encoding
x-frontend-cache: MISS
cf-cache-status: HIT
age: 81570
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
servebolt: acd
server: cloudflare
cf-ray: 79ce84fb3a8d0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.friskforlag.no/wp-content/themes/bootcommerce-child-main/img/logo/vipps.svg
162.159.152.23200 OK 88 kB URL HTTP/2 www.friskforlag.no/wp-content/themes/bootcommerce-child-main/img/logo/vipps.svg
IP 162.159.152.23:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 1e842e52dc11052369515f1b86de673d
0173e4a86c7dc8c9f4560019ccb1fcb62608366b
0a012ea96abd4a262e445650efda0f8e88cb360e20f4450a66219415881b82cc
GET /wp-content/themes/bootcommerce-child-main/img/logo/vipps.svg HTTP/1.1
Host: www.friskforlag.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/produkt/mias-mat/?kk=a4c626f-186735854b8-2535e&utm_source=google&utm_campaign=feed&utm_medium=katalog&utm_term=434819
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Fmias-mat%2F%3Fkk%3Da4c626f-186735854b8-2535e%26utm_source%3Dgoogle%26utm_campaign%3Dfeed%26utm_medium%3Dkatalog%26utm_term%3D434819; __cf_bm=QSSFm_s6aXjGootgRvHZb8vmwbqRUqD9KTjpzBlr3bQ-1676972415-0-ATq2jWH0TLe7+I45tF59rN5PSpkZv0UVjs9JmtJsMvgieB2L43dgruM9e7Ki323DWgkC6eCISoNrDr3s6M/nExI=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:15 GMT
content-type: image/svg+xml
last-modified: Thu, 12 May 2022 12:09:56 GMT
etag: W/"4eb-5decf6fa6b2ae"
expires: Tue, 28 Feb 2023 09:40:15 GMT
cache-control: public, max-age=604800
vary: Accept-Encoding
x-frontend-cache: MISS
cf-cache-status: HIT
age: 81570
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
servebolt: acd
server: cloudflare
cf-ray: 79ce84fb3a980b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.friskforlag.no/wp-content/cache/perfmatters/www.friskforlag.no/fonts/13e458115ea1.google-fonts.css
162.159.152.23200 OK 118 kB URL HTTP/2 www.friskforlag.no/wp-content/cache/perfmatters/www.friskforlag.no/fonts/13e458115ea1.google-fonts.css
IP 162.159.152.23:0
File type ASCII text, with very long lines (2244), with no line terminators
Size 118 kB (117620 bytes)
Hash e66edb55059aafd9c158ea79fe18c183
38709423051fa567108c6f51c4ba60e03e87ba10
aa441d8cb67c92badff6e50314b809f94bd18804732ddbe7a7a752bbb0944009
GET /wp-content/cache/perfmatters/www.friskforlag.no/fonts/13e458115ea1.google-fonts.css HTTP/1.1
Host: www.friskforlag.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/produkt/mias-mat/?kk=a4c626f-186735854b8-2535e&utm_source=google&utm_campaign=feed&utm_medium=katalog&utm_term=434819
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Fmias-mat%2F%3Fkk%3Da4c626f-186735854b8-2535e%26utm_source%3Dgoogle%26utm_campaign%3Dfeed%26utm_medium%3Dkatalog%26utm_term%3D434819; __cf_bm=QSSFm_s6aXjGootgRvHZb8vmwbqRUqD9KTjpzBlr3bQ-1676972415-0-ATq2jWH0TLe7+I45tF59rN5PSpkZv0UVjs9JmtJsMvgieB2L43dgruM9e7Ki323DWgkC6eCISoNrDr3s6M/nExI=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:15 GMT
content-type: text/css
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=2592
etag: W/"a20-5df4dedac169b"
expires: Wed, 21 Feb 2024 09:40:15 GMT
last-modified: Wed, 18 May 2022 19:04:36 GMT
vary: Accept-Encoding
x-frontend-cache: MISS
cf-cache-status: HIT
age: 81570
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
servebolt: acd
server: cloudflare
cf-ray: 79ce84fb3a870b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 68b8f4bfb8e386ee070003be036b3eed
2766fd78fb678348b8ba598d2e6c6f89acc11daf
bbc631effde1308e99aa4763fd1d63773b23a608782d4b89fde8b57b47626311
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 182
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:15 GMT
Last-Modified: Tue, 21 Feb 2023 09:37:13 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 2.7 kB IP 93.184.220.29:0
Hash 57ef60924295a014555952e35152dac6
141ad4f0cb84007c8d41ac2add64f8d77b826f17
a2078e629669d05f826f034cc791aa54d9fd8d08395380195cc98c896c0598c5
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3125
Cache-Control: max-age=117751
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:15 GMT
Etag: "63f3ae41-1d7"
Expires: Wed, 22 Feb 2023 18:22:46 GMT
Last-Modified: Mon, 20 Feb 2023 17:30:41 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
