worldwardmobi.com/pawcheck/config/sew/USAA/USAA/USAA/login.php
200 OK 522 B URL HTTP/1.1 worldwardmobi.com/pawcheck/config/sew/USAA/USAA/USAA/login.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (522), with no line terminators
Hash eb0e56a67295c2a5ff82d4d068837b85
4d9eb307685c2fb422360086d5954b55b2489c71
057b3b3a007a16e34209516e2b8ffced84628dc3b0e4070f12906ee391422f4b
Analyzer Verdict Alert fortinet Phishing
GET /pawcheck/config/sew/USAA/USAA/USAA/login.php HTTP/1.1
Host: worldwardmobi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 522
content-type: text/html; charset=utf-8
date: Mon, 20 Mar 2023 09:34:43 GMT
server: nginx
set-cookie: sid=725ca640-c702-11ed-a81c-3391dfbcdfb0; path=/; domain=.worldwardmobi.com; expires=Sat, 07 Apr 2091 12:48:51 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8905
Expires: Mon, 20 Mar 2023 12:03:09 GMT
Date: Mon, 20 Mar 2023 09:34:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 28774b36cf8bb6b054329393a33f6239
728313ddff6d5ceb6db3eb8445f039779616a140
08378fe6a897ab5a9c8d3bc2748c9670659d0d0d164317fdfac88d23fee78fa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08378FE6A897AB5A9C8D3BC2748C9670659D0D0D164317FDFAC88D23FEE78FA0"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3156
Expires: Mon, 20 Mar 2023 10:27:20 GMT
Date: Mon, 20 Mar 2023 09:34:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 20 Mar 2023 09:27:14 GMT
content-type: application/json
age: 450
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash eddc2a353d39e5ce5c30d7e90b3ed6a5
305e86e4b966344c135c50af9a6509ffd3a83e9e
bd775c38c2e11f1baedde5d92ab17ceaf4c2067f8ea996595a66801758a71813
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD775C38C2E11F1BAEDDE5D92AB17CEAF4C2067F8EA996595A66801758A71813"
Last-Modified: Fri, 17 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10278
Expires: Mon, 20 Mar 2023 12:26:02 GMT
Date: Mon, 20 Mar 2023 09:34:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: U3ondByxG2ypTun+ij1vuT5ahwYw3y7lKRNhXBbo8l0OuLskQRYCwzwT3YEGFsAODd4KQJ/VcK8=
x-amz-request-id: BZR25APTT76PSZXQ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 20 Mar 2023 08:52:42 GMT
age: 2522
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 20 Mar 2023 09:34:44 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
worldwardmobi.com/favicon.ico
404 Not Found 9 B URL HTTP/1.1 worldwardmobi.com/favicon.ico
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: worldwardmobi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://worldwardmobi.com/pawcheck/config/sew/USAA/USAA/USAA/login.php
Cookie: sid=725ca640-c702-11ed-a81c-3391dfbcdfb0
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Mon, 20 Mar 2023 09:34:44 GMT
server: nginx
worldwardmobi.com/pawcheck/config/sew/USAA/USAA/USAA/login.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTMxMjA4NCwiaWF0IjoxNjc5MzA0ODg0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDcxZHA4ZTYxYzVrMWJnYTQxbmZlZzIiLCJuYmYiOjE2NzkzMDQ4ODQsInRzIjoxNjc5MzA0ODg0MDk3MDA5fQ.iXmZeqXtn0IkaN2ifyK4gaO-sPk9Z-HTtfgF2GLa7T4&sid=725ca640-c702-11ed-a81c-3391dfbcdfb0
302 Found 11 B URL HTTP/1.1 worldwardmobi.com/pawcheck/config/sew/USAA/USAA/USAA/login.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTMxMjA4NCwiaWF0IjoxNjc5MzA0ODg0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDcxZHA4ZTYxYzVrMWJnYTQxbmZlZzIiLCJuYmYiOjE2NzkzMDQ4ODQsInRzIjoxNjc5MzA0ODg0MDk3MDA5fQ.iXmZeqXtn0IkaN2ifyK4gaO-sPk9Z-HTtfgF2GLa7T4&sid=725ca640-c702-11ed-a81c-3391dfbcdfb0
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /pawcheck/config/sew/USAA/USAA/USAA/login.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTMxMjA4NCwiaWF0IjoxNjc5MzA0ODg0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDcxZHA4ZTYxYzVrMWJnYTQxbmZlZzIiLCJuYmYiOjE2NzkzMDQ4ODQsInRzIjoxNjc5MzA0ODg0MDk3MDA5fQ.iXmZeqXtn0IkaN2ifyK4gaO-sPk9Z-HTtfgF2GLa7T4&sid=725ca640-c702-11ed-a81c-3391dfbcdfb0 HTTP/1.1
Host: worldwardmobi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://worldwardmobi.com/pawcheck/config/sew/USAA/USAA/USAA/login.php
Cookie: sid=725ca640-c702-11ed-a81c-3391dfbcdfb0
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 20 Mar 2023 09:34:44 GMT
location: http://cynes-gwf.com/zcvisitor/72aa2a53-c702-11ed-9847-12fe14d5f167/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=72bd8b42-c702-11ed-9847-12fe14d5f167
server: nginx
set-cookie: sid=725ca640-c702-11ed-a81c-3391dfbcdfb0; path=/; domain=.worldwardmobi.com; expires=Sat, 07 Apr 2091 12:48:51 GMT; max-age=2147483647; HttpOnly
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 20 Mar 2023 09:17:21 GMT
age: 1043
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16382
Expires: Mon, 20 Mar 2023 14:07:47 GMT
Date: Mon, 20 Mar 2023 09:34:45 GMT
Connection: keep-alive
cynes-gwf.com/zcvisitor/72aa2a53-c702-11ed-9847-12fe14d5f167/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=72bd8b42-c702-11ed-9847-12fe14d5f167
200 1.1 kB URL HTTP/1.1 cynes-gwf.com/zcvisitor/72aa2a53-c702-11ed-9847-12fe14d5f167/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=72bd8b42-c702-11ed-9847-12fe14d5f167
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4cfddd9aefcbb904d9517c5f637fe644
e4f2e45d1ddde5228b3b82608cd078c0bbc788aa
5b63e86d872ba6b90358fb0fcfaac32ff3e19dea7e73e78c2623846742f828e9
GET /zcvisitor/72aa2a53-c702-11ed-9847-12fe14d5f167/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=72bd8b42-c702-11ed-9847-12fe14d5f167 HTTP/1.1
Host: cynes-gwf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://worldwardmobi.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 20 Mar 2023 09:34:45 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: DOFWpXlG
cynes-gwf.com/zcredirect?visitid=72aa2a53-c702-11ed-9847-12fe14d5f167&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
200 300 B URL HTTP/1.1 cynes-gwf.com/zcredirect?visitid=72aa2a53-c702-11ed-9847-12fe14d5f167&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e19fc59abc9077bd5d2bb8e78a9be926
81375a1a23bd3fc10850da6f4aca7f9d27d5483c
16e0232bbf5625f1daae71f3d00550cfedc329fa3bbd6924adcdf9f0ee995e59
GET /zcredirect?visitid=72aa2a53-c702-11ed-9847-12fe14d5f167&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: cynes-gwf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynes-gwf.com/zcvisitor/72aa2a53-c702-11ed-9847-12fe14d5f167/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=72bd8b42-c702-11ed-9847-12fe14d5f167
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 20 Mar 2023 09:34:45 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: ooQXwrJN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gwK+6Epvvj6wDnfgLgx0mw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BLA5/spJlVKMiphCRspBxXAXH88=
cynes-gwf.com/favicon.ico
404 653 B URL HTTP/1.1 cynes-gwf.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: cynes-gwf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynes-gwf.com/zcredirect?visitid=72aa2a53-c702-11ed-9847-12fe14d5f167&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Mon, 20 Mar 2023 09:34:45 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: diWXsBJW
xml-v4.frdjs-1.co/click?seat=2499270&i=ued09janSiU_0
302 Found 0 B URL HTTP/1.1 xml-v4.frdjs-1.co/click?seat=2499270&i=ued09janSiU_0
IP
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?seat=2499270&i=ued09janSiU_0 HTTP/1.1
Host: xml-v4.frdjs-1.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynes-gwf.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://clever-redirect.com/s/r6?s=1266131615&s2=worldwardmobi%2Cworldwardmobi.com%2Cmobile+phone%2Ccell+phone+plan&s3=10953240500
Pragma: no-cache
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a950bb4cee1f08534bd6b6fef9c63000
a471ba8cf65a8cc4c64419969bffbaa1d970773e
284cfc2683fdfd453f4a070e0e71b4e76cdb81a98f85006b69ab18357d5a475b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "284CFC2683FDFD453F4A070E0E71B4E76CDB81A98F85006B69AB18357D5A475B"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8404
Expires: Mon, 20 Mar 2023 11:54:49 GMT
Date: Mon, 20 Mar 2023 09:34:45 GMT
Connection: keep-alive
clever-redirect.com/s/r6?s=1266131615&s2=worldwardmobi%2Cworldwardmobi.com%2Cmobile+phone%2Ccell+phone+plan&s3=10953240500
200 OK 272 B URL HTTP/1.1 clever-redirect.com/s/r6?s=1266131615&s2=worldwardmobi%2Cworldwardmobi.com%2Cmobile+phone%2Ccell+phone+plan&s3=10953240500
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 958b2dcdbdfaa4e38d632a58cbf7b4bc
175467ccda9566f002aa72b398e2aa6b304b9527
148154475c44016c01d2d1a625750bc647a0432f2cfe978fe627b6c0c89d652a
GET /s/r6?s=1266131615&s2=worldwardmobi%2Cworldwardmobi.com%2Cmobile+phone%2Ccell+phone+plan&s3=10953240500 HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynes-gwf.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 09:34:46 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Referrer-Policy: no-referrer
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
clever-redirect.com/s/rc?l=13a0f3023c3dc256044b39ee6ad22be9
200 OK 385 B URL HTTP/1.1 clever-redirect.com/s/rc?l=13a0f3023c3dc256044b39ee6ad22be9
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385), with no line terminators
Hash f7b4079a69414a59aa46a89bba910ef7
477561de4c6b617c8fbdf009755fdd149189df9d
bae565ab8accac012c5f04d821d5267d7c112489c8e39db08d9d2a7b50c8c2ee
GET /s/rc?l=13a0f3023c3dc256044b39ee6ad22be9 HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 09:34:46 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Referrer-Policy: no-referrer
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash adee2b7f240126456bee7cb20f824b9d
25a3647de8284f66b78cf59a1a8f0ef40453fb2f
7885a9a07a44f3bf2373f59752ab65a4cfc3cf49e560b34e7f4d3fbf6cce61c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7885A9A07A44F3BF2373F59752AB65A4CFC3CF49E560B34E7F4D3FBF6CCE61C3"
Last-Modified: Sun, 19 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6432
Expires: Mon, 20 Mar 2023 11:21:58 GMT
Date: Mon, 20 Mar 2023 09:34:46 GMT
Connection: keep-alive
lookandfind.me/s/a?t=26&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kondomeriet.no&s1=1266131615&s2=worldwardmobiworldwardmobi.commobilephonecellphoneplan&s3=10953240500&s5=cf
200 OK 424 B URL HTTP/1.1 lookandfind.me/s/a?t=26&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kondomeriet.no&s1=1266131615&s2=worldwardmobiworldwardmobi.commobilephonecellphoneplan&s3=10953240500&s5=cf
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document, ASCII text, with very long lines (424), with no line terminators
Hash 171bea09c8f0a68a4c4d6013ca13f69c
f5229de28ca97f5a09dd0f6ec02a554334d7a217
58930e66b396dde87adfd455afe020702725dceccfec7caab6fe8675d25e2896
GET /s/a?t=26&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=kondomeriet.no&s1=1266131615&s2=worldwardmobiworldwardmobi.commobilephonecellphoneplan&s3=10953240500&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 09:34:46 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.16
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
lookandfind.me/s/r?u=https%3A%2F%2Fmonetoad.com%2Fredir%2FclickGate.php%3Fu%3Du68EH62H%26p%3D6W7Jld5BVk%26m%3D30%26s%3De03a302a2b88ccba447c37e17687085b%26url%3Dhttps%253A%252F%252Fkondomeriet.no&h=7c75ed14a8e92d208e860aadcd9a8473
200 OK 336 B URL HTTP/1.1 lookandfind.me/s/r?u=https%3A%2F%2Fmonetoad.com%2Fredir%2FclickGate.php%3Fu%3Du68EH62H%26p%3D6W7Jld5BVk%26m%3D30%26s%3De03a302a2b88ccba447c37e17687085b%26url%3Dhttps%253A%252F%252Fkondomeriet.no&h=7c75ed14a8e92d208e860aadcd9a8473
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (336), with no line terminators
Hash 70fe0e6fe6582ad7807db563bd98c82c
faf87dddc0bafa1a9341357f930021aaa21b087d
ae14426e883306f6efc848a7c0a2ba857979ce6a94f26b1e7a707291de70ef22
GET /s/r?u=https%3A%2F%2Fmonetoad.com%2Fredir%2FclickGate.php%3Fu%3Du68EH62H%26p%3D6W7Jld5BVk%26m%3D30%26s%3De03a302a2b88ccba447c37e17687085b%26url%3Dhttps%253A%252F%252Fkondomeriet.no&h=7c75ed14a8e92d208e860aadcd9a8473 HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 09:34:46 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.16
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8420
Expires: Mon, 20 Mar 2023 11:55:06 GMT
Date: Mon, 20 Mar 2023 09:34:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8420
Expires: Mon, 20 Mar 2023 11:55:06 GMT
Date: Mon, 20 Mar 2023 09:34:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8420
Expires: Mon, 20 Mar 2023 11:55:06 GMT
Date: Mon, 20 Mar 2023 09:34:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8420
Expires: Mon, 20 Mar 2023 11:55:06 GMT
Date: Mon, 20 Mar 2023 09:34:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cd6847f-4682-4476-ab1c-3a96a63feea0.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cd6847f-4682-4476-ab1c-3a96a63feea0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2dd89721d1aeaf671e76434c7d8a4ad7
a3dedec80d68e8f0326548d03b0e594ffc87ecd1
ff593609540ed01673c58483ce57a40cc712000d32427ccf2486fd0035728448
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cd6847f-4682-4476-ab1c-3a96a63feea0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6839
x-amzn-requestid: c478a5c6-cb9b-4324-be41-b79c32f99570
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDU6GKyoAMF6uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f52-180dc15d2627e08d3182a761;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:32:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: QBgnZBxWku97O-CIkgmOTJe5g2DCZOozVhHj_0ViEP6w7hDeXPhmeg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:14:42 GMT
age: 40804
etag: "a3dedec80d68e8f0326548d03b0e594ffc87ecd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 302595cc68fe8cf12121d0f652b3194d
e5532a3fed552246e8a63ea2ba75e174273a7b9f
6ca3599a9af06f51d4dc205d4ebd8f7f8b38c54864b6b478eac8c0d1adbc97c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7695
