Report - topscybrmondayxyz.com/l/6iSuFB5XAQgpPPKcMF5o

Report Overview

Visited public
2023-11-30 13:17:59
Tags
URL
topscybrmondayxyz.com/l/6iSuFB5XAQgpPPKcMF5o
Finishing URL
c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
ShopBetter.no

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
track.montarioext1.com	unknown	2023-09-19	2023-09-19 11:04:08	2023-11-23 05:19:13	604 B	832 B	3.69.182.131
s3.eu-central-1.amazonaws.com	unknown	2005-08-18	2014-11-23 19:35:48	2023-11-29 19:05:26	2.6 kB	18 kB	52.219.170.49
christmas.grndrs.com	unknown	2019-10-02	2019-11-20 13:25:25	2023-11-20 03:08:29	1.4 kB	25 kB	46.253.116.85
www.shopbetter.no	unknown	2023-03-29	2023-09-11 15:52:10	2023-11-20 03:08:32	518 B	12 kB	46.253.116.83
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-11-30 05:10:36	1.4 kB	108 kB	151.101.2.137
use.fontawesome.com	942	2012-10-18	2017-01-30 05:43:25	2023-11-30 05:11:00	1.0 kB	88 kB	172.64.140.13
shopbetter.no	unknown	2023-03-29	2023-09-11 15:52:10	2023-11-22 16:35:34	514 B	488 B	46.253.116.83
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-30 08:05:45	902 B	179 kB	142.250.74.168
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-11-30 06:00:14	582 B	578 B	142.250.74.163
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-11-30 05:09:14	782 B	448 B	216.239.32.36
c.shopbetter.no	unknown	2023-03-29	2023-09-11 15:52:10	2023-11-20 03:08:30	1.4 kB	52 kB	46.253.116.83
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-11-30 05:09:11	516 B	27 kB	104.17.24.14
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-11-30 07:56:25	966 B	33 kB	104.18.10.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-30 13:17:44	medium	Client IP	Internal IP	ET INFO DNS Query for Suspicious .icu Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	From	Size	First Seen	Last Seen
	c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433	ScriptElement	31 kB	2023-11-17	2024-08-20
Pretty URL c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 IP 46.253.116.83 ASN #29551 Aixit GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-17 06:18 Last Seen2024-08-20 19:09 Times Seen38 Hash a6f928b8a8210ba50643b1cb4cf320a1 a9248f536885b176295dc579683acfd9a7cd396d d6210886b9a2811d456397e495337c7829e8234a316f09b5ac9a7a7250c54e83 Loading...

	c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc IP 46.253.116.83 ASN #29551 Aixit GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 08:48 Times Seen4634952 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=G-337K85Z6SH&l=dataLayer&cx=c	ScriptElement	280 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=G-337K85Z6SH&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 14:18 Last Seen2023-11-30 14:18 Times Seen1 Hash 0550fcdde89e3b923d421c7c884cb31b a57f2e6aecb7bf112f2dea5177dfb324637971ce ccea2900586a6288bbc0589e09bdb66d43280ee157474c331b6a924818686e8f Loading...

	c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433	ScriptElement	614 B	2023-03-07	2024-12-23
Pretty URL c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 IP 46.253.116.83 ASN #29551 Aixit GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:09 Last Seen2024-12-23 11:55 Times Seen89 Hash 9744bb9920859ea1eb463a3dec41665f f0fdfba3ccada9aea55bf271909fa4400f5d1364 b519e2fd2aba1337da53882eb69c48805583e68b900918aa5d67df8d41e54f7f Loading...

	c.shopbetter.no/36703/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL c.shopbetter.no/36703/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 08:47 Times Seen341403 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	code.jquery.com/ui/1.12.1/jquery-ui.min.js	ScriptElement	254 kB	2023-03-07	2025-05-08
Pretty URL code.jquery.com/ui/1.12.1/jquery-ui.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-05-08 23:40 Times Seen4710 Hash 0a497d4661df7b82feee14332ce0bdaf f77d06b0c5dedef1f1db051a44a2b0d7f233ba3a 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5 Loading...