s.kelkoogroup.net/k.gif
185.60.164.26200 OK 8.4 kB IP 185.60.164.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 920ca9ab64b39916aeaa29e760a79d70
6feec64f4ec359eb5be6aec8fcf78afb4e5b646d
cfbe90ea3b53751400d69c3bee657ce4d6ef722647d8087fbc85f2008d35e991
OPTIONS /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: etag
Referer: https://www.friskforlag.no/
Origin: https://www.friskforlag.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 9e24f91c-fec4-475f-a4f9-1cfec4975fc0
X-Gravitee-Request-Id: 9e24f91c-fec4-475f-a4f9-1cfec4975fc0
Vary: Origin
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://www.friskforlag.no
Access-Control-Allow-Headers: etag
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Date: Tue, 21 Feb 2023 09:40:15 GMT
content-length: 0
a.omappapi.com/app/js/api.min.css
194.242.11.186200 OK 3.2 kB URL HTTP/2 a.omappapi.com/app/js/api.min.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1165)
Hash f8e22b23bea1d7f0b5c99a852b60547c
aa9cf8442232a210ba780705dca65345d4081db3
a66ef8ba66ef5d9324376ac7b331dec84e80175967fb92f453ade3fc04d9a3c1
GET /app/js/api.min.css HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:15 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63dc3418-464c"
last-modified: Thu, 02 Feb 2023 22:07:20 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 318
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:26:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ed75936b4e3ed43fd17e110da2748cc3
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
54.230.82.240200 OK 26 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
Hash 9291aca774de2c029997e23ec5af95e8
b809eabe66e9472048af1b5a3cf5a8e66c948a86
639d23b7203d83af6946b23e09c28d4fe64d7e92203818dd94997df314fbf4d4
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13297
server: CloudFront
date: Tue, 21 Feb 2023 09:40:16 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=f4d067c8635448ef8b9c0316e8cd77da;max-age=86400;expires=Wed, 22 Feb 2023 09:30:09 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: GeneratedResponse from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lHkkVshNWpMd5-CPE36bdeUotwA0BhQx8OAnTXb9rMF24DKkOF_D7Q==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash abf480f958e28d09bdff9c74a07d4812
a4b84d784b85efef9d0ee3747a71b07b443ccd3c
3efdead33f7eca4c8e7a5e6527e11d6ba7e85aec22e4bed58996b840007e7136
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 21 Feb 2023 09:40:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 21 Feb 2023 02:24:21 GMT
Expires: Tue, 28 Feb 2023 02:24:20 GMT
Etag: "a4b84d784b85efef9d0ee3747a71b07b443ccd3c"
Cache-Control: max-age=578043,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79ce85006e810afe-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94a2ab66be8f0c06532e79ee743fdf5c
66598eef601b8cd08fca4f9a4872af15c6e22eaf
3efc691b9aee4a1832151d27c14a7c0d5421473acf83d6a5f04f154a975e4677
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5452
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:16 GMT
Last-Modified: Tue, 21 Feb 2023 08:09:24 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94a2ab66be8f0c06532e79ee743fdf5c
66598eef601b8cd08fca4f9a4872af15c6e22eaf
3efc691b9aee4a1832151d27c14a7c0d5421473acf83d6a5f04f154a975e4677
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5452
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:16 GMT
Last-Modified: Tue, 21 Feb 2023 08:09:24 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94a2ab66be8f0c06532e79ee743fdf5c
66598eef601b8cd08fca4f9a4872af15c6e22eaf
3efc691b9aee4a1832151d27c14a7c0d5421473acf83d6a5f04f154a975e4677
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5452
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:16 GMT
Last-Modified: Tue, 21 Feb 2023 08:09:24 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
a.omappapi.com/app/js/29.3ede5745.min.js
194.242.11.186200 OK 1.3 kB URL HTTP/2 a.omappapi.com/app/js/29.3ede5745.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (2725)
Hash 160df48796830c5a331007f0ac10e024
708ab0beb3d8ee14532648ac04bde647a2402750
cd8dcf91dc9015d818136c8d6c2c62b4bf2a33e5d64981502f017a0861758a91