x-amzn-requestid: 1009077b-14aa-42e5-86f1-de94b8b2aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDETIHf8oAMFxEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641780e0-07bbb0376f1c1941731e00ba;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 388_JExXl_vwNTUh_69QfjoGz-cNeQwwrp6kpAP1Hhv3VvtgeeXbrw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 21:55:31 GMT
age: 41955
etag: "e5532a3fed552246e8a63ea2ba75e174273a7b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6d92bde-aeaf-4220-ab31-32d913cebcbf.png
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6d92bde-aeaf-4220-ab31-32d913cebcbf.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df9bad66ead39008462af08bda8ff3cb
816a0f35e0cf37329fa233a8fefe9a8addf04edc
f1bf32da41b171c73b741c247ddfbc91d2e82daba395fde6798de3a2571f3fc3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6d92bde-aeaf-4220-ab31-32d913cebcbf.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9844
x-amzn-requestid: 05aa623d-9c20-49ff-a68d-323d0dcf4d59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDEhgFXzoAMFvMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417813c-078768b7057ff73c29e5514b;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:40:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: AOhxtm5AelyUDMj3ZY3nYaHSJV2steyS9Yqi9CPpsos7lOelfxy6PA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 21:50:29 GMT
age: 42257
etag: "816a0f35e0cf37329fa233a8fefe9a8addf04edc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51533590-da87-4812-896e-5b883e86ca26.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51533590-da87-4812-896e-5b883e86ca26.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6070b228321fcff24280a0282db8339f
f27b17b7ff1a8c47dfcc3815dc9e097992190b74
f76f6c4c5cb65a6ec03853432a3cfa458eadee602789ce729d7de0b86ca1940d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51533590-da87-4812-896e-5b883e86ca26.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 24988fc6-aec7-4c59-a437-fd175e535149
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDVWHFBIAMF2Yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f55-75e20fad03b26102300ae78e;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:32:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Vh4P47QmpN9AKmirRlRJSIZG76Dy4l9OU1XVi2Yhxld3dLhAgOn7ZQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 21:37:03 GMT
age: 43063
etag: "f27b17b7ff1a8c47dfcc3815dc9e097992190b74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: xfkObFQbeYQQjIJ4FWQ7xKbH5FPxBQ1vkTDCwWCM6IcAAu8H31BNhQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 07:04:48 GMT
age: 8998
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1533684819dcbf9e77684c19eb86465
489f8f036efd23ce36085af127af7d6c794fe00b
9154a471013bd0972fad93ea4eeaf4b23f66dd1534e0d9cc302263aca0f94bd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12424
x-amzn-requestid: 64a89fbe-4ac0-4059-a481-37c30ae36928
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eOuEG2oAMF1Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dd91-0492160f3e8196a23fc53eda;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: tx--67yg-v6sA1zslsl2iUXzLbdnWhU-cMqTDpxldZg-qog8-urKcA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 12:29:11 GMT
etag: "489f8f036efd23ce36085af127af7d6c794fe00b"
content-type: image/jpeg
age: 75935
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 10cf2fe055dc5b80cf75dc2f66707ff6
f5e52974bb0791c181574326a7c41ccfb975d756
575655d366077897533c6154af7e0b79be6efd05b8fdf43eed9d46f621834eed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "575655D366077897533C6154AF7E0B79BE6EFD05B8FDF43EED9D46F621834EED"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11908
Expires: Mon, 20 Mar 2023 12:53:15 GMT
Date: Mon, 20 Mar 2023 09:34:47 GMT
Connection: keep-alive
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash 9af40c212dd87704c7e9e3caa4f5d1e6
37b21d8a0492c9a979849cbafd2f06e80152f972
c496560aba0b549612b90d3d5b95c38585c23fc263bdfb60bcdf321e2ba4d250
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117799
Date: Mon, 20 Mar 2023 09:34:47 GMT
Etag: "64174997-1d7"
Expires: Tue, 21 Mar 2023 18:18:06 GMT
Last-Modified: Sun, 19 Mar 2023 17:42:47 GMT
Server: ECAcc (dcb/7F28)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7fYWR_PmswnWGFJIcNrYOvgBon1PZcobuVYd4p6QRjZ9EEdSeIkyhg==
Age: 2119
monetoad.com/redir/clickGate.php?u=u68EH62H&p=6W7Jld5BVk&m=30&s=e03a302a2b88ccba447c37e17687085b&url=https://kondomeriet.no
302 Found 32 kB URL HTTP/2 monetoad.com/redir/clickGate.php?u=u68EH62H&p=6W7Jld5BVk&m=30&s=e03a302a2b88ccba447c37e17687085b&url=https://kondomeriet.no
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12878)
Hash d508e60bafd5c8d1004bd1b27b9723f8
ac86c6e1fb64dbb1e464a0d07bc7abd5f4433319
68b224003ab5a9b9cfee5c66368ffcecc51dd04e04be091315212c6052c6210e
GET /redir/clickGate.php?u=u68EH62H&p=6W7Jld5BVk&m=30&s=e03a302a2b88ccba447c37e17687085b&url=https://kondomeriet.no HTTP/1.1
Host: monetoad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 20 Mar 2023 09:34:47 GMT
content-type: text/html; charset=UTF-8
location: https://api.yadore.com/v2/r/deeplink?e=MlZ0RDQxTnNFbjBsRHZLK1lGTTc4TEFUZ2ZmRWJQRUZUbTB6UHRZNG05eUhGdkdYanVyaXhvNUw3Z2JxcTM3UFRUdjNBZlVnUUZZZXFQV3lLY2EvVU5SR1dYUjBGRXdoUElsZUFjSW90dGkzQlUvaEtYeWpZMzVEWWV5TE12ZXgyb0NNaEJ1TUh3RnNFWSswRExoQzBlbGVHUndVcnZPZ3MrK3I2N3lrWXZzK1dHcz0=&i=Lat2cMcP1f_57mML&placementId=3CeblerkDTkp6Q4U0KSwqdrXpcTeXz9A7lQuEN40CJZmrz
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZZXKGPwN5Dr98rhKFsqExbVTMmeX%2BAKUl5wFY3uJHDN6KXwX6olIkaDb2PLehsjiKH65thA%2FUlcqClxA4U2YIbIQXi45tEvI31xKJMt67efE8jOVUUH1cBk1zvHR6s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aacf6154c840b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dd.kelkoogroup.net/tags.js
200 OK 58 kB URL HTTP/2 dd.kelkoogroup.net/tags.js
IP
File type ASCII text, with very long lines (65431)
Hash e48951c0e3d71e520d41885400203fa1
4a2098fbd356572e81ed693d867e15229b0491cb
15664faa9842b38dd05c990172d39736c87451a1f0eff47ea3a12e3b2675fc28
GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Connection: keep-alive
Cookie: kelkooID=a4c6294-186fe5f0d0a-a342; _ga=GA1.2.1247701175.1679304888; _gid=GA1.2.606756703.1679304888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 57552
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Fri, 17 Mar 2023 08:10:53 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront), 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
date: Mon, 20 Mar 2023 09:11:22 GMT
cache-control: max-age=3600, public
expires: Mon, 20 Mar 2023 10:11:22 GMT
etag: "451ef-5f7141db9c717-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: zog454ClBJoU-vVkcXW-IxFjQTDzBx7MuzgSin-6GPKi6gc-HSYFcg==
age: 1406
X-Firefox-Spdy: h2
status.thawte.com/
200 OK 471 B IP
Hash 62065a74992c35b461e817720460c43f
6681b5d2de7288fc5ed9111f0fb6e48f741f0212
f5a7d23752976006ba6c9eff4cfa0d1ea13e682564f49216e49a43d2903ab682
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5922
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:48 GMT
Last-Modified: Mon, 20 Mar 2023 07:56:06 GMT
Server: ECAcc (ska/F73A)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
200 OK 471 B IP
Hash 62065a74992c35b461e817720460c43f
6681b5d2de7288fc5ed9111f0fb6e48f741f0212
f5a7d23752976006ba6c9eff4cfa0d1ea13e682564f49216e49a43d2903ab682
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4626
Cache-Control: max-age=116005
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:48 GMT
Etag: "641738cb-1d7"
Expires: Tue, 21 Mar 2023 17:48:13 GMT
Last-Modified: Sun, 19 Mar 2023 16:31:07 GMT
Server: ECAcc (ska/F6E1)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604210d4d8510d411eab9db270d0fc692fe4d34d8be78d4b65e11d8d116224fcfd996da2a14fe33bc1035c0fac49e93f68ce1e46aa45b0af3fec90bc6a31d76afccfd63cd31285fe2c099eb2d7ed59a7b7466e5a41ef904dbfb6bded5fb21cd5b97a12c43f5e1cafb4a96e3729288dc7bf14517de8793f4ffa7a640d593e4d69f0504790186945b094a86259435df375fcc95e5e45e5b0e589a44b72f0b602b614bd40b453c785f3ac72d7c8d5a47f4d177a2eae3c73dc975d8f6a98b27789d88817614890d94898bc1922f8b8b0f2d15da346f485ea400f3c4c9d82250bfa68027c5e4228ad2d3bbff5608f5edb3a3905726d761e31abcd685caad26634af0e74499cf0a334de45b2e33f4c5599103adeec76f877bb2645fba470e07547fabef7215c2f408dd4300e4608ea9cfdd77f48c36d8c54d0f3de7492b7b67cc565c8cbc2e454c8eeee12564b179735021bfb0537b2b334eaecfd831f9
200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604210d4d8510d411eab9db270d0fc692fe4d34d8be78d4b65e11d8d116224fcfd996da2a14fe33bc1035c0fac49e93f68ce1e46aa45b0af3fec90bc6a31d76afccfd63cd31285fe2c099eb2d7ed59a7b7466e5a41ef904dbfb6bded5fb21cd5b97a12c43f5e1cafb4a96e3729288dc7bf14517de8793f4ffa7a640d593e4d69f0504790186945b094a86259435df375fcc95e5e45e5b0e589a44b72f0b602b614bd40b453c785f3ac72d7c8d5a47f4d177a2eae3c73dc975d8f6a98b27789d88817614890d94898bc1922f8b8b0f2d15da346f485ea400f3c4c9d82250bfa68027c5e4228ad2d3bbff5608f5edb3a3905726d761e31abcd685caad26634af0e74499cf0a334de45b2e33f4c5599103adeec76f877bb2645fba470e07547fabef7215c2f408dd4300e4608ea9cfdd77f48c36d8c54d0f3de7492b7b67cc565c8cbc2e454c8eeee12564b179735021bfb0537b2b334eaecfd831f9
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604210d4d8510d411eab9db270d0fc692fe4d34d8be78d4b65e11d8d116224fcfd996da2a14fe33bc1035c0fac49e93f68ce1e46aa45b0af3fec90bc6a31d76afccfd63cd31285fe2c099eb2d7ed59a7b7466e5a41ef904dbfb6bded5fb21cd5b97a12c43f5e1cafb4a96e3729288dc7bf14517de8793f4ffa7a640d593e4d69f0504790186945b094a86259435df375fcc95e5e45e5b0e589a44b72f0b602b614bd40b453c785f3ac72d7c8d5a47f4d177a2eae3c73dc975d8f6a98b27789d88817614890d94898bc1922f8b8b0f2d15da346f485ea400f3c4c9d82250bfa68027c5e4228ad2d3bbff5608f5edb3a3905726d761e31abcd685caad26634af0e74499cf0a334de45b2e33f4c5599103adeec76f877bb2645fba470e07547fabef7215c2f408dd4300e4608ea9cfdd77f48c36d8c54d0f3de7492b7b67cc565c8cbc2e454c8eeee12564b179735021bfb0537b2b334eaecfd831f9 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Connection: keep-alive
Cookie: kelkooID=a4c6294-186fe5f0d0a-a342
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
leadId: 62A001GVZ5Y3ZE0ER11TV2KMD55N8Z
clickId: 107698148_1679304887562_179012
country: no
Request-Time: PT0.002S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Mon, 20 Mar 2023 09:34:48 GMT
Content-Type: image/png
Content-Length: 68
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604210d4d8510d411eab9db270d0fc692fe4d34d8be78d4b65e11d8d116224fcfd996da2a14fe33bc1035c0fac49e93f68ce1e46aa45b0af3fec90bc6a31d76afccfd63cd31285fe2c099eb2d7ed59a7b7466e5a41ef904dbfb6bded5fb21cd5b97a12c43f5e1cafb4a96e3729288dc7bf14517de8793f4ffa7a640d593e4d69f0504790186945b094a86259435df375fcc95e5e45e5b0e589a44b72f0b602b614bd40b453c785f3ac72d7c8d5a47f4d177a2eae3c73dc975d8f6a98b27789d88817614890d94898bc1922f8b8b0f2d15da346f485ea400f3c4c9d82250bfa68027c5e4228ad2d3bbff5608f5edb3a3905726d761e31abcd685caad26634af0e74499cf0a334de45b2e33f4c5599103adeec76f877bb2645fba470e07547fabef7215c2f408dd4300e4608ea9cfdd77f48c36d8c54d0f3de7492b7b67cc565c8cbc2e454c8eeee12564b179735021bfb0537b2b334eaecfd831f9
200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604210d4d8510d411eab9db270d0fc692fe4d34d8be78d4b65e11d8d116224fcfd996da2a14fe33bc1035c0fac49e93f68ce1e46aa45b0af3fec90bc6a31d76afccfd63cd31285fe2c099eb2d7ed59a7b7466e5a41ef904dbfb6bded5fb21cd5b97a12c43f5e1cafb4a96e3729288dc7bf14517de8793f4ffa7a640d593e4d69f0504790186945b094a86259435df375fcc95e5e45e5b0e589a44b72f0b602b614bd40b453c785f3ac72d7c8d5a47f4d177a2eae3c73dc975d8f6a98b27789d88817614890d94898bc1922f8b8b0f2d15da346f485ea400f3c4c9d82250bfa68027c5e4228ad2d3bbff5608f5edb3a3905726d761e31abcd685caad26634af0e74499cf0a334de45b2e33f4c5599103adeec76f877bb2645fba470e07547fabef7215c2f408dd4300e4608ea9cfdd77f48c36d8c54d0f3de7492b7b67cc565c8cbc2e454c8eeee12564b179735021bfb0537b2b334eaecfd831f9
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604210d4d8510d411eab9db270d0fc692fe4d34d8be78d4b65e11d8d116224fcfd996da2a14fe33bc1035c0fac49e93f68ce1e46aa45b0af3fec90bc6a31d76afccfd63cd31285fe2c099eb2d7ed59a7b7466e5a41ef904dbfb6bded5fb21cd5b97a12c43f5e1cafb4a96e3729288dc7bf14517de8793f4ffa7a640d593e4d69f0504790186945b094a86259435df375fcc95e5e45e5b0e589a44b72f0b602b614bd40b453c785f3ac72d7c8d5a47f4d177a2eae3c73dc975d8f6a98b27789d88817614890d94898bc1922f8b8b0f2d15da346f485ea400f3c4c9d82250bfa68027c5e4228ad2d3bbff5608f5edb3a3905726d761e31abcd685caad26634af0e74499cf0a334de45b2e33f4c5599103adeec76f877bb2645fba470e07547fabef7215c2f408dd4300e4608ea9cfdd77f48c36d8c54d0f3de7492b7b67cc565c8cbc2e454c8eeee12564b179735021bfb0537b2b334eaecfd831f9 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://api.kelkoogroup.net
Connection: keep-alive
Cookie: kelkooID=a4c6294-186fe5f0d0a-a342; _ga=GA1.2.1247701175.1679304888; _gid=GA1.2.606756703.1679304888
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
leadId: 62A001GVZ5Y3ZE0ER11TV2KMD55N8Z
clickId: 107698148_1679304887562_179012
country: no
Request-Time: PT0.002776S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Mon, 20 Mar 2023 09:34:48 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604210d4d8510d411eab9db270d0fc692fe4d34d8be78d4b65e11d8d116224fcfd996da2a14fe33bc1035c0fac49e93f68ce1e46aa45b0af3fec90bc6a31d76afccfd63cd31285fe2c099eb2d7ed59a7b7466e5a41ef904dbfb6bded5fb21cd5b97a12c43f5e1cafb4a96e3729288dc7bf14517de8793f4ffa7a640d593e4d69f0504790186945b094a86259435df375fcc95e5e45e5b0e589a44b72f0b602b614bd40b453c785f3ac72d7c8d5a47f4d177a2eae3c73dc975d8f6a98b27789d88817614890d94898bc1922f8b8b0f2d15da346f485ea400f3c4c9d82250bfa68027c5e4228ad2d3bbff5608f5edb3a3905726d761e31abcd685caad26634af0e74499cf0a334de45b2e33f4c5599103adeec76f877bb2645fba470e07547fabef7215c2f408dd4300e4608ea9cfdd77f48c36d8c54d0f3de7492b7b67cc565c8cbc2e454c8eeee12564b179735021bfb0537b2b334eaecfd831f9&url=https%3A%2F%2Fkondomeriet.no%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono
303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604210d4d8510d411eab9db270d0fc692fe4d34d8be78d4b65e11d8d116224fcfd996da2a14fe33bc1035c0fac49e93f68ce1e46aa45b0af3fec90bc6a31d76afccfd63cd31285fe2c099eb2d7ed59a7b7466e5a41ef904dbfb6bded5fb21cd5b97a12c43f5e1cafb4a96e3729288dc7bf14517de8793f4ffa7a640d593e4d69f0504790186945b094a86259435df375fcc95e5e45e5b0e589a44b72f0b602b614bd40b453c785f3ac72d7c8d5a47f4d177a2eae3c73dc975d8f6a98b27789d88817614890d94898bc1922f8b8b0f2d15da346f485ea400f3c4c9d82250bfa68027c5e4228ad2d3bbff5608f5edb3a3905726d761e31abcd685caad26634af0e74499cf0a334de45b2e33f4c5599103adeec76f877bb2645fba470e07547fabef7215c2f408dd4300e4608ea9cfdd77f48c36d8c54d0f3de7492b7b67cc565c8cbc2e454c8eeee12564b179735021bfb0537b2b334eaecfd831f9&url=https%3A%2F%2Fkondomeriet.no%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604210d4d8510d411eab9db270d0fc692fe4d34d8be78d4b65e11d8d116224fcfd996da2a14fe33bc1035c0fac49e93f68ce1e46aa45b0af3fec90bc6a31d76afccfd63cd31285fe2c099eb2d7ed59a7b7466e5a41ef904dbfb6bded5fb21cd5b97a12c43f5e1cafb4a96e3729288dc7bf14517de8793f4ffa7a640d593e4d69f0504790186945b094a86259435df375fcc95e5e45e5b0e589a44b72f0b602b614bd40b453c785f3ac72d7c8d5a47f4d177a2eae3c73dc975d8f6a98b27789d88817614890d94898bc1922f8b8b0f2d15da346f485ea400f3c4c9d82250bfa68027c5e4228ad2d3bbff5608f5edb3a3905726d761e31abcd685caad26634af0e74499cf0a334de45b2e33f4c5599103adeec76f877bb2645fba470e07547fabef7215c2f408dd4300e4608ea9cfdd77f48c36d8c54d0f3de7492b7b67cc565c8cbc2e454c8eeee12564b179735021bfb0537b2b334eaecfd831f9&url=https%3A%2F%2Fkondomeriet.no%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Connection: keep-alive
Cookie: kelkooID=a4c6294-186fe5f0d0a-a342; _ga=GA1.2.1247701175.1679304888; _gid=GA1.2.606756703.1679304888
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 303 See Other
leadId: 62A001GVZ5Y3ZE0ER11TV2KMD55N8Z
clickId: 107698148_1679304887562_179012
country: no
Location: https://kondomeriet.no?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=PvxYcl3lki~14tjWEtlZZX9ijLjR1a74S6v4wB-9i7g8~9yLz~rYgZ_QB4XzbZ0E48mtI6365xmM_pv0v9e26Pwfrpl3vbKurWcT_-H-cP0ZocfLMVJHLxX5BqIkaIn; Max-Age=31536000; Expires=Tue, 19 Mar 2024 09:34:48 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
X-DataDome: protected
Request-Time: PT0.010662S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Mon, 20 Mar 2023 09:34:48 GMT
Content-Length: 0
kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
301 Moved Permanently 0 B URL HTTP/2 kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono HTTP/1.1
Host: kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 20 Mar 2023 09:34:48 GMT
content-length: 0
location: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aacf621dd49b51b-OSL
X-Firefox-Spdy: h2
ocsp.usertrust.com/
200 OK 471 B IP
Hash 210156c927becb8fe5c9a4a854d10ac9
342c320e1048ac610e66e6ea25d13a82ac07e20c
4abede78b1270133769a806883d3b7ace2acce21dbcc85dafb008942addd1f87
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 09:34:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 18 Mar 2023 01:51:18 GMT
Expires: Sat, 25 Mar 2023 01:51:17 GMT
Etag: "342c320e1048ac610e66e6ea25d13a82ac07e20c"
Cache-Control: max-age=603342,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1203
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aacf6233d28b4fa-OSL
api-js.datadome.co/js/
200 OK 236 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d928c33504055ff13932fe6d45054854
205035df607255701e720e45552dcf27bc0db22b
c47f053afd2412f769e36c93bf76ea6ff381597a314aa4e1e1a2c180b0cfdebc
POST /js/ HTTP/1.1
Host: api-js.datadome.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4222
Origin: https://api.kelkoogroup.net
Connection: keep-alive
Referer: https://api.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:48 GMT
content-type: application/json;charset=utf-8
content-length: 236
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f1619e65eeac4c79d93deb418bb1b740
b1c592a47ab71569364b05c87362caef4dea7c67
7c83a70b21133bb49f5e0f8e9abd1fecb1a814b754d6d26e598e7e4589564c04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Fkondomeriet.no%26custom1%3Ded1ecd9b34dc0b4c6f779ccfb614f4292a5146fcd0a9a88c9ee485f064420d41%26custom2%3D6jCRVArau2gc%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C100022613%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Kondomeriet.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1247701175.1679304888&tid=UA-168544891-6&_gid=606756703.1679304888&_r=1&cd1=&cd2=62A001GVZ5Y3ZE0ER11TV2KMD55N8Z&cd3=100022613&cd4=a4c6294-186fe5f0d0a-a342&cd5=&cd6=%7C100022613%7C&z=1986444992
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Fkondomeriet.no%26custom1%3Ded1ecd9b34dc0b4c6f779ccfb614f4292a5146fcd0a9a88c9ee485f064420d41%26custom2%3D6jCRVArau2gc%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C100022613%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Kondomeriet.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1247701175.1679304888&tid=UA-168544891-6&_gid=606756703.1679304888&_r=1&cd1=&cd2=62A001GVZ5Y3ZE0ER11TV2KMD55N8Z&cd3=100022613&cd4=a4c6294-186fe5f0d0a-a342&cd5=&cd6=%7C100022613%7C&z=1986444992
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Fkondomeriet.no%26custom1%3Ded1ecd9b34dc0b4c6f779ccfb614f4292a5146fcd0a9a88c9ee485f064420d41%26custom2%3D6jCRVArau2gc%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C100022613%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Kondomeriet.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1247701175.1679304888&tid=UA-168544891-6&_gid=606756703.1679304888&_r=1&cd1=&cd2=62A001GVZ5Y3ZE0ER11TV2KMD55N8Z&cd3=100022613&cd4=a4c6294-186fe5f0d0a-a342&cd5=&cd6=%7C100022613%7C&z=1986444992 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://api.kelkoogroup.net
Connection: keep-alive
Referer: https://api.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://api.kelkoogroup.net
date: Mon, 20 Mar 2023 09:34:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f1619e65eeac4c79d93deb418bb1b740
b1c592a47ab71569364b05c87362caef4dea7c67
7c83a70b21133bb49f5e0f8e9abd1fecb1a814b754d6d26e598e7e4589564c04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
200 OK 27 kB URL HTTP/2 www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1078), with CRLF line terminators
Hash 80400b3b1c31baa526645b1bf61e39a8
251c95b5663c15952fc75f02a4ae849d144e6d87
2739162607fcf94e325af5832ef035889066b214b48bcc19b0644787eed0a0aa
GET /?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: text/html; charset=utf-8
content-length: 27345
access-control-expose-headers: Request-Context
cache-control: public, max-age=3600
content-encoding: gzip
expires: Mon, 20 Mar 2023 10:34:48 GMT
last-modified: Mon, 20 Mar 2023 09:34:48 GMT
set-cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; expires=Sun, 28-May-2023 20:14:48 GMT; path=/; secure; HttpOnly
Kondomeriet=fa43n1qug1sa221j3gnpt4fv; path=/; secure; HttpOnly; SameSite=None
EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; Max-Age=1800; Path=/; Secure;
epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; expires=Tue, 19-Mar-2024 09:34:48 GMT; path=/; secure; HttpOnly
epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; expires=Mon, 20-Mar-2023 13:34:48 GMT; path=/; secure; HttpOnly
ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748;Path=/;HttpOnly;Secure;Domain=www.kondomeriet.no
ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.kondomeriet.no
vary: *
content-security-policy: frame-ancestors 'self' https://www.vg.no;
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7aacf6231ab11c12-OSL
X-Firefox-Spdy: h2
www.kondomeriet.no/Styles/kondomeriet.web.min.css?_=20230316105106
200 OK 54 kB URL HTTP/2 www.kondomeriet.no/Styles/kondomeriet.web.min.css?_=20230316105106
IP
File type ASCII text, with very long lines (62094), with CRLF, LF line terminators
Hash 8e48926bcaf6d2e1d0f62dc09e04f4a7
81280a85bcba65efa6e847b7604b67a92da8e3c9
4728a35ca34657e6cc84faf54dfbe1a90cbee889087e6328854bb2fc702f6fb0
GET /Styles/kondomeriet.web.min.css?_=20230316105106 HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: text/css
content-length: 53873
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
content-encoding: gzip
etag: "0416eeae450d91:0"
last-modified: Tue, 07 Mar 2023 11:06:50 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 508937
expires: Tue, 19 Mar 2024 09:34:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf625ed541c12-OSL
X-Firefox-Spdy: h2
www.kondomeriet.no/Scripts/built/prod/css/kondomeriet.main.css?_=20230316105106
200 OK 3.1 kB URL HTTP/2 www.kondomeriet.no/Scripts/built/prod/css/kondomeriet.main.css?_=20230316105106
IP
File type ASCII text, with very long lines (3111)
Hash 37b766c1a30439cc0f851b3cc492eeee
79ae73aa71439f334aa5f1d8b3fb615dbf4fb453
3e55e822c9d45ab7248362a651b51b2500c63998f19a01d0c8cb01960e535f47
GET /Scripts/built/prod/css/kondomeriet.main.css?_=20230316105106 HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: text/css
content-length: 3134
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
content-encoding: gzip
etag: "0416eeae450d91:0"
last-modified: Tue, 07 Mar 2023 11:06:50 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 508937
expires: Tue, 19 Mar 2024 09:34:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf625ed5d1c12-OSL
X-Firefox-Spdy: h2
www.kondomeriet.no/Scripts/lazysize/lazysizes.min.js
200 OK 5.4 kB URL HTTP/2 www.kondomeriet.no/Scripts/lazysize/lazysizes.min.js
IP
File type ASCII text, with very long lines (9616), with CRLF line terminators
Hash 67018e1ff434aed0b29d58f2c3b91c5a
1ed4fc6f64544b4348990bac7f338758b9ee5999
74673d5bbc27a851a4ef4ea757bd390dcab94f6935b393100d2f57393e89c783
GET /Scripts/lazysize/lazysizes.min.js HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: text/javascript
content-length: 5373
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
content-encoding: gzip
etag: "0a0c0a7a229d91:0"
last-modified: Mon, 16 Jan 2023 12:04:16 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 5272770
expires: Tue, 19 Mar 2024 09:34:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf625fd5f1c12-OSL
X-Firefox-Spdy: h2
www.kondomeriet.no/UI/kondomeriet-logo-200.png?width=190&quality=75&format=webp
200 OK 4.1 kB URL HTTP/2 www.kondomeriet.no/UI/kondomeriet-logo-200.png?width=190&quality=75&format=webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash c8e1a998eba37b332ca2e603ba27cadb
c2737449dd3ade194aa945b45a2107393f465997
86525b3f1d6067f0c70ad21302bdc1bcf857040f837f9bc1aef921452c226669
GET /UI/kondomeriet-logo-200.png?width=190&quality=75&format=webp HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/webp
content-length: 4068
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: "0x8DA42DDD2834F09"
expires: Tue, 19 Mar 2024 09:34:49 GMT
last-modified: Tue, 31 May 2022 08:16:11 GMT
vary: Accept-Encoding
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web.Episerver/5.8.0.24590
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 5272768
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf625fd611c12-OSL
X-Firefox-Spdy: h2
www.kondomeriet.no/Scripts/jquery/3.3.1.min.js?_=20230316105106
200 OK 39 kB URL HTTP/2 www.kondomeriet.no/Scripts/jquery/3.3.1.min.js?_=20230316105106
IP
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash a35850f2e03e4d63b32390ebd92c7b2e
f84b7824c41ed1042c7740e4b4eebd8684eef400
5df446a3407d7b4f094da621dbb21484ef1e2ee2abc3f2792918a9484c8dd025
GET /Scripts/jquery/3.3.1.min.js?_=20230316105106 HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: text/javascript
content-length: 38899
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
content-encoding: gzip
etag: "089a7e06256d91:0"
last-modified: Tue, 14 Mar 2023 10:51:06 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 508936
expires: Tue, 19 Mar 2024 09:34:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf625fd671c12-OSL
X-Firefox-Spdy: h2
www.kondomeriet.no/Scripts/jquery/typeahead.jquery.min.js?_=20230316105106
200 OK 10 kB URL HTTP/2 www.kondomeriet.no/Scripts/jquery/typeahead.jquery.min.js?_=20230316105106
IP
File type ASCII text, with very long lines (26753), with CRLF line terminators
Hash 82e92080cb60df362564158ce4962cdc
b3f3f6ce9bd0d5e59de2c26517aab62fb899d893
630621dc85b0e3996291c8895b85170936139700cae9f06a837722a5bfebe5a3
GET /Scripts/jquery/typeahead.jquery.min.js?_=20230316105106 HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: text/javascript
content-length: 10301
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
content-encoding: gzip
etag: "089a7e06256d91:0"
last-modified: Tue, 14 Mar 2023 10:51:06 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 508936
expires: Tue, 19 Mar 2024 09:34:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf625fd6a1c12-OSL
X-Firefox-Spdy: h2
www.kondomeriet.no/Scripts/jquery/bloodhound.min.js?_=20230316105106
200 OK 6.0 kB URL HTTP/2 www.kondomeriet.no/Scripts/jquery/bloodhound.min.js?_=20230316105106
IP
File type ASCII text, with very long lines (15125), with CRLF line terminators
Hash f8ec711c8663d3eeaf82fd3ce8bb2d94
6fdc6ec57198e5512d068a2567e6f47c444ce695
e4e5856a6b134ac97f29fd7652871dc7db9bd51d75124d4f2cd0b21926471391
GET /Scripts/jquery/bloodhound.min.js?_=20230316105106 HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: text/javascript
content-length: 5979
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
content-encoding: gzip
etag: "0416eeae450d91:0"
last-modified: Tue, 07 Mar 2023 11:06:50 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 508936
expires: Tue, 19 Mar 2024 09:34:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf625fd681c12-OSL
X-Firefox-Spdy: h2
use.typekit.net/sdg3kgd.js
200 OK 6.9 kB URL HTTP/2 use.typekit.net/sdg3kgd.js
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (2319)
Hash 4ac5580d492b18a779a1bd90d2c071d1
1fcd8de3d787f87b7fbc33ebff5e8ed0abb95d13
56b204abe8d478bcfdaf976567fbbfdf58bfba0a9ff4a5d1510f09c0608c3553
GET /sdg3kgd.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6879
date: Mon, 20 Mar 2023 09:34:49 GMT
X-Firefox-Spdy: h2