	www.shopbetter.no/ct	ScriptElement	31 kB	2023-11-17	2024-08-20
Pretty URL www.shopbetter.no/ct IP 46.253.116.83 ASN #29551 Aixit GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-17 03:18 Last Seen2024-08-20 19:10 Times Seen39 Hash caae44c6c07a733def0cde930e13ca76 79f5a157cec8690f7c15ec98a8cbb29a6d4067a4 7d59769b9fa017f5c2e83486bc92074b992ae7f8e0e46ce27cc5ac5a4ef6db3b Loading...

	c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433	ScriptElement	230 B	2023-10-29	2024-12-23
Pretty URL c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 IP 46.253.116.83 ASN #29551 Aixit GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-29 00:01 Last Seen2024-12-23 11:55 Times Seen89 Hash 815047ac200a57eb2ad95970d01f6fd1 78f6467b62312fa69c735b38f52b492affc9983e 038a82a9eb7531de41c8f2b4c5db4d690f1c107a4ad84ce9b1ddc0010afe51dc Loading...

	c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433	ScriptElement	60 B	2023-10-29	2024-12-23
Pretty URL c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 IP 46.253.116.83 ASN #29551 Aixit GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-29 00:01 Last Seen2024-12-23 11:55 Times Seen89 Hash e931ea08b0dd0ad9a19355482d8b45ce b0660de440874804df69358f0d4dc336aadadbbb 2aaeb3880d10a259dc825fdd83f35e9ca9a0d36c9559c374c5fa7da274373114 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js	ScriptElement	37 kB	2023-03-07	2025-05-09
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:38 Times Seen27454 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433	ScriptElement	258 B	2023-03-08	2024-12-23
Pretty URL c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 IP 46.253.116.83 ASN #29551 Aixit GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 07:34 Last Seen2024-12-23 11:55 Times Seen90 Hash 74d6f13c9bf6b22cd83d9ca1cad1f94e 99f665945d3d1e0207398ccc07616441c529cb6f 88a797a04f55493e1a34074a1852115308f896f8adff8a5da2eb22265a10b042 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 08:47 Times Seen340602 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.shopbetter.no/ct	ScriptElement	304 B	2023-10-29	2024-08-20
Pretty URL www.shopbetter.no/ct IP 46.253.116.83 ASN #29551 Aixit GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-29 00:01 Last Seen2024-08-20 22:00 Times Seen88 Hash f9b1cc0b6ebf4713d614fd57458ea123 393e0c6b9a457592ae9cdfc24afbd53e6a012c98 1a8cc1b46ce40efed1d80d09cd26eb0d5b27e516a704f8659f5048528e62f93d Loading...

	www.googletagmanager.com/gtag/js?id=GTM-TKRM52M	ScriptElement	251 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=GTM-TKRM52M IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 14:18 Last Seen2023-11-30 14:18 Times Seen2 Hash 7db3bcd4a598624fc54a54d5080c22eb 0d94b35ae74536f8604a19e0a66d9e6a92ee5e66 2791306ddb8f67fdd70f30bfa2ea8ec0fd332d7754437bfbe8cb660f72763f01 Loading...

	code.jquery.com/jquery-3.1.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-09
Pretty URL code.jquery.com/jquery-3.1.1.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:31 Times Seen112198 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	www.shopbetter.no/ct	ScriptElement	301 B	2023-11-14	2024-08-20
Pretty URL www.shopbetter.no/ct IP 46.253.116.83 ASN #29551 Aixit GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-14 08:08 Last Seen2024-08-20 19:39 Times Seen4 Hash 5840018e6df33115c09c527d35b36a40 089785537b224ae3a49caa8aad796d472d5a29d2 d50dee7502e82aff33b4c156fcb1a7c5b9a5d6c6ee6f4b012f9efdde3fd09a02 Loading...