GET /app/js/29.3ede5745.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:16 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63d189cb-ade"
last-modified: Wed, 25 Jan 2023 19:58:03 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 344
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:26:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 23668c04bdcfb8ff0430b212e0d57043
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/moment-timezone/0.5.34/moment-timezone-with-data-2012-2022.min.js
194.242.11.186200 OK 19 kB URL HTTP/2 a.omappapi.com/app/js/moment-timezone/0.5.34/moment-timezone-with-data-2012-2022.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (42484), with no line terminators
Hash b224fda35a6f990c1074c966a3cf9dc3
9e101d2b1dc9f9ac551ba2966422838bcf62a8e5
5f25ba571db14a51d84ad3df83fbba6367a479470acf68e49aa5393ece2764a7
GET /app/js/moment-timezone/0.5.34/moment-timezone-with-data-2012-2022.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:16 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63c5e505-a5f4"
last-modified: Tue, 17 Jan 2023 00:00:05 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 344
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:26:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 94e22aa2fa47bf0a924e4f0b2d02393f
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/13.56678130.min.js
194.242.11.186200 OK 1.3 kB URL HTTP/2 a.omappapi.com/app/js/13.56678130.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (2254)
Hash a9040a6a45f99e79cb201b6529c8d09e
23647bb0598f784c9ea66d8e1646eab2a9c0fbc1
8f8533c3ba532d59469204f11371701fc73c7ca29c629b62f1808a4a7492b07d
GET /app/js/13.56678130.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:16 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63c61a69-90c"
last-modified: Tue, 17 Jan 2023 03:47:53 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 344
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:26:46
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: c30386b4a8b90fafd095d5469f324cff
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 791e968cee662a01bec431c498be07a0
5c71afdd7015734d07be2df1ad79e28ef1646ae2
6ccf96b85392ec77423ec2f2b756909a0de6480867502680d35036e95964b712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Cabin:400
142.250.74.106200 OK 898 B URL HTTP/2 fonts.googleapis.com/css?family=Cabin:400
IP 142.250.74.106:0
Hash b59514137d9aca1cc2b9d7cfae6b1dd6
9b3621fdb5b73332f4aead5348d1ee410eae7e45
44fdb4291649a5415042e2f323481b031eb74b5856f2f45b928246cf28cb854d
GET /css?family=Cabin:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 21 Feb 2023 09:40:16 GMT
date: Tue, 21 Feb 2023 09:40:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 21 Feb 2023 07:53:25 GMT
expires: Tue, 21 Feb 2023 09:53:25 GMT
cache-control: public, max-age=7200
age: 6411
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash eb6812b24009877ada00df19070fefe5
4968938416cd623d3bb66bfe9f9eae61d85e033e
7c35cb57ce31c8bbccb9d0e234e637266398316ca114f69bbe6e2c306b5e0cd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15476, version 1.0\012- data
Hash 083f5cafe748b8ac91823b36986d7fda
0d763699e5bce633aa6adc03370b8630b87c1b31
a3d8afcbc68d3ae65312e50ce252f5eb4cb817d3fe39452bd37a76f896ab5921
GET /s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.friskforlag.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15476
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 14 Feb 2023 16:50:23 GMT
expires: Wed, 14 Feb 2024 16:50:23 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 24 Jun 2022 18:41:33 GMT
content-type: font/woff2
age: 578993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 640fbb04730146d4b636e2062afb5267
fe9faa4412eaa72a7f1e6ea22f250c20a9f00f93
1c1ad6ddeabce08822b9247423ebea471c0378db7ecb681a055b2f7002967770
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cookie-script.com/s/d0d874b1ff05d1671a76806430133491.js
78.46.117.148200 OK 39 kB URL HTTP/2 cdn.cookie-script.com/s/d0d874b1ff05d1671a76806430133491.js
IP 78.46.117.148:0
ASN #24940 Hetzner Online GmbH
Hash d352bf09c48319830bb2e65a67297c3f
ed99af70b3ca7fbbf29b551d16c4edf5776cb5a4
03c6c6dbac36990f9e12a8c0a86e4b4ec1f5260cc4ebb4135ae50a39a7fdcd8d
GET /s/d0d874b1ff05d1671a76806430133491.js HTTP/1.1