dl.episerver.net/13.5.2/epi-util/find.js
200 OK 2.3 kB URL HTTP/2 dl.episerver.net/13.5.2/epi-util/find.js
IP
File type ASCII text, with very long lines (6083), with no line terminators
Hash 8584010bbead95c01323d28ed9fa4f36
0d1855394e454510ce533e9cfef63128ac22a30b
506fbdcbd9e478e9f026f69abb8f42905a5bf3f31032b3b9ad6b701dcc6c6d20
GET /13.5.2/epi-util/find.js HTTP/1.1
Host: dl.episerver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: application/javascript
content-length: 2254
access-control-allow-origin: *
content-encoding: gzip
etag: W/"6083-1670991420000"
last-modified: Wed, 14 Dec 2022 04:17:00 GMT
vary: accept-encoding
x-powered-by: ASP.NET
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5611
expires: Tue, 21 Mar 2023 09:34:49 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf626ae880b49-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.kondomeriet.no/Scripts/kondomeriet.web.min.js?_=20230316105106
200 OK 68 kB URL HTTP/2 www.kondomeriet.no/Scripts/kondomeriet.web.min.js?_=20230316105106
IP
Hash 21ad57c7f6a215f815c8cf5d7abc5059
af57d7e89fd80d339c6e5365ca8c285a31af3590
e4e9c5a46410f4ab69a85477ca235b60b470a50508c4e6ef1bfbc04832b03f64
GET /Scripts/kondomeriet.web.min.js?_=20230316105106 HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: text/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
content-encoding: gzip
etag: "0416eeae450d91:0"
last-modified: Tue, 07 Mar 2023 11:06:50 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 508936
expires: Tue, 19 Mar 2024 09:34:49 GMT
server: cloudflare
cf-ray: 7aacf6261d861c12-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/angularjs/1.2.26/angular.min.js
200 OK 40 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/angularjs/1.2.26/angular.min.js
IP
File type ASCII text, with very long lines (598)
Hash e14b473ebb0a1af1caadf0eb50f4f59c
7098c861ab22a59b329dd9a858242b123710d590
392435b19461d906921310c83eb6a7a4f26b7f827fc15167e79c7da12908ca78
GET /ajax/libs/angularjs/1.2.26/angular.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 39970
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 21:56:27 GMT
expires: Fri, 15 Mar 2024 21:56:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 301102
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/angularjs/1.2.26/angular-sanitize.min.js
200 OK 2.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/angularjs/1.2.26/angular-sanitize.min.js
IP
File type exported SGML document, ASCII text, with very long lines (629)
Hash 2a084974f7706360f1744220362f9296
a867ceeb1060b73b2669c4aa09eaa7cab2307cc8
62fe60c74f7ec4fb507f3e45236249e0ac808332a9034897f410f885c90fa4c4
GET /ajax/libs/angularjs/1.2.26/angular-sanitize.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 2433
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 13:15:44 GMT
expires: Thu, 14 Mar 2024 13:15:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 418745
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/angularjs/1.2.26/angular-touch.min.js
200 OK 1.5 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/angularjs/1.2.26/angular-touch.min.js
IP
File type ASCII text, with very long lines (528)
Hash a5a73534369a0759547331c6ac0ef2c0
0c026004c553c9b3008a08e7dbdf4ea794c9fde3
2f1ed104f56a1e8cc96bcd30e986a9f0275bd74f26d2030bb4b105ea2c00daa6
GET /ajax/libs/angularjs/1.2.26/angular-touch.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 1528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 12:10:50 GMT
expires: Fri, 15 Mar 2024 12:10:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 336239
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.kondomeriet.no/UI/infoBomb.png
200 OK 4.0 kB URL HTTP/2 www.kondomeriet.no/UI/infoBomb.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 850a2019627b1d126c6cc4d3cba9d8f9
61b2af5856c69b9290d5a4a55599717c8cc2b116
471dbc6e17bd08aa73b6c21612e9893d7031faf3473a76695aff2b7fe10ae257
GET /UI/infoBomb.png HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/Styles/kondomeriet.web.min.css?_=20230316105106
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/webp
content-length: 4008
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4915
content-disposition: inline; filename="infoBomb.webp"
etag: "0a0c0a7a229d91:0"
last-modified: Mon, 16 Jan 2023 12:04:16 GMT
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
vary: Accept
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge
x-xss-protection: 1
cf-cache-status: HIT
age: 5152037
expires: Tue, 19 Mar 2024 09:34:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf6270e861c12-OSL
X-Firefox-Spdy: h2
www.kondomeriet.no/UI/check/spriteSheet.png
200 OK 1.8 kB URL HTTP/2 www.kondomeriet.no/UI/check/spriteSheet.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9ae31b1f3464c983217b9cf61a843610
c158a24180034357236aee137e6e1784bd30cd3f
d2a229f567cab1504dae272b4d0055216debc37108eb2c612d06a5ed40b79a2c
GET /UI/check/spriteSheet.png HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/Styles/kondomeriet.web.min.css?_=20230316105106
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/webp
content-length: 1826
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4156
content-disposition: inline; filename="spriteSheet.webp"
etag: "0a0c0a7a229d91:0"
last-modified: Mon, 16 Jan 2023 12:04:16 GMT
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
vary: Accept
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge
x-xss-protection: 1
cf-cache-status: HIT
age: 5149391
expires: Tue, 19 Mar 2024 09:34:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf6270e871c12-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/f79662/00000000000000000001417b/27/l?subset_id=2&fvd=n4&v=3
200 OK 30 kB URL HTTP/2 use.typekit.net/af/f79662/00000000000000000001417b/27/l?subset_id=2&fvd=n4&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 29708, version 1.0\012- data
Hash 145bd0e335826cb0347fd6a8c2cda055
68117dd52693ae13057140581e36c7048d242341
1bcacf5e121b7bb659f6efca3b38aaca1cc238a023b320fc67a0902b9c89ac04
GET /af/f79662/00000000000000000001417b/27/l?subset_id=2&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29708
etag: "1f70102c27b469326b62051e2f4895205dc53d4e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 20 Mar 2023 09:34:49 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/a93dec/000000000000000000013f55/27/l?subset_id=2&fvd=i4&v=3
200 OK 26 kB URL HTTP/2 use.typekit.net/af/a93dec/000000000000000000013f55/27/l?subset_id=2&fvd=i4&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 25788, version 1.0\012- data
Hash 910721e0376274f8e2c431f9fcb462d0
cbda1dba9d944f699d307d799a45b9f40fa1323e
85baa9a7983d340c1916303f83b81299c4b367de3dbe0754709a92a6852047d1
GET /af/a93dec/000000000000000000013f55/27/l?subset_id=2&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 25788
etag: "6da90fd1f4d669ac536fbab6bfc4db49a108c839"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 20 Mar 2023 09:34:49 GMT
X-Firefox-Spdy: h2
www.kondomeriet.no/UI/bgEnvelope.png
200 OK 1.6 kB URL HTTP/2 www.kondomeriet.no/UI/bgEnvelope.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash dad815cac0a745a796b04e9e79092066
f521a78917654a2ad1c4dd46a857b9908723f61b
ec1f2669001d3ec621952bcf8ef2cf5fa91089da4bf134faecbac722db7be917
GET /UI/bgEnvelope.png HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/Styles/kondomeriet.web.min.css?_=20230316105106
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/webp
content-length: 1580
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1989
content-disposition: inline; filename="bgEnvelope.webp"
etag: "0a0c0a7a229d91:0"
last-modified: Mon, 16 Jan 2023 12:04:16 GMT
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
vary: Accept
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge
x-xss-protection: 1
cf-cache-status: HIT
age: 5146000
expires: Tue, 19 Mar 2024 09:34:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf6271ea21c12-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f1619e65eeac4c79d93deb418bb1b740
b1c592a47ab71569364b05c87362caef4dea7c67
7c83a70b21133bb49f5e0f8e9abd1fecb1a814b754d6d26e598e7e4589564c04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
chimpstatic.com/mcjs-connected/js/users/2d65c9292f9b3f2b9c01816a7/bb99be309b62cddfb8626e1e5.js
200 OK 50 B URL HTTP/1.1 chimpstatic.com/mcjs-connected/js/users/2d65c9292f9b3f2b9c01816a7/bb99be309b62cddfb8626e1e5.js
IP
Hash 104d46a3208b40e8ded389332f5a78a3
4ab55ccb2972e9a3cb62c65c97308c2450a682bb
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
GET /mcjs-connected/js/users/2d65c9292f9b3f2b9c01816a7/bb99be309b62cddfb8626e1e5.js HTTP/1.1
Host: chimpstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: wRLA3bR3qLswOpt1VxitKdaMAk9lKcuw0YBufUXZrsBRQXpRjcUHWPIV8sX/aTmsaOZ9F/INGAQ=
x-amz-request-id: 72CB6C025FD4AE95
Last-Modified: Fri, 14 Aug 2020 19:50:54 GMT
ETag: "104d46a3208b40e8ded389332f5a78a3"
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 50
Server: AmazonS3
X-EdgeConnect-MidMile-RTT: 18
X-EdgeConnect-Origin-MEX-Latency: 198
Unused62: 8096267
Cache-Control: max-age=180
Expires: Mon, 20 Mar 2023 09:37:49 GMT
Date: Mon, 20 Mar 2023 09:34:49 GMT
Connection: keep-alive
use.typekit.net/af/51b3f1/00000000000000007735a0ea/30/l?subset_id=2&fvd=n4&v=3
200 OK 16 kB URL HTTP/2 use.typekit.net/af/51b3f1/00000000000000007735a0ea/30/l?subset_id=2&fvd=n4&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 16052, version 1.0\012- data
Hash d540d5373d38c6bc168ab44930a458c5
d24be235554eaf3d64cc27f238450a54107da243
c28215a16ee4079ee033d60f1db727223e69415337c9e298be3711e4866dcbb1
GET /af/51b3f1/00000000000000007735a0ea/30/l?subset_id=2&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16052
etag: "4f8db28783016354c0723d4c739dd924e409d625"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 20 Mar 2023 09:34:49 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.typekit.net/af/771564/00000000000000000001417c/27/l?subset_id=2&fvd=n7&v=3
200 OK 28 kB URL HTTP/2 use.typekit.net/af/771564/00000000000000000001417c/27/l?subset_id=2&fvd=n7&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 28492, version 1.0\012- data
Hash fd0a210932841d3a8f651d1543fc8c7b
d927bacbab237d2ddd1c053a2c1c7a2fa18c24e9
26038766af3c2478adf33fd87dced9b1798a93cfe37f91f5178e2bfc7ab074c3
GET /af/771564/00000000000000000001417c/27/l?subset_id=2&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 28492
etag: "70a1fb71652b2757dc8fcd68a60da44ecac57424"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 20 Mar 2023 09:34:49 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/58214a/00000000000000007735a0ef/30/l?subset_id=2&fvd=n3&v=3
200 OK 15 kB URL HTTP/2 use.typekit.net/af/58214a/00000000000000007735a0ef/30/l?subset_id=2&fvd=n3&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 15268, version 1.0\012- data
Hash 45cfffeeda86d6d9eff8a293e81e5990
a4d5add0b192f92dd6234c9a4918f7b5636aa16a
384c3be58e5e9000f2a813091a8575d8ea477fb28bf90580c8fbe93df7abee10
GET /af/58214a/00000000000000007735a0ef/30/l?subset_id=2&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 15268
etag: "b574b52371b22477e3607c09b10a0fd49cad6678"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 20 Mar 2023 09:34:49 GMT
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-TFD74N
200 OK 92 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TFD74N
IP
File type ASCII text, with very long lines (27982)
Hash c7463a06af248d449d155d4cbf3910d6
8eadb4293f4b41764fe115a938c684eb270f7718
b53d0bacac21102695d633f90d9ffef1df1bb9b6993a11619aa5cd840558649b
GET /gtm.js?id=GTM-TFD74N HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Mar 2023 09:34:49 GMT
expires: Mon, 20 Mar 2023 09:34:49 GMT
cache-control: private, max-age=900
last-modified: Mon, 20 Mar 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91748
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.kondomeriet.no/favicon-16x16.png
200 OK 322 B URL HTTP/2 www.kondomeriet.no/favicon-16x16.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8182fe8edfe25ef654e1649405580ef4
d90d87fe34da0377782722f1200d5f9111ebb790
87b02bd68a5e1e9973da594d1f80b953b7ba042e5d743bcd79dad8dbbe989010
GET /favicon-16x16.png HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/webp
content-length: 322
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=772
content-disposition: inline; filename="favicon-16x16.webp"
etag: "0a0c0a7a229d91:0"
last-modified: Mon, 16 Jan 2023 12:04:16 GMT
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
vary: Accept
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge
x-xss-protection: 1
cf-cache-status: HIT
age: 5149485
expires: Tue, 19 Mar 2024 09:34:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf6285fc01c12-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/6f8ff4/00000000000000007735a0e6/30/l?subset_id=2&fvd=n7&v=3
200 OK 15 kB URL HTTP/2 use.typekit.net/af/6f8ff4/00000000000000007735a0e6/30/l?subset_id=2&fvd=n7&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 15312, version 1.0\012- data
Hash a487d437c127b9aff9ca2bef04b29536
b7d9989da9102e8f87e2be22ebd23afe742cc0af
214fbc54914fa83793461c5caee0afc4738eabcfa3e2bb3ed724c7e9ebcd805f
GET /af/6f8ff4/00000000000000007735a0e6/30/l?subset_id=2&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 15312
etag: "1107daf6b5f1b8b5473514d1144a2321ee84cceb"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 20 Mar 2023 09:34:49 GMT
X-Firefox-Spdy: h2
www.kondomeriet.no/favicon-192x192.png
200 OK 6.4 kB URL HTTP/2 www.kondomeriet.no/favicon-192x192.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash a0ae3d22dd17324e5155ac0ffeaa86f9
ec73a0d9daf561413f3a8dd12ab773bb37b114b6
9faf7f38912783d3d075e2af8d6b104caa5c8c1b5c87f68d5326260f65fb0833
GET /favicon-192x192.png HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/webp
content-length: 6410
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=11308
content-disposition: inline; filename="favicon-192x192.webp"