HTTP Transactions (26)

	URL	IP	Response	Size
	track.montarioext1.com/d3fa545a-a903-4b2a-b3b3-37c04d28fe81?click_id=wg572tfe0dcto5dtie2ai8j0&camp-id=05836403-f6b7-4081-ac4d-11174b58e9c5	3.69.182.131	302 Found	0 B
URL User Request GET HTTP/2 track.montarioext1.com/d3fa545a-a903-4b2a-b3b3-37c04d28fe81?click_id=wg572tfe0dcto5dtie2ai8j0&camp-id=05836403-f6b7-4081-ac4d-11174b58e9c5 IP 3.69.182.131:443 ASN #16509 AMAZON-02 Certificate IssuerLet's Encrypt Subjecttrack.montarioext1.com Fingerprint42:88:01:6D:F9:E0:B5:D9:41:E6:0B:BC:94:BE:60:2C:94:C7:82:C1 ValidityFri, 17 Nov 2023 07:45:22 GMT - Thu, 15 Feb 2024 07:45:21 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /d3fa545a-a903-4b2a-b3b3-37c04d28fe81?click_id=wg572tfe0dcto5dtie2ai8j0&camp-id=05836403-f6b7-4081-ac4d-11174b58e9c5 HTTP/1.1 Host: track.montarioext1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: nginx date: Thu, 30 Nov 2023 13:17:40 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://christmas.grndrs.com/36704/183997/?tc=wrhjia3f98kem5dt29fb1tdc pragma: no-cache set-cookie: d3fa545a-a903-4b2a-b3b3-37c04d28fe81-v4=SiHpkzPOASCrUAVmN_LFQu7NffdVb-v2fp_SaJp7i1M; Max-Age=86400; Expires=Fri, 01-Dec-2023 13:17:40 GMT; Domain=track.montarioext1.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=e5rTI0LTqifmaSyDuNcn8zqgc0mHweLtpdL0J5jXYz5w6FwxUnsNS718QZtdEp0pfwOIgfy3lGcV%2Bp%2BKcUWFpWCIkihEBYIpY4O9BeyWttV7TI4F7ziira%2ByyVSBB9w%2FPT1pJVVxgpmXVU0lDQNqaA%3D%3D; Max-Age=31536000; Expires=Fri, 29-Nov-2024 13:17:40 GMT; Domain=track.montarioext1.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	christmas.grndrs.com/36704/183997/?tc=wrhjia3f98kem5dt29fb1tdc	46.253.116.85	301 Moved Permanently	232 B
URL User Request GET HTTP/1.1 christmas.grndrs.com/36704/183997/?tc=wrhjia3f98kem5dt29fb1tdc IP 46.253.116.85:443 ASN #29551 Aixit GmbH Certificate IssuerLet's Encrypt Subjectchristmas.grndrs.com FingerprintC8:62:0C:A7:31:6F:7A:47:F8:E5:8E:1F:27:71:DC:D2:34:33:2D:D4 ValidityMon, 09 Oct 2023 07:37:47 GMT - Sun, 07 Jan 2024 07:37:46 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 232 B (232 bytes) Hash 1e7793870bc5167f8f6b60958085c88b d9d43aa7e2290695861694bdd4619e56875d39e4 65aba7af3a026c8aa9e9b6ef36d2338b3c207ed0f8b0b1a3b5afbe59ef7a8112 HTTP Headers GET /36704/183997/?tc=wrhjia3f98kem5dt29fb1tdc HTTP/1.1 Host: christmas.grndrs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 301 Moved Permanently Date: Thu, 30 Nov 2023 13:17:41 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains Location: https://christmas.grndrs.com/36704/183997?tc=wrhjia3f98kem5dt29fb1tdc Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 232 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1`

	christmas.grndrs.com/36704/183997?tc=wrhjia3f98kem5dt29fb1tdc	46.253.116.85	302 Found	11 kB
URL User Request GET HTTP/1.1 christmas.grndrs.com/36704/183997?tc=wrhjia3f98kem5dt29fb1tdc IP 46.253.116.85:443 ASN #29551 Aixit GmbH Certificate IssuerLet's Encrypt Subjectchristmas.grndrs.com FingerprintC8:62:0C:A7:31:6F:7A:47:F8:E5:8E:1F:27:71:DC:D2:34:