Host: cdn.cookie-script.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 21 Feb 2023 09:40:16 GMT
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 07:28:31 GMT
etag: W/"b7b58d73688d67f1560519e1873af124"
access-control-allow-origin: *
x-cache-status: HIT
content-type: application/javascript
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash eb6812b24009877ada00df19070fefe5
4968938416cd623d3bb66bfe9f9eae61d85e033e
7c35cb57ce31c8bbccb9d0e234e637266398316ca114f69bbe6e2c306b5e0cd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 640fbb04730146d4b636e2062afb5267
fe9faa4412eaa72a7f1e6ea22f250c20a9f00f93
1c1ad6ddeabce08822b9247423ebea471c0378db7ecb681a055b2f7002967770
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-71666728-1&cid=721880159.1676972417&jid=575198770&gjid=737279534&_gid=1104832780.1676972417&_u=qFBAAEAAEAAAACAAI~&z=564755933
74.125.205.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-71666728-1&cid=721880159.1676972417&jid=575198770&gjid=737279534&_gid=1104832780.1676972417&_u=qFBAAEAAEAAAACAAI~&z=564755933
IP 74.125.205.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-71666728-1&cid=721880159.1676972417&jid=575198770&gjid=737279534&_gid=1104832780.1676972417&_u=qFBAAEAAEAAAACAAI~&z=564755933 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.friskforlag.no
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.friskforlag.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 21 Feb 2023 09:40:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.omappapi.com/app/js/11.eec3051a.min.js
194.242.11.186200 OK 2.4 kB URL HTTP/2 a.omappapi.com/app/js/11.eec3051a.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (1939)
Hash 0cb4f712ae7e64c0e4a7b2fbe6f5cdd8
c30d2746e5dad262e9245ff805953fca7f71ea49
84f1cbaceab49ed1aeb494b70cb8c5b8bbd7b399beb7500f66ff7bb5a7994809
GET /app/js/11.eec3051a.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:16 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63d189d4-7cb"
last-modified: Wed, 25 Jan 2023 19:58:12 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 344
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:26:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 81b2667d1aa036a2cef984cc19e31c39
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/22.3cb73615.min.js
194.242.11.186200 OK 1.3 kB URL HTTP/2 a.omappapi.com/app/js/22.3cb73615.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (1495)
Hash 11c1ffa392b76e078b88666ac7502080
631c8e6ecc11e2b591189fe0bbfdb3f7336d0e72
7faae6c650a25fbe66ce7d7306c1b3534b5554729c92c37dda80d9a6b9116b77
GET /app/js/22.3cb73615.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:16 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63c55a36-616"
last-modified: Mon, 16 Jan 2023 14:07:50 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 344
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:26:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 879b4ed3244d921777706ae21bb39f4e
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 082e9abf38efe3287592cadfd5cf28b5
790b8bfc4f73449f779cfd5f4702a63c3b5da47f
e49b03ef1ca823ad9fa273a31c28d7edb38c79c4f763e52760461431479c0bf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-71666728-1&cid=721880159.1676972417&jid=575198770&_u=qFBAAEAAEAAAACAAI~&z=731983130
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-71666728-1&cid=721880159.1676972417&jid=575198770&_u=qFBAAEAAEAAAACAAI~&z=731983130
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-71666728-1&cid=721880159.1676972417&jid=575198770&_u=qFBAAEAAEAAAACAAI~&z=731983130 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 09:40:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-71666728-1&cid=721880159.1676972417&jid=575198770&_u=qFBAAEAAEAAAACAAI~&z=731983130
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-71666728-1&cid=721880159.1676972417&jid=575198770&_u=qFBAAEAAEAAAACAAI~&z=731983130
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-71666728-1&cid=721880159.1676972417&jid=575198770&_u=qFBAAEAAEAAAACAAI~&z=731983130 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 09:40:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 32c273f03591a760d39799b2aca7927e