etag: "0416eeae450d91:0"
last-modified: Tue, 07 Mar 2023 11:06:50 GMT
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
vary: Accept
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge
x-xss-protection: 1
cf-cache-status: HIT
age: 293604
expires: Tue, 19 Mar 2024 09:34:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf6285fbf1c12-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/cf5efb/00000000000000007735b6e0/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
200 OK 67 kB URL HTTP/2 use.typekit.net/af/cf5efb/00000000000000007735b6e0/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 67216, version 1.0\012- data
Hash 8cb176625b4aae08ee1e755813c67b47
d96eabafae48e90f02b6e5e68a3bea40081a3f96
fa44aa34c225f444e0812ed485c299157d29ad5676b481affbf758621f35dc35
GET /af/cf5efb/00000000000000007735b6e0/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 67216
etag: "8c91a5ab4cf574d2d9b2e0c79a519f778636381a"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 20 Mar 2023 09:34:49 GMT
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=1&k=sdg3kgd&ht=tk&h=www.kondomeriet.no&f=1699.1700.1703.15759.15760.15761.41842&a=600318&js=1.21.0&app=typekit&e=js&_=1679304889824
200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=sdg3kgd&ht=tk&h=www.kondomeriet.no&f=1699.1700.1703.15759.15760.15761.41842&a=600318&js=1.21.0&app=typekit&e=js&_=1679304889824
IP
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=sdg3kgd&ht=tk&h=www.kondomeriet.no&f=1699.1700.1703.15759.15760.15761.41842&a=600318&js=1.21.0&app=typekit&e=js&_=1679304889824 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
date: Mon, 20 Mar 2023 09:34:49 GMT
X-Firefox-Spdy: h2
www.kondomeriet.no/globalassets/3---bannerbilder-fra-apr2022/2022/juni/the-handy-20-prosent-hero.jpg?width=800&quality=80
200 OK 30 kB URL HTTP/2 www.kondomeriet.no/globalassets/3---bannerbilder-fra-apr2022/2022/juni/the-handy-20-prosent-hero.jpg?width=800&quality=80
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x437, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 76ff7e367cb1b80b4c036f4c2ac774cd
2fcc34ff71d7b88ee40d6139d5fbcec138d03985
58d238c4852f9ddae94e9406689b7b0b859996163784660cf64ad31be3aaae5a
GET /globalassets/3---bannerbilder-fra-apr2022/2022/juni/the-handy-20-prosent-hero.jpg?width=800&quality=80 HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/webp
content-length: 29842
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=32669
content-disposition: inline; filename="the-handy-20-prosent-hero.webp"
etag: "0x8DA4C5C69D6EF9A"
expires: Tue, 19 Mar 2024 09:34:49 GMT
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web.Episerver/5.8.0.24590
last-modified: Sun, 12 Jun 2022 10:15:02 GMT
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
vary: Accept
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge
x-xss-protection: 1
cf-cache-status: HIT
age: 219256
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf62928981c12-OSL
X-Firefox-Spdy: h2
www.kondomeriet.no/globalassets/aa_produktbilder/for-menn/spennende-varianter/118814_thehandy.jpg?width=205&quality=75&format=webp
200 OK 3.9 kB URL HTTP/2 www.kondomeriet.no/globalassets/aa_produktbilder/for-menn/spennende-varianter/118814_thehandy.jpg?width=205&quality=75&format=webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 205x284, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 623cd40f99e8ba801de603a896ca0f74
ab1bb4ef83f926aeec1d67937af0871fe274065b
0fd6d68b980f1f6c455f6ea4f70fd29a8228b5a7f8de764a85ac3badbd493206
GET /globalassets/aa_produktbilder/for-menn/spennende-varianter/118814_thehandy.jpg?width=205&quality=75&format=webp HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/webp
content-length: 3940
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: "0x8DA42DF8EE6F6E0"
expires: Tue, 19 Mar 2024 09:34:49 GMT
last-modified: Tue, 31 May 2022 08:28:36 GMT
vary: Accept-Encoding
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web.Episerver/5.8.0.24590
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 5222296
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf62928991c12-OSL
X-Firefox-Spdy: h2
www.kondomeriet.no/globalassets/1---produktbilder-ny-2022/div-eropartner/masturbator/121241-svakom-connexion-series-sam-neo-interactive-masurbator-1.png?width=205&quality=75&format=webp
200 OK 3.6 kB URL HTTP/2 www.kondomeriet.no/globalassets/1---produktbilder-ny-2022/div-eropartner/masturbator/121241-svakom-connexion-series-sam-neo-interactive-masurbator-1.png?width=205&quality=75&format=webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 205x284, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aa32b9d286ca71fea4e14803daccb09d
dc1942a3fb249257f2db003357023ad240f4fceb
5f7b087910036b92a00937f02013d8959f3a9e68bb428bb73430def44a82dcac
GET /globalassets/1---produktbilder-ny-2022/div-eropartner/masturbator/121241-svakom-connexion-series-sam-neo-interactive-masurbator-1.png?width=205&quality=75&format=webp HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/webp
content-length: 3604
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: "0x8DB23A0F0FECF7F"
expires: Tue, 19 Mar 2024 09:34:49 GMT
last-modified: Mon, 13 Mar 2023 08:57:14 GMT
vary: Accept-Encoding
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web.Episerver/5.8.0.24590
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 606568
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf629289c1c12-OSL
X-Firefox-Spdy: h2
www.kondomeriet.no/UI/Icons/chat.svg
200 OK 6.5 kB URL HTTP/2 www.kondomeriet.no/UI/Icons/chat.svg
IP
Hash 7ebcd49595bffc7ef1dcb8724b46b793
fad26b470d43b9a0fc1e8b843b12192c145983ce
47c5908aa947dcff95b781248d58ccb9ec79ca1fd303a4754579318b384c6ed0
GET /UI/Icons/chat.svg HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/Styles/kondomeriet.web.min.css?_=20230316105106
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: W/"0a0c0a7a229d91:0"
last-modified: Mon, 16 Jan 2023 12:04:16 GMT
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 5272769
expires: Tue, 19 Mar 2024 09:34:49 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aacf6282f871c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.kondomeriet.no/globalassets/aa_produktbilder/spennende-varianter-kvinner/womanizer/118286-womanizer-liberty-rod-med-eske.jpg?width=205&quality=75&format=webp
200 OK 8.0 kB URL HTTP/2 www.kondomeriet.no/globalassets/aa_produktbilder/spennende-varianter-kvinner/womanizer/118286-womanizer-liberty-rod-med-eske.jpg?width=205&quality=75&format=webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 205x284, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 75d73e468c418d51b55be8faa6779c6e
94e0f069ae5da7e12c97363bc2552a3dda9cfebf
db792be858a48a461d127107987c6188f3dd9caac1aeb9abde11e6940dcc6c9e
GET /globalassets/aa_produktbilder/spennende-varianter-kvinner/womanizer/118286-womanizer-liberty-rod-med-eske.jpg?width=205&quality=75&format=webp HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/webp
content-length: 8016
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: "0x8DA42DF4A85AD48"
expires: Tue, 19 Mar 2024 09:34:49 GMT
last-modified: Tue, 31 May 2022 08:26:42 GMT
vary: Accept-Encoding
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web.Episerver/5.8.0.24590
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 5272285
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf629289d1c12-OSL
X-Firefox-Spdy: h2
az416426.vo.msecnd.net/scripts/a/ai.0.js
200 OK 22 kB URL HTTP/2 az416426.vo.msecnd.net/scripts/a/ai.0.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash affc2b93a9fc23bbba65931b19b1e12c
a175097d2aa7ffb4b54193f197f296ab57967308
1c383d5958a56ed0858150b049c83da4d4b31a4ac05314ae9a4f623933a3df25
GET /scripts/a/ai.0.js HTTP/1.1
Host: az416426.vo.msecnd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 669
cache-control: public, max-age=1800
content-md5: HdY95yzx9wIyQkVEGES+Ew==
content-type: application/x-javascript
date: Mon, 20 Mar 2023 09:34:49 GMT
etag: 0x8D8E461DA1A5889
expires: Mon, 20 Mar 2023 10:04:49 GMT
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (ska/F773)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-meta-lastmodified: 2020-10-01 19:31:04
x-ms-request-id: 8baab331-a01e-0038-330d-5be18b000000
x-ms-version: 2009-09-19
content-length: 22495
X-Firefox-Spdy: h2
www.kondomeriet.no/InventoryService/get
200 OK 150 B URL HTTP/2 www.kondomeriet.no/InventoryService/get
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash f6eec08e632b06f6060a382e58a30a64
092b59cd958229c1b50a51c644d64061d048bbb8
c6d0ca69d506dab786ec1c470d83390723d1fb421f46ed0378b9e1c3565b369a
GET /InventoryService/get HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: application/json; charset=utf-8
content-length: 150
access-control-expose-headers: Request-Context
cache-control: private
content-encoding: gzip
set-cookie: EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; Max-Age=1800; Path=/; Secure;
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' https://www.vg.no;
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7aacf62958e91c12-OSL
X-Firefox-Spdy: h2
www.kondomeriet.no/productcomparison/detailed?language=no
200 OK 122 B URL HTTP/2 www.kondomeriet.no/productcomparison/detailed?language=no
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 219601262e5849b426d2146cd74dbde7
fed887e27c1e10779c0a509f1eec7113afec39eb
1d2d28a41d69192ea717f219365e798c6b378a817a9a051403f99bc5105ac7ca
GET /productcomparison/detailed?language=no HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Request-Id: |4j5a.Um+45
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ai_user=yIGlv|2023-03-20T09:34:49.979Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: application/json; charset=utf-8
content-length: 122
access-control-expose-headers: Request-Context
cache-control: private
content-encoding: gzip
set-cookie: EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; Max-Age=1800; Path=/; Secure;
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' https://www.vg.no;
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7aacf629a9121c12-OSL
X-Firefox-Spdy: h2
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
200 OK 68 kB URL HTTP/1.1 downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
IP
File type ASCII text, with very long lines (65526)
Hash 2590a8d2f1d3e28952235825b944acd4
c333133b474863c4d60db89178f58296c651beec
1f65b3d19ea3855f95b03751ee84354c6c9293e1de2109cd4c0827322e1555ec
GET /js/signup-forms/popup/unique-methods/embed.js HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 20 Jan 2023 18:27:57 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: br
Date: Mon, 20 Mar 2023 09:04:05 GMT
ETag: W/"3281ba63652083b7a938a78b62fe19d4"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6p8f3YxzjrS9uIolNbrPyhSvhiXeYu0n88KpxGE_gscsRgWgGyP6_Q==
Age: 1845
Vary: Accept-Encoding, Origin
s.kk-resources.com/leadtag.js
200 OK 2.6 kB URL HTTP/1.1 s.kk-resources.com/leadtag.js
IP
File type C source, ASCII text, with very long lines (6988)
Hash 451cbed513c586c489e0871f9fd9ebf5
274ee82e54a6afb6a3fb19d06a955412f60c87fc
5cb763e2d2e259ee43696720a1311a6929982a5c9ab63be3f9d67de55ff82602
GET /leadtag.js HTTP/1.1
Host: s.kk-resources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2608
Connection: keep-alive
X-Gravitee-Transaction-Id: 630e2f07-0c02-4dcf-8e2f-070c02fdcfee
X-Gravitee-Request-Id: 630e2f07-0c02-4dcf-8e2f-070c02fdcfee
ETag: "012a2b9b5a9cb8eb8485c40f282ba6dc8f499dac"
Request-Time: 16
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Mon, 27 Feb 2023 13:51:34 GMT
Content-Encoding: gzip
Date: Mon, 20 Mar 2023 08:38:54 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WP6KEgwUsvmZc33SZu4bKDGcxkS01ybTVE3jyJpt7Ehn_Uasl5_c9g==
Age: 3356
extend.vimeocdn.com/ga/128766062.js
200 OK 5.6 kB URL HTTP/2 extend.vimeocdn.com/ga/128766062.js
IP
File type Unicode text, UTF-8 text, with very long lines (16858)
Hash 83eba8b0e75ce00d93d7044d0c3a9851
37daa8e5ded997f29c16bfe8fee8bf22ce7ab563
9216d6f8c1b56658ddb12c7e3ea1003b81aead850e2a8c99c014a2bcf5112d34
GET /ga/128766062.js HTTP/1.1
Host: extend.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Thu, 01 Sep 2022 18:23:26 GMT
etag: "421e-5e7a1b598e380-gzip"
expires: Sun, 29 Aug 2032 19:32:02 GMT
content-encoding: gzip
x-bapp-server: assets-67ff759c65-v5tqh
x-vimeo-dc: ge
timing-allow-origin: *
content-type: text/javascript; charset=utf-8
accept-ranges: bytes
date: Mon, 20 Mar 2023 09:34:50 GMT
via: 1.1 varnish
age: 17244168
x-served-by: cache-hel1410024-HEL
x-cache: HIT
x-cache-hits: 95601
x-timer: S1679304890.054672,VS0,VE0
vary: Accept-Encoding
cache-control: max-age=86400
content-length: 5579
X-Firefox-Spdy: h2
www.kondomeriet.no/globalassets/aa_produktbilder/spennende-varianter-kvinner/womanizer/118284-womanizer-liberty-lilla-med-eske.jpg?width=205&quality=75&format=webp
200 OK 6.5 kB URL HTTP/2 www.kondomeriet.no/globalassets/aa_produktbilder/spennende-varianter-kvinner/womanizer/118284-womanizer-liberty-lilla-med-eske.jpg?width=205&quality=75&format=webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 205x284, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dd2f45c2395ab44edc6535b352c69df8
68403402eef22be9d7f0c8dc81c71a65e6370a19
99cfd1247547bce7da95eabd4e4a6d02566a611b2940e151c500ca397a31869b
GET /globalassets/aa_produktbilder/spennende-varianter-kvinner/womanizer/118284-womanizer-liberty-lilla-med-eske.jpg?width=205&quality=75&format=webp HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ai_user=yIGlv|2023-03-20T09:34:49.979Z; _gcl_au=1.1.1456433424.1679304890; ai_session=VA9xf|1679304890066|1679304890066; kk_leadtag=true; kelkooId=a4c6294-186fe5f0d0a-a342
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:50 GMT
content-type: image/webp
content-length: 6526
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: "0x8DA42DF691CF072"
expires: Tue, 19 Mar 2024 09:34:50 GMT
last-modified: Tue, 31 May 2022 08:27:33 GMT