5236e80503b30600573e40c674c577c06185a83f
d8e8f0daef07cc746bc65813819ed5cd30367e5cd145d00bb305757b9b4a8bd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
z.omappapi.com/v3/i?aid=171696&cid=hldq9w6jn7wv5jpooc7v&sid=6244443d4d1c0&rt=false&dv=desktop&cty=floating&url=produkt%2Fmias-mat&v=5
178.128.135.233204 No Content 0 B URL HTTP/1.1 z.omappapi.com/v3/i?aid=171696&cid=hldq9w6jn7wv5jpooc7v&sid=6244443d4d1c0&rt=false&dv=desktop&cty=floating&url=produkt%2Fmias-mat&v=5
IP 178.128.135.233:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/i?aid=171696&cid=hldq9w6jn7wv5jpooc7v&sid=6244443d4d1c0&rt=false&dv=desktop&cty=floating&url=produkt%2Fmias-mat&v=5 HTTP/1.1
Host: z.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.friskforlag.no
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Tue, 21 Feb 2023 09:40:17 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.friskforlag.no
Access-Control-Allow-Credentials: true
Server: kong/0.14.1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 082e9abf38efe3287592cadfd5cf28b5
790b8bfc4f73449f779cfd5f4702a63c3b5da47f
e49b03ef1ca823ad9fa273a31c28d7edb38c79c4f763e52760461431479c0bf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.friskforlag.no/wp-content/plugins/woo-vipps/css/vipps.css?ver=1675066561&sb-version=1675066561
162.159.152.23200 OK 0 B URL HTTP/2 www.friskforlag.no/wp-content/plugins/woo-vipps/css/vipps.css?ver=1675066561&sb-version=1675066561
IP 162.159.152.23:0
GET /wp-content/plugins/woo-vipps/css/vipps.css?ver=1675066561&sb-version=1675066561 HTTP/1.1
Host: www.friskforlag.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/produkt/mias-mat/?kk=a4c626f-186735854b8-2535e&utm_source=google&utm_campaign=feed&utm_medium=katalog&utm_term=434819
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Fmias-mat%2F%3Fkk%3Da4c626f-186735854b8-2535e%26utm_source%3Dgoogle%26utm_campaign%3Dfeed%26utm_medium%3Dkatalog%26utm_term%3D434819; __cf_bm=QSSFm_s6aXjGootgRvHZb8vmwbqRUqD9KTjpzBlr3bQ-1676972415-0-ATq2jWH0TLe7+I45tF59rN5PSpkZv0UVjs9JmtJsMvgieB2L43dgruM9e7Ki323DWgkC6eCISoNrDr3s6M/nExI=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:15 GMT
content-type: text/css
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=8190
etag: W/"1ffe-5f376d363ab4c"
expires: Wed, 21 Feb 2024 09:40:15 GMT
last-modified: Mon, 30 Jan 2023 08:16:01 GMT
vary: Accept-Encoding
x-frontend-cache: MISS
cf-cache-status: HIT
age: 81570
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
servebolt: acd
server: cloudflare
cf-ray: 79ce84fb4a9b0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.omappapi.com/app/js/20.e40ad1db.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/20.e40ad1db.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/20.e40ad1db.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:16 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63d189ca-ee0"
last-modified: Wed, 25 Jan 2023 19:58:02 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 318
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:26:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d2d898d7323dc2b996f6897be88e94f3
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/28.37593e59.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/28.37593e59.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/28.37593e59.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:16 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63c564e4-1761"
last-modified: Mon, 16 Jan 2023 14:53:24 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 344
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:26:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 143061946f0732ef2c340a65f5523378
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.friskforlag.no/produkt/mias-mat/?kk=a4c626f-186735854b8-2535e&utm_source=google&utm_campaign=feed&utm_medium=katalog&utm_term=434819
162.159.152.23200 OK 0 B URL HTTP/2 www.friskforlag.no/produkt/mias-mat/?kk=a4c626f-186735854b8-2535e&utm_source=google&utm_campaign=feed&utm_medium=katalog&utm_term=434819
IP 162.159.152.23:0
GET /produkt/mias-mat/?kk=a4c626f-186735854b8-2535e&utm_source=google&utm_campaign=feed&utm_medium=katalog&utm_term=434819 HTTP/1.1