vary: Accept-Encoding
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web.Episerver/5.8.0.24590
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 5230631
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf62b6a931c12-OSL
X-Firefox-Spdy: h2
www.kondomeriet.no/globalassets/1---produktbilder-ny-2022/wowtech/womanizer/121132-womanizer-duo2-black-1.png?width=205&quality=75&format=webp
200 OK 5.9 kB URL HTTP/2 www.kondomeriet.no/globalassets/1---produktbilder-ny-2022/wowtech/womanizer/121132-womanizer-duo2-black-1.png?width=205&quality=75&format=webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 205x284, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 541942488906f6cfdd09b4d657764c44
bf3459e9c0df0d1ed85dfd5c7a3a357fd77506ae
e1ded26f84d9c09c5487f042c2669f5335c2d2f0c0e77ab8234cb1f82b3dcc13
GET /globalassets/1---produktbilder-ny-2022/wowtech/womanizer/121132-womanizer-duo2-black-1.png?width=205&quality=75&format=webp HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ai_user=yIGlv|2023-03-20T09:34:49.979Z; _gcl_au=1.1.1456433424.1679304890; ai_session=VA9xf|1679304890066|1679304890066; kk_leadtag=true; kelkooId=a4c6294-186fe5f0d0a-a342
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:50 GMT
content-type: image/webp
content-length: 5850
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: "0x8DAD9BE3484E8A8"
expires: Tue, 19 Mar 2024 09:34:50 GMT
last-modified: Fri, 09 Dec 2022 08:20:17 GMT
vary: Accept-Encoding
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web.Episerver/5.8.0.24590
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 5271809
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf62b6a961c12-OSL
X-Firefox-Spdy: h2
www.kondomeriet.no/globalassets/1---produktbilder-ny-2022/kondomeriet/iselin-bokser/121193-feel-desire-by-iselin-1.png?width=205&quality=75&format=webp
200 OK 6.2 kB URL HTTP/2 www.kondomeriet.no/globalassets/1---produktbilder-ny-2022/kondomeriet/iselin-bokser/121193-feel-desire-by-iselin-1.png?width=205&quality=75&format=webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 205x284, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 85c224ea00d7247fb514b25e75164f85
1388818d787a65a577f85dc31d7a3f6c9c018c63
748b5bc42a7f5c072cbf434b6cf8b9f190696ec77a91081b16990cf12ed10f05
GET /globalassets/1---produktbilder-ny-2022/kondomeriet/iselin-bokser/121193-feel-desire-by-iselin-1.png?width=205&quality=75&format=webp HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ai_user=yIGlv|2023-03-20T09:34:49.979Z; _gcl_au=1.1.1456433424.1679304890; ai_session=VA9xf|1679304890066|1679304890066; kk_leadtag=true; kelkooId=a4c6294-186fe5f0d0a-a342
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:50 GMT
content-type: image/webp
content-length: 6152
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: "0x8DB05CCB53E618A"
expires: Tue, 19 Mar 2024 09:34:50 GMT
last-modified: Fri, 03 Feb 2023 09:54:57 GMT
vary: Accept-Encoding
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web.Episerver/5.8.0.24590
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 3886793
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf62b6aa01c12-OSL
X-Firefox-Spdy: h2
status.thawte.com/
200 OK 471 B IP
Hash 62065a74992c35b461e817720460c43f
6681b5d2de7288fc5ed9111f0fb6e48f741f0212
f5a7d23752976006ba6c9eff4cfa0d1ea13e682564f49216e49a43d2903ab682
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4476
Cache-Control: max-age=115853
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:50 GMT
Etag: "641738cb-1d7"
Expires: Tue, 21 Mar 2023 17:45:43 GMT
Last-Modified: Sun, 19 Mar 2023 16:31:07 GMT
Server: ECAcc (ska/F77E)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
200 OK 471 B IP
Hash 62065a74992c35b461e817720460c43f
6681b5d2de7288fc5ed9111f0fb6e48f741f0212
f5a7d23752976006ba6c9eff4cfa0d1ea13e682564f49216e49a43d2903ab682
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4021
Cache-Control: max-age=115397
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:50 GMT
Etag: "641738cb-1d7"
Expires: Tue, 21 Mar 2023 17:38:07 GMT
Last-Modified: Sun, 19 Mar 2023 16:31:07 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
s.kelkoogroup.net/k.gif
200 OK 0 B IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: etag
Referer: https://www.kondomeriet.no/
Origin: https://www.kondomeriet.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 9b98b72b-6f87-4b55-98b7-2b6f876b5586
X-Gravitee-Request-Id: 9b98b72b-6f87-4b55-98b7-2b6f876b5586
Vary: Origin
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://www.kondomeriet.no
Access-Control-Allow-Headers: etag
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Date: Mon, 20 Mar 2023 09:34:50 GMT
content-length: 0
s.kelkoogroup.net/k.gif
200 OK 43 B IP
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
ETag: a2Vsa29vSWQ9YTRjNjI5NC0xODZmZTVmMGQwYS1hMzQy
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 3eaba321-35f6-4248-aba3-2135f642485d
X-Gravitee-Request-Id: 3eaba321-35f6-4248-aba3-2135f642485d
ETag: a2Vsa29vSWQ9YTRjNjI5NC0xODZmZTVmMGQwYS1hMzQy
Vary: *,Origin
Pragma: no-cache
Expires: 0
Request-Time: 0
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Last-Modified: Fri, 01 Jan 2010 00:00:00 GMT
Access-Control-Allow-Origin: https://www.kondomeriet.no
Access-Control-Expose-Headers: ETag
Access-Control-Allow-Credentials: true
Date: Mon, 20 Mar 2023 09:34:50 GMT
Content-Type: image/gif
content-length: 43
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFDSCCBC77U7HEM9ODG0&lib=ttq
200 OK 1.1 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFDSCCBC77U7HEM9ODG0&lib=ttq
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2302)
Hash c1440b9088c9897b4845bbf352613d2f
d8d98d0528bb28c713a79672d614991c964ffc77
eda95cbecd55f645c531d5cdf59ed416d1f3701aa2913591e09c23f44b12c53a
GET /i18n/pixel/events.js?sdkid=CFDSCCBC77U7HEM9ODG0&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2023032009345067E2110B275C3191EFDB
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60787dee798e7afc9c5500f386c65d6ca1dd9fe465be42bc6d44de4bf4cbe689b53177e3295eda3e457984418da76a4d970b838f5eb446e6f8940265a536adccdd0f41c40fc63a23c54c317b5349f2d68c
content-encoding: gzip
expires: Mon, 20 Mar 2023 09:34:50 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 20 Mar 2023 09:34:50 GMT
content-length: 1137
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
vary: Accept-Encoding
set-cookie: _ttp=2NGyopRedpgOVK2VUkkUXRv7mj8; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=102
x-origin-response-time: 102,23.36.79.28
x-akamai-request-id: 2f003058
X-Firefox-Spdy: h2
www.kondomeriet.no/globalassets/aa_produktbilder/strukturpakker/119438_womanizer-libertypakke-rod-med-rens_nyrens.jpg?width=205&quality=75&format=webp
200 OK 9.6 kB URL HTTP/2 www.kondomeriet.no/globalassets/aa_produktbilder/strukturpakker/119438_womanizer-libertypakke-rod-med-rens_nyrens.jpg?width=205&quality=75&format=webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 205x284, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d9e81a967165c04c65e0768404ad3836
7c2e6dc2f8b2dbd262ce6a6e13367d16717b18ad
1c34efc99d97bd37ea5e5013d363810e499e76eb700ffa4f19e1a3371b6b7f8a
GET /globalassets/aa_produktbilder/strukturpakker/119438_womanizer-libertypakke-rod-med-rens_nyrens.jpg?width=205&quality=75&format=webp HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ai_user=yIGlv|2023-03-20T09:34:49.979Z; _gcl_au=1.1.1456433424.1679304890; ai_session=VA9xf|1679304890066|1679304890066; kk_leadtag=true; kelkooId=a4c6294-186fe5f0d0a-a342; _ga_P3QPV1X7WT=GS1.1.1679304890.1.0.1679304890.60.0.0; _ga=GA1.1.1344664901.1679304890; kk_au=1.1.1058055447.1679304890
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:50 GMT
content-type: image/webp
content-length: 9568
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: "0x8DA42DDD25A753C"
expires: Tue, 19 Mar 2024 09:34:50 GMT
last-modified: Tue, 31 May 2022 08:16:11 GMT
vary: Accept-Encoding
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web.Episerver/5.8.0.24590
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 5271683
accept-ranges: bytes
server: cloudflare
cf-ray: 7aacf62c5bd41c12-OSL
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
200 OK 66 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 0315597028802fbc81ea829093ff7d7d
d0f1d8243437546f785338f1694187f28d09012d
6c4ede99d8b8d80ac7ab7ea334b13e68c2eec85360facfdaf76905b0e09ccbc6
GET /i18n/pixel/static/main.MTE3ZGZjMmFkMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Cookie: _ttp=2NGyopRedpgOVK2VUkkUXRv7mj8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230221145349D8F9ABDB8DC3C0D68208
x-tt-trace-host: 01bb469d8a759a907b671c89f934679301bb550c3c66d911ef5acdfa9e308af0040737830cc9d03386c3307ac1b95412f7159ab1382b9e54de53eca4dd9d96a5ba540c63d2f8c43290a3140f13d58bb5ddd96d222444a5043bdcd754420e1624e1
content-encoding: gzip
content-length: 66240
date: Mon, 20 Mar 2023 09:34:50 GMT
x-cache: TCP_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 2f00313c
X-Firefox-Spdy: h2
dc.services.visualstudio.com/v2/track
200 OK 0 B URL HTTP/2 dc.services.visualstudio.com/v2/track
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Referer: https://www.kondomeriet.no/
Origin: https://www.kondomeriet.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Mon, 20 Mar 2023 09:34:49 GMT
content-length: 0
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 681bc25d1e648965a9374cc7da238fd5
bb973302d1b656e343013fe741d0d54bfe33b15e
2d381181d954e35610fb06daba8df86d7abb4b823e87de97276e0bd81af03669
GET /i18n/pixel/static/identify_cab4d.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Cookie: _ttp=2NGyopRedpgOVK2VUkkUXRv7mj8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 202302211453357ED32E9CB4A234CC4054
x-tt-trace-host: 015ddd7329836f23ed04aa0dd6eae000e61dfb35b73ddd0ea6d3f361692c7f8399f836da754548664a9d56a317cca937197d586aef26ea8efc3380c784f4b6030804835a6b84edf6ba964a401008dbe475da2a7be38cb7b795f8af41aeb5068142
content-encoding: gzip
date: Mon, 20 Mar 2023 09:34:50 GMT
content-length: 30779
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 2f0031e8
X-Firefox-Spdy: h2
dc.services.visualstudio.com/v2/track
200 OK 96 B URL HTTP/2 dc.services.visualstudio.com/v2/track
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 2ee7cd60efbcecd637b47aa13ae50fc6
ed1a946b89fa78f57878b202706a785455ccd0f3
99d09a532a56f83dd0d60f123a37df7d709e25d78e18cc65c75ce75bab10f8d0
POST /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Sdk-Context: appId
Content-Length: 2212
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-ms-session-id: C177DCB0-36A1-4133-89A6-D85F5FC40821
strict-transport-security: max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Mon, 20 Mar 2023 09:34:49 GMT
content-length: 96
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6f0dd79b56dd9304aeda92ff826d098f
eceb133a75f39b8ee21269814bae7c77a5fdc38e
87e559bed86ebcb242349ab4b74b8c11820b7b290cecdd0b564c016a51b89690
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 20 Mar 2023 08:12:29 GMT
expires: Mon, 20 Mar 2023 10:12:29 GMT
cache-control: public, max-age=7200
age: 4941
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mc.us18.list-manage.com/subscribe/form-settings?u=2d65c9292f9b3f2b9c01816a7&id=b200aa5c13&u=2d65c9292f9b3f2b9c01816a7&id=b200aa5c13&c=dojo_request_script_callbacks.dojo_request_script0
200 OK 6.8 kB URL HTTP/2 mc.us18.list-manage.com/subscribe/form-settings?u=2d65c9292f9b3f2b9c01816a7&id=b200aa5c13&u=2d65c9292f9b3f2b9c01816a7&id=b200aa5c13&c=dojo_request_script_callbacks.dojo_request_script0
IP
File type ASCII text, with very long lines (14582), with no line terminators
Hash 7b0f458891b8a89d9762d73883156b10
ab112556ff7db90021d5f80cca454e77aafa45d4
f4750faf03ad470800fdc9584a306b5aed108f248a28d0bf372b0f6ad9319d01
GET /subscribe/form-settings?u=2d65c9292f9b3f2b9c01816a7&id=b200aa5c13&u=2d65c9292f9b3f2b9c01816a7&id=b200aa5c13&c=dojo_request_script_callbacks.dojo_request_script0 HTTP/1.1
Host: mc.us18.list-manage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
referrer-policy: same-origin
x-ua-compatible: IE=edge,chrome=1
content-encoding: gzip
x-cloud-trace-context: e24a18c37561b17281543d01dfd7a4e6
server: Google Frontend
content-length: 6795
cache-control: private, max-age=80
expires: Mon, 20 Mar 2023 09:36:10 GMT
date: Mon, 20 Mar 2023 09:34:50 GMT
vary: Accept-Encoding
set-cookie: _abck=C9D08AACA645ADC451D94185D480D4D0~-1~YAAQrU0kF4fkeOSGAQAAghhf/gkjXwfcoVpELsHO57+MZQCUKbGgz4dkVDT5G+dI5IzMilXPiJYVXd4dUhuw6CFDjwpE7wkTMk0wdRihs9/wSD+FVL+hCBVChDKURTWAIU2roG5u/GBSNRrhz6+TGiEeZf+uG3vRtOPaWshCvWGesb5PxRbGh553lxYnRr0e/dJ1jbbw9en+HGA99yr04J3xoCouSHmg1WG3m4iZ2XKRqrEFvTyZRcImVIBmWt+FlTRmZ00GCgqYsDKT9OVZk3sLWIO1Egr5NdBq6NWI+gT5JiFdNy0RKIW+gqYZ/bwJ6/66d2RYIbvos2Qwb+32G/p5kPidmbB/qQD66Fmco9c43Ur2fttc4LbghA9SgJgcTWI=~-1~-1~-1; Domain=.list-manage.com; Path=/; Expires=Tue, 19 Mar 2024 09:34:50 GMT; Max-Age=31536000; SameSite=None; Secure
ak_bmsc=F0D6F615420A4070C500A87211B3EF97~000000000000000000000000000000~YAAQrU0kF4jkeOSGAQAAghhf/hOiXJmobgdfsZpyr8a+xpbhqEo6079MrqeSkqDru+HS/W62E0amtYux5P0m6n8ne+QiH78FSKCiUXw2s/s/0WzouhpKCpV08Xlw/R84PzwRx4UwU6bfziWQMcPz9mKfySDdb/L4pNFd6AL+S72oDfBx+1utm3NU3d54x6+Ynmj8XzXQoj3Dv02lprjbRyc4JUKYPDSba4PrfzKIGgORh9ZXHNqxTjqvSnkW88Fns2wjkCZOvqoUrzc9hc1h3/1EZnhV59uCXWoS7TnLAiVGD6yC/eVfmEkbKJ4JQoE5oqs0v/cNZ3AFsuPYXMT6XuVzuM/kXdxdLAY9zsxjpVCdx3jNEpTKYpIO+1VhhJVDmlxrSUGGhm7nru1jK/MzuyAGtw==; Domain=.us18.list-manage.com; Path=/; Expires=Mon, 20 Mar 2023 11:34:50 GMT; Max-Age=7200; SameSite=None; Secure; HttpOnly
bm_sz=D73A923E88AE6B4C93DA7A6C8D7C5B19~YAAQrU0kF4nkeOSGAQAAghhf/hPzgQi/GASMB77/xdnT0W62wLEEpElxac5iZSapxAxwyoVmkcAeLkzf3N2CpHFgGpQL5jM/DAaLo9q5ytMtm5aUf1hv2lOnRaqZq1wYdjS+U4jwrvaZU5mYh4q8mLQah71LHzj7Wfil1ht8iqHhMKNlmuQvIP2maMjJ8ADoY6CiRbiiDjRbx1MtJ+ivCjXzGyfK5vSEtHhdKW72HR7D1Na8N5YJtI/2D/x1PgLQMqU3T+9qTRb2gXpvngx+aeIXfKvlAsYGCkh7Ja+quU9K0Hm9hm1pKQ==~3421241~4338482; Domain=.list-manage.com; Path=/; Expires=Mon, 20 Mar 2023 13:34:50 GMT; Max-Age=14400; SameSite=None; Secure