Host: www.friskforlag.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:15 GMT
content-type: text/html; charset=UTF-8
cf-ray: 79ce84f74d780b55-OSL
cache-control: s-maxage=3600, max-age=600, private
expires: Tue, 21 Feb 2023 09:50:14 GMT
link: <https://www.friskforlag.no/wp-json/>; rel="https://api.w.org/", <https://www.friskforlag.no/wp-json/wp/v2/product/434819>; rel="alternate"; type="application/json", rel=preload; </acd-cgi/instant/5.1.0>; as=script
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: BYPASS
cdn-cache-control: max-age=3600
origin-cache-control: max-age=600, public, s-maxage=600
pragma: public
x-acd-status: BYPASS, set-cookie
x-acd-ttl: 3600
x-content-type-options: nosniff
x-servebolt-plugin: active
set-cookie: mailchimp_landing_site=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Fmias-mat%2F%3Fkk%3Da4c626f-186735854b8-2535e%26utm_source%3Dgoogle%26utm_campaign%3Dfeed%26utm_medium%3Dkatalog%26utm_term%3D434819; expires=Tue, 21-Mar-2023 09:40:14 GMT; Max-Age=2419200; path=/; secure; SameSite=Strict
__cf_bm=QSSFm_s6aXjGootgRvHZb8vmwbqRUqD9KTjpzBlr3bQ-1676972415-0-ATq2jWH0TLe7+I45tF59rN5PSpkZv0UVjs9JmtJsMvgieB2L43dgruM9e7Ki323DWgkC6eCISoNrDr3s6M/nExI=; path=/; expires=Tue, 21-Feb-23 10:10:15 GMT; domain=.www.friskforlag.no; HttpOnly; Secure; SameSite=None
servebolt: acd
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.omappapi.com/app/js/4.3fabeac5.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/4.3fabeac5.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/4.3fabeac5.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:16 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63d189c7-a4b9"
last-modified: Wed, 25 Jan 2023 19:57:59 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 318
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:26:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 233b99d8e6993794169db895af71b690
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/17.1d529f0c.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/17.1d529f0c.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/17.1d529f0c.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:16 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63c660e5-1ef"
last-modified: Tue, 17 Jan 2023 08:48:37 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 318
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:26:51
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 7ea54598c816e2be8b472e769de9711c
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.friskforlag.no/wp-content/themes/bootcommerce-child-main/img/logo/klarna.svg
162.159.152.23200 OK 0 B URL HTTP/2 www.friskforlag.no/wp-content/themes/bootcommerce-child-main/img/logo/klarna.svg
IP 162.159.152.23:0
GET /wp-content/themes/bootcommerce-child-main/img/logo/klarna.svg HTTP/1.1
Host: www.friskforlag.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/produkt/mias-mat/?kk=a4c626f-186735854b8-2535e&utm_source=google&utm_campaign=feed&utm_medium=katalog&utm_term=434819
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Fmias-mat%2F%3Fkk%3Da4c626f-186735854b8-2535e%26utm_source%3Dgoogle%26utm_campaign%3Dfeed%26utm_medium%3Dkatalog%26utm_term%3D434819; __cf_bm=QSSFm_s6aXjGootgRvHZb8vmwbqRUqD9KTjpzBlr3bQ-1676972415-0-ATq2jWH0TLe7+I45tF59rN5PSpkZv0UVjs9JmtJsMvgieB2L43dgruM9e7Ki323DWgkC6eCISoNrDr3s6M/nExI=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:15 GMT
content-type: image/svg+xml
last-modified: Thu, 12 May 2022 12:09:55 GMT
etag: W/"555-5decf6f97225b"
expires: Tue, 28 Feb 2023 09:40:15 GMT
cache-control: public, max-age=604800
vary: Accept-Encoding
x-frontend-cache: MISS
cf-cache-status: HIT
age: 81570
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
servebolt: acd
server: cloudflare
cf-ray: 79ce84fb3a920b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.omappapi.com/app/js/webfont/1.5.18/webfont.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/webfont/1.5.18/webfont.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/webfont/1.5.18/webfont.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:16 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63c58a6d-40cb"