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d2f260fb0ba00b3698356095b00d68fc
f3445f67687111fb7c16ccd1ba8112a35b8339e0
edc0b07275f6982c49fc65e38c10a89a02b36969f2997fd5587bacf66386c468
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4404
Cache-Control: max-age=116536
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:50 GMT
Etag: "64173bbe-1d7"
Expires: Tue, 21 Mar 2023 17:57:06 GMT
Last-Modified: Sun, 19 Mar 2023 16:43:42 GMT
Server: ECAcc (ska/F77E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2eb57e50cf85e854f2979aae08edfbbd
c1d8f0aa625a907989b1eedd64dfaa8b59f73d14
e36ae9f68c31c5d9f1eb6a96b26f97b94b8d61f8a47aa1c576bc0f816e3a2e14
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e64fc6f9ae4228dd2fc48d61e1d8841
ae781abd01bae215d2ccc65fe308aaa4e3df6706
f8f424b8de4cb7cea5608432bbad1786f02cbc7e3c111f5d395288065f134fa0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/gtm/optimize.js?id=GTM-WRS6PG3
200 OK 46 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=GTM-WRS6PG3
IP
File type ASCII text, with very long lines (2485)
Hash f6738333c7e3d1d58b49b818f94a5b50
35f8c2e5d979068fdef22b726972f0a31b47b984
fb97d84d9c8dd9aa6751e38f76b378d4f7d7c963119e4ad7a8f2e131ecb2eb2e
GET /gtm/optimize.js?id=GTM-WRS6PG3 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Mar 2023 09:34:50 GMT
expires: Mon, 20 Mar 2023 09:34:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e64fc6f9ae4228dd2fc48d61e1d8841
ae781abd01bae215d2ccc65fe308aaa4e3df6706
f8f424b8de4cb7cea5608432bbad1786f02cbc7e3c111f5d395288065f134fa0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/client:plusone.js?onload=googleOnLoad
200 OK 21 kB URL HTTP/2 apis.google.com/js/client:plusone.js?onload=googleOnLoad
IP
File type ASCII text, with very long lines (1429)
Hash caf2b8d6d95d29ee658e0818728a3d54
389f1fe166ca06d408a1279771598f8fa88de292
187ac8902369f0a1133813b63919e4038ce4982c209487bea90a7b9bc440a3c0
GET /js/client:plusone.js?onload=googleOnLoad HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21028
date: Mon, 20 Mar 2023 09:34:50 GMT
expires: Mon, 20 Mar 2023 09:34:50 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9d57bc153fb07500"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/nb-NO/sdk.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/nb-NO/sdk.js
IP
File type ASCII text, with very long lines (1957)
Hash d17a6219935950cfe3c94fb67aa4763b
b32542a6973e3786afc18bf85ef5d64bbab6ea4d
bf3cc5f59efa212f4c71283345e3ebe4d1ee396b37d9ee694dd8e9870e3ecfc8
GET /nb-NO/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 0b73bbb19f8313a6b5f69455322b97bc
etag: "d2338317f57e9fcb53ad8df0db35bba7"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 20 Mar 2023 09:37:32 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 0XpiGZNZUM/jyU+2eqR2Ow==
x-fb-debug: 48ZZcBnCa5puYc2nR6y6UAnQ7t6YOmEzaIpAkzjZwdc6l5QBcVx3P7yxcOHb9MJs0JAs4EIGR2tKGEFSlGLPjw==
content-length: 1687
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 09:34:50 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 884
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Cookie: _ttp=2NGyopRedpgOVK2VUkkUXRv7mj8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202303200934502AB027B2C67138988243
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60787dee798e7afc9c5500f386c65d6ca11a8da2b7f1badc2324067ec05c5606fa9f958a67b9595147434bc9822edb1402058924bd9d29ad054c64520d97ce1859f9492ee5009c194d9137b806071ff80d
expires: Mon, 20 Mar 2023 09:34:50 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 20 Mar 2023 09:34:50 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=16, cdn-cache; desc=MISS, edge; dur=5, origin; dur=111
x-origin-response-time: 112,23.36.79.28
x-akamai-request-id: 2f003262
X-Firefox-Spdy: h2
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js
200 OK 31 kB URL HTTP/1.1 downloads.mailchimp.com/js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js
IP
File type ASCII text, with very long lines (65526)
Hash 3530175be1e1538d436a675d24a615ab
6f35b53f64c48b30501ba339cf7ba72ccdcef0ca
be9c2809a18d698ba3afcea9dc2fdc5e32b2ca50722f268d5711a495eca5e790
GET /js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 20 Mar 2023 01:04:56 GMT
ETag: W/"d3149280c831cbf6538770c71a916f43"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: l6J-m3GMxEN4mrFR73zcPCIc8X2cEheerpxnvnnTnJmpUGEl-I6xqw==
Age: 65576
Vary: Accept-Encoding, Origin
ocsp.digicert.com/
200 OK 471 B IP
Hash d2f260fb0ba00b3698356095b00d68fc
f3445f67687111fb7c16ccd1ba8112a35b8339e0
edc0b07275f6982c49fc65e38c10a89a02b36969f2997fd5587bacf66386c468
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4404
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:50 GMT
Last-Modified: Mon, 20 Mar 2023 08:21:26 GMT
Server: ECAcc (ska/F7A7)
X-Cache: HIT
Content-Length: 471
script.hotjar.com/modules.e8a3d1a16d3ae98012cf.js
200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.e8a3d1a16d3ae98012cf.js
IP
File type Unicode text, UTF-8 text, with very long lines (50842)
Hash dcf3a7ce85da1a4b1e561e0ffdaada66
4962d86ef0ad6965f791d0ded4bce07658bd4be2
56e3d41fae7cd8cf239dafbee15237a13c3e8375357ac64c84902b322bf10a48
GET /modules.e8a3d1a16d3ae98012cf.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68657
date: Fri, 17 Mar 2023 11:28:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "dcf3a7ce85da1a4b1e561e0ffdaada66"
last-modified: Fri, 17 Mar 2023 11:27:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5DzQBrbnbAsgbmabPm5vh7QFDNmUjCh9NnBBhNbMtw7YQnpbpf26kg==
age: 252403
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash e5f5bf796d91f271e383cf1ff3ee5af4
70ead02da19095ca752d55e89a48fcdf59d44d33
247f023e282f1556e668df0033858196d682f31f659d1b53ea6dcaeff56c401a
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 1r1WtGtuK/Gtba7OhIKHeqE500eAz7oZM5LJDQp6iZOtEqJpOHxoS8RSrqY5jeBGFJwasn+Mn0noIF1U7QJJ4w==
content-length: 27907
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 09:34:50 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/833441087/?random=1679304890375&cv=11&fst=1679304890375&bg=ffffff&guid=ON&async=1>m=45be33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Kondomeriet%20%7C%20Sexleket%C3%B8y%20%7C%20Kondomeriet&auid=1058055447.1679304890&data=event%3Dview_item%3Bid%3D118814-P&rfmt=3&fmt=4
200 OK 1.3 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/833441087/?random=1679304890375&cv=11&fst=1679304890375&bg=ffffff&guid=ON&async=1>m=45be33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Kondomeriet%20%7C%20Sexleket%C3%B8y%20%7C%20Kondomeriet&auid=1058055447.1679304890&data=event%3Dview_item%3Bid%3D118814-P&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2927), with no line terminators
Hash 883ce8c8df70afdf19581409a60e29e5
2a03922e78783a2931cf0dbbbbbee7bd9f1045e5
e48de434a9189c7d7ce17ce4e3e1b5e94ef37a3e136603447440461be4e71c37
GET /pagead/viewthroughconversion/833441087/?random=1679304890375&cv=11&fst=1679304890375&bg=ffffff&guid=ON&async=1>m=45be33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Kondomeriet%20%7C%20Sexleket%C3%B8y%20%7C%20Kondomeriet&auid=1058055447.1679304890&data=event%3Dview_item%3Bid%3D118814-P&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 09:34:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1317
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 20-Mar-2023 09:49:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/833441087/?random=1679304890367&cv=11&fst=1679304890367&bg=ffffff&guid=ON&async=1>m=45be33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Kondomeriet%20%7C%20Sexleket%C3%B8y%20%7C%20Kondomeriet&auid=1058055447.1679304890&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 1.3 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/833441087/?random=1679304890367&cv=11&fst=1679304890367&bg=ffffff&guid=ON&async=1>m=45be33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Kondomeriet%20%7C%20Sexleket%C3%B8y%20%7C%20Kondomeriet&auid=1058055447.1679304890&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2899), with no line terminators
Hash 2f790b272d8553c900a27af113a1247e
ad3d4eecb84748bd0b1ea331aedfe759eae001cf
df6f301a6c901dab6bb77590ba31c0a173257bab419609feb72cac0fd9ebb050
GET /pagead/viewthroughconversion/833441087/?random=1679304890367&cv=11&fst=1679304890367&bg=ffffff&guid=ON&async=1>m=45be33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Kondomeriet%20%7C%20Sexleket%C3%B8y%20%7C%20Kondomeriet&auid=1058055447.1679304890&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 09:34:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1304
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 20-Mar-2023 09:49:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d2f260fb0ba00b3698356095b00d68fc
f3445f67687111fb7c16ccd1ba8112a35b8339e0
edc0b07275f6982c49fc65e38c10a89a02b36969f2997fd5587bacf66386c468
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4404
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:50 GMT
Last-Modified: Mon, 20 Mar 2023 08:21:26 GMT
Server: ECAcc (ska/F7A7)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d2b91b87a3060a36d0002f6338924521
b216a0ae0e118f942207ae6c51a5309393fe79f4
835446923abce8bde27c74317de5388462f43f7cbf93293a15891a2a2554e406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk.js?hash=68a7419c4ab99d30e733001eff34c3d5
200 OK 89 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=68a7419c4ab99d30e733001eff34c3d5
IP
File type ASCII text, with very long lines (18530)
Hash 4d9ae347ca1baade8da588f2359a6804
56688be9358d80a1eb752a1a190d2d55c637ecc9
61d478c863c5b8fe5700021003e17359ec2beee7164da888e7445a13a6eb814b
GET /en_US/sdk.js?hash=68a7419c4ab99d30e733001eff34c3d5 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: addaa03298a621c3da113509a534a7b4
etag: "8bcaa72086b5c0bfc2417a5446f36b28"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 19 Mar 2024 07:57:05 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: TZrjR8obqt6NpYjyNZpoBA==
x-fb-debug: 2jvXkTTxeKJTs9lIu6UWPV8KxFkhI1sueKQyjhgm1nT0wpaOigOXD6KKa3R6A7hr4RGVfNkqHu6JhuTReQLjVQ==
content-length: 88591
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 09:34:50 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-647974.js?sv=7
200 OK 4.0 kB URL HTTP/2 static.hotjar.com/c/hotjar-647974.js?sv=7
IP
File type ASCII text, with very long lines (7698)
Hash 36c412e3472a4903f63febde5b787578
567e09d4fd12c036dd6d780aceb849f3d29c2dee
7ec79bea47857ba2394227eb2da34ffb182b369c1d2452808e65da0024638fca
GET /c/hotjar-647974.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 20 Mar 2023 09:33:51 GMT
cache-control: max-age=60
etag: W/e5550fbcac3d7a77aed71bfe378ada48
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TiPe2CbjO1xO5QHWAZMfWkAmmezEav0aOPldD1-CoiQ5syl5BdKmQw==
age: 59
X-Firefox-Spdy: h2
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css
200 OK 2.4 kB URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css
IP
Hash 3cfcae5ecbe1aad91098583e54328b92
1ca36e5cbcee686614ead072b9662d61ef2a4ff9
d839afebe9eaa82da6e924ae0f0b3b936c51756fcb9db0ab8b405bc694ae1817
GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: br
Date: Mon, 20 Mar 2023 03:12:00 GMT
ETag: W/"82e72d627b04e1654282023cca1d1e69"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 77bDcZllrzVdUnluFGthf_PAlUtSvMBURj3iI3U4TffOBYd2YP86Uw==
Age: 22970
Vary: Accept-Encoding, Origin
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/banner.css
200 OK 348 B URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/banner.css
IP
Hash 7dc952a02aac2296639b02e8b693f1ca
141d2c58d397b253795db7e070d0846e4cb67d37
4768822ea5fd24c1368db661e02e9e2119f98351068a5531c3ae6e7a762f5e9a
GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/banner.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 19 Mar 2023 15:21:55 GMT
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
ETag: W/"78d1bdd981816cfbeb6954a85f9efa58"
Server: AmazonS3
Content-Encoding: br
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jbGQ4bko1lWJlragpCG4278Y0oWkmwOSjSsLMpV8m3B2U2Zuf8Vliw==
Age: 65576
Vary: Accept-Encoding, Origin
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1821955-4&cid=1344664901.1679304890&jid=305754149&gjid=138407385&_gid=56493764.1679304891&_u=aCDAgEArQAAAAEAMI~&z=1663456539
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1821955-4&cid=1344664901.1679304890&jid=305754149&gjid=138407385&_gid=56493764.1679304891&_u=aCDAgEArQAAAAEAMI~&z=1663456539
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1821955-4&cid=1344664901.1679304890&jid=305754149&gjid=138407385&_gid=56493764.1679304891&_u=aCDAgEArQAAAAEAMI~&z=1663456539 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.kondomeriet.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Mar 2023 09:34:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/layout-2.css
200 OK 378 B URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/layout-2.css
IP
Hash cf3f32b87e7db0bc75850ee6a3971b0a
f2cd301fb0f02e3f0268ff23b654a239113e4fb2
79357138bcdc91233e5196ca82ef83bed0fdcb2468b4cd1a433c9cb859ac5fdd
GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/layout-2.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: br
Date: Sun, 19 Mar 2023 16:26:16 GMT
ETag: W/"38f50a83c6d5d15facb231447fa1ac56"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WPnN2ItjSedq7tmmNvLv8ybYub0GGo8MDvKqgLmlxL-b4jSt--e_Xg==
Age: 61715
Vary: Accept-Encoding, Origin
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/modal.css
200 OK 831 B URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/modal.css
IP
Hash 1a1623889286bcd5c001f4b01b6c4023
0d0642ffea4688b5208fed975b58f0ae90021d17
e13ee61a53cc976ff4395692fc0579ae44f25c29bea6024f76adc718fa3ba0c6
GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/modal.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: br