last-modified: Mon, 16 Jan 2023 17:33:33 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 344
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:26:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 832787fea8c65b02c9d75da78d4a0381
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/31.273bded2.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/31.273bded2.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/31.273bded2.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:16 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63dc33c2-69f"
last-modified: Thu, 02 Feb 2023 22:05:54 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 318
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:26:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: c6032eec0c93346d164fe3d161475df9
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/9.4e528b17.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/9.4e528b17.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/9.4e528b17.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:16 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63c5fc23-687"
last-modified: Tue, 17 Jan 2023 01:38:43 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 318
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:26:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cd59a9377e3f1c1a66737b08821325a5
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/campaign-views/daf929ba1e80/hldq9w6jn7wv5jpooc7v/f9a80a0016b45ce1587605a8e87bfc74-yesno.json
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/campaign-views/daf929ba1e80/hldq9w6jn7wv5jpooc7v/f9a80a0016b45ce1587605a8e87bfc74-yesno.json
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/campaign-views/daf929ba1e80/hldq9w6jn7wv5jpooc7v/f9a80a0016b45ce1587605a8e87bfc74-yesno.json HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.friskforlag.no
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:16 GMT
content-type: application/json
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63c62b40-884e"
last-modified: Tue, 17 Jan 2023 04:59:44 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 344
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:27:16
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 0ebd209227b5c56ee1982500858ee3dc
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/171696/hldq9w6jn7wv5jpooc7v
54.230.111.48200 OK 0 B URL HTTP/2 api.omappapi.com/v2/embed/171696/hldq9w6jn7wv5jpooc7v
IP 54.230.111.48:0
GET /v2/embed/171696/hldq9w6jn7wv5jpooc7v HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.friskforlag.no
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Tue, 21 Feb 2023 09:40:25 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Tue, 21 Feb 2023 09:25:33 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Tue, 20 Dec 2022 08:51:35 GMT
etag: W/"07ed7eb578d4761474fdce855b128f32"
x-optinmonster-campaign: hldq9w6jn7wv5jpooc7v
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GCgVBmzWhjzl-jMiYQEYxK99IOyhOCYj_PB3NnIC8g-J3RDT0m6hwQ==
X-Firefox-Spdy: h2
a.omappapi.com/app/js/5.112e6dc7.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/5.112e6dc7.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/5.112e6dc7.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:15 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63dc33c1-3f86"
last-modified: Thu, 02 Feb 2023 22:05:53 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 344
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:26:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6efe71645e23314b78a36031de2b9a65
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/moment.js/2.29.4/moment.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/moment.js/2.29.4/moment.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/moment.js/2.29.4/moment.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:40:16 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63c5920d-e2d0"
last-modified: Mon, 16 Jan 2023 18:06:05 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 318
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 19:26:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1f1c5b6aa15349ded75261d7aebbdd05
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2