Date: Sun, 19 Mar 2023 19:27:02 GMT
ETag: W/"aa6f4416185bd7f299dd89e11dac117f"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lrtdm5xtgpC0uLX22uNeu8hX-J0tj7TgsAEx9heuAcQv6ocIAWZ-Zg==
Age: 50870
Vary: Accept-Encoding, Origin
stats.g.doubleclick.net/g/collect?v=2&tid=G-P3QPV1X7WT&cid=1344664901.1679304890>m=45je33f0&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-P3QPV1X7WT&cid=1344664901.1679304890>m=45je33f0&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-P3QPV1X7WT&cid=1344664901.1679304890>m=45je33f0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://www.kondomeriet.no
date: Mon, 20 Mar 2023 09:34:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-P3QPV1X7WT>m=45je33f0&_p=1068258046&_gaz=1&cid=1344664901.1679304890&ul=en-us&sr=1280x1024&_s=1&sid=1679304890&sct=1&seg=0&dl=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&dr=https%3A%2F%2Fapi.kelkoogroup.net%2F&dt=Kondomeriet%20%7C%20Sexleket%C3%B8y%20%7C%20Kondomeriet&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-P3QPV1X7WT>m=45je33f0&_p=1068258046&_gaz=1&cid=1344664901.1679304890&ul=en-us&sr=1280x1024&_s=1&sid=1679304890&sct=1&seg=0&dl=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&dr=https%3A%2F%2Fapi.kelkoogroup.net%2F&dt=Kondomeriet%20%7C%20Sexleket%C3%B8y%20%7C%20Kondomeriet&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-P3QPV1X7WT>m=45je33f0&_p=1068258046&_gaz=1&cid=1344664901.1679304890&ul=en-us&sr=1280x1024&_s=1&sid=1679304890&sct=1&seg=0&dl=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&dr=https%3A%2F%2Fapi.kelkoogroup.net%2F&dt=Kondomeriet%20%7C%20Sexleket%C3%B8y%20%7C%20Kondomeriet&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.kondomeriet.no
date: Mon, 20 Mar 2023 09:34:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn-images.mailchimp.com/icons/mailchimp-gdpr.svg
200 OK 578 B URL HTTP/1.1 cdn-images.mailchimp.com/icons/mailchimp-gdpr.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1530), with no line terminators
Hash ba4a60f0dfe4ca855aca6a392fbe17d9
b32dda6b52ca19eaf5fa3305e0406a3aa3d4919d
6a2a10dace3deec784ec1b448a3672c587940f17dcbf0750489510e2cbfa3957
GET /icons/mailchimp-gdpr.svg HTTP/1.1
Host: cdn-images.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 25 Apr 2018 21:26:45 GMT
x-amz-meta-s3fox-filesize: 1530
x-amz-version-id: null
x-amz-meta-s3fox-modifiedtime: 1524676315000
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 20 Mar 2023 07:56:02 GMT
ETag: W/"59a8ccc2056b4656cdc1e99c50b9d0db"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: edHp4cu8sFC9QmMUyzGM-CHKKPGxNCd2mExPPUcQzl-kbTHVAYpLWA==
Age: 5928
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e8fc65c8ed6ea66df6d6f044d7636fe2
da5b32e7c3fb8dddbd1466e4733cab6e35a66f8c
733e51b02cac5aca153e462118e12f623b0be034bb5488eb021c09a4b41744dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e8fc65c8ed6ea66df6d6f044d7636fe2
da5b32e7c3fb8dddbd1466e4733cab6e35a66f8c
733e51b02cac5aca153e462118e12f623b0be034bb5488eb021c09a4b41744dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 09:34:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/833441087/?random=1679304890367&cv=11&fst=1679302800000&bg=ffffff&guid=ON&async=1>m=45be33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Kondomeriet%20%7C%20Sexleket%C3%B8y%20%7C%20Kondomeriet&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2893400055&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/833441087/?random=1679304890367&cv=11&fst=1679302800000&bg=ffffff&guid=ON&async=1>m=45be33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Kondomeriet%20%7C%20Sexleket%C3%B8y%20%7C%20Kondomeriet&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2893400055&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/833441087/?random=1679304890367&cv=11&fst=1679302800000&bg=ffffff&guid=ON&async=1>m=45be33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Kondomeriet%20%7C%20Sexleket%C3%B8y%20%7C%20Kondomeriet&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2893400055&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 09:34:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/833441087/?random=1679304890375&cv=11&fst=1679302800000&bg=ffffff&guid=ON&async=1>m=45be33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Kondomeriet%20%7C%20Sexleket%C3%B8y%20%7C%20Kondomeriet&data=event%3Dview_item%3Bid%3D118814-P&fmt=3&is_vtc=1&random=3004929354&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/833441087/?random=1679304890375&cv=11&fst=1679302800000&bg=ffffff&guid=ON&async=1>m=45be33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Kondomeriet%20%7C%20Sexleket%C3%B8y%20%7C%20Kondomeriet&data=event%3Dview_item%3Bid%3D118814-P&fmt=3&is_vtc=1&random=3004929354&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/833441087/?random=1679304890375&cv=11&fst=1679302800000&bg=ffffff&guid=ON&async=1>m=45be33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Kondomeriet%20%7C%20Sexleket%C3%B8y%20%7C%20Kondomeriet&data=event%3Dview_item%3Bid%3D118814-P&fmt=3&is_vtc=1&random=3004929354&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 09:34:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vc.hotjar.io/sessions/647974?s=0.25&r=0.15429525011201028
204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/647974?s=0.25&r=0.15429525011201028
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/647974?s=0.25&r=0.15429525011201028 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Mon, 20 Mar 2023 09:34:50 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FtYOHYq-nn22AH310dVCWwYO0NefceFZjOlx7KotFdVJ9I3DZdy0FQ==
X-Firefox-Spdy: h2
ocsp.e2m02.amazontrust.com/
200 OK 279 B URL HTTP/1.1 ocsp.e2m02.amazontrust.com/
IP
Hash d8eaf6c8fa31eddd0f9f7020e41a92fa
3cbb7bf9bcff0012d7e4bf4b1877cd5fa0db8fba
8afb9d08195ba5e7d95b9555caba1ee1519b9184b120b721b41da82c6f13300c
POST / HTTP/1.1
Host: ocsp.e2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 279
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100557
Date: Mon, 20 Mar 2023 09:34:51 GMT
Etag: "64170085-117"
Expires: Tue, 21 Mar 2023 13:30:48 GMT
Last-Modified: Sun, 19 Mar 2023 12:31:01 GMT
Server: ECAcc (nya/789D)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EQahRsdMZAxExtE8pa5mEEJHamuMB87WfEbxapB3khwZPTjxXpF-2A==
Age: 3587
www.facebook.com/tr/?id=388170378365022&ev=PageView&dl=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&rl=https%3A%2F%2Fapi.kelkoogroup.net%2F&if=false&ts=1679304891314&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679304891314.1414291800&it=1679304890960&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=388170378365022&ev=PageView&dl=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&rl=https%3A%2F%2Fapi.kelkoogroup.net%2F&if=false&ts=1679304891314&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679304891314.1414291800&it=1679304890960&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=388170378365022&ev=PageView&dl=https%3A%2F%2Fwww.kondomeriet.no%2F%3Fkk%3Da4c6294-186fe5f0d0a-a342%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&rl=https%3A%2F%2Fapi.kelkoogroup.net%2F&if=false&ts=1679304891314&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679304891314.1414291800&it=1679304890960&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 20 Mar 2023 09:34:51 GMT
X-Firefox-Spdy: h2
www.kondomeriet.no/scripts/built/prod/js/kondomeriet.main.js?_=20230316105106
200 OK 0 B URL HTTP/2 www.kondomeriet.no/scripts/built/prod/js/kondomeriet.main.js?_=20230316105106
IP
GET /scripts/built/prod/js/kondomeriet.main.js?_=20230316105106 HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/?kk=a4c6294-186fe5f0d0a-a342&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: text/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
content-encoding: gzip
etag: "089a7e06256d91:0"
last-modified: Tue, 14 Mar 2023 10:51:06 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 508936
expires: Tue, 19 Mar 2024 09:34:49 GMT
server: cloudflare
cf-ray: 7aacf6261d881c12-OSL
X-Firefox-Spdy: h2
www.kondomeriet.no/UI/Icons/starEmpty.svg
200 OK 0 B URL HTTP/2 www.kondomeriet.no/UI/Icons/starEmpty.svg
IP
GET /UI/Icons/starEmpty.svg HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/Styles/kondomeriet.web.min.css?_=20230316105106
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: W/"0a0c0a7a229d91:0"
last-modified: Mon, 16 Jan 2023 12:04:16 GMT
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 5272769
expires: Tue, 19 Mar 2024 09:34:49 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aacf6270e8f1c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.kondomeriet.no/UI/Icons/starHalf.svg
200 OK 0 B URL HTTP/2 www.kondomeriet.no/UI/Icons/starHalf.svg
IP
GET /UI/Icons/starHalf.svg HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/Styles/kondomeriet.web.min.css?_=20230316105106
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: W/"0a0c0a7a229d91:0"
last-modified: Mon, 16 Jan 2023 12:04:16 GMT
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 5272765
expires: Tue, 19 Mar 2024 09:34:49 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aacf6270e851c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oupypiulh58.O/m=client,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/cb=gapi.loaded_0?le=scs
200 OK 0 B URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oupypiulh58.O/m=client,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/cb=gapi.loaded_0?le=scs
IP
GET /_/scs/abc-static/_/js/k=gapi.lb.en.Oupypiulh58.O/m=client,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 110874
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 21:57:16 GMT
expires: Thu, 14 Mar 2024 21:57:16 GMT
cache-control: public, max-age=31536000
age: 387454
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.kondomeriet.no/UI/Icons/par_2.svg
200 OK 0 B URL HTTP/2 www.kondomeriet.no/UI/Icons/par_2.svg
IP
GET /UI/Icons/par_2.svg HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/Styles/kondomeriet.web.min.css?_=20230316105106
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: W/"0a0c0a7a229d91:0"
last-modified: Mon, 16 Jan 2023 12:04:16 GMT
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 5272765
expires: Tue, 19 Mar 2024 09:34:49 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aacf626fe7a1c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/647974/visit-data?sv=7
200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/647974/visit-data?sv=7
IP
POST /api/v2/client/sites/647974/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 133
Origin: https://www.kondomeriet.no
Connection: keep-alive
Referer: https://www.kondomeriet.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:51 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
www.kondomeriet.no/UI/Icons/bag.svg
200 OK 0 B URL HTTP/2 www.kondomeriet.no/UI/Icons/bag.svg
IP
GET /UI/Icons/bag.svg HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/Styles/kondomeriet.web.min.css?_=20230316105106
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: W/"0a0c0a7a229d91:0"
last-modified: Mon, 16 Jan 2023 12:04:16 GMT
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 5272765
expires: Tue, 19 Mar 2024 09:34:49 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aacf626ee6a1c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.kondomeriet.no/UI/Icons/star.svg
200 OK 0 B URL HTTP/2 www.kondomeriet.no/UI/Icons/star.svg
IP
GET /UI/Icons/star.svg HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/Styles/kondomeriet.web.min.css?_=20230316105106
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: W/"0a0c0a7a229d91:0"
last-modified: Mon, 16 Jan 2023 12:04:16 GMT
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 5272768
expires: Tue, 19 Mar 2024 09:34:49 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aacf626fe7b1c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.kondomeriet.no/UI/Icons/menn.svg
200 OK 0 B URL HTTP/2 www.kondomeriet.no/UI/Icons/menn.svg
IP
GET /UI/Icons/menn.svg HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/Styles/kondomeriet.web.min.css?_=20230316105106
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: W/"0a0c0a7a229d91:0"
last-modified: Mon, 16 Jan 2023 12:04:16 GMT
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 5272765
expires: Tue, 19 Mar 2024 09:34:49 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aacf626fe781c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.kondomeriet.no/UI/Icons/kvinner.svg
200 OK 0 B URL HTTP/2 www.kondomeriet.no/UI/Icons/kvinner.svg
IP
GET /UI/Icons/kvinner.svg HTTP/1.1
Host: www.kondomeriet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kondomeriet.no/Styles/kondomeriet.web.min.css?_=20230316105106
Cookie: .ASPXANONYMOUS=52icDaGR2QEkAAAAMTRhMTYyZGEtYTdlMC00ZDIwLTk4NGItY2M3YmYyNDRlYWQ0cPbaAudh-uhK-SQgkxMLkmcVos66SOdu4YMg3gw9Kuk1; Kondomeriet=fa43n1qug1sa221j3gnpt4fv; EPiSessionId=3300271a-6936-431a-a03c-1c167f439dcb; epi_RecommendationsTrackingUserId=cuid=100877647616|rJaWFIUxrem6N-fHBOuvWO5SEB497s70R6c7dQOu5I4&h=; epi_RecommendationsTrackingSessionId=127075334316|lesK-_S0qhUdXOADBsV8BiSz_4WgTsbMtOEJm-AgK5k; ARRAffinity=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748; ARRAffinitySameSite=a0759af8ee6b4f5dd10706e7288fdd512a9854dc68934c5ce88a510ebcc3d748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 09:34:49 GMT
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
etag: W/"0a0c0a7a229d91:0"
last-modified: Mon, 16 Jan 2023 12:04:16 GMT
request-context: appId=cid-v1:f448cbbe-913f-4702-bfb3-62b9ee3f7f77
x-ua-compatible: IE=Edge
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: HIT
age: 5272765
expires: Tue, 19 Mar 2024 09:34:49 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aacf626fe751c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
37.48.65.155
23.36.76.122
104.18.11.120
142.250.74.168
217.114.94.2
116.203.50.204
151.101.246.109
185.60.164.26
52.212.98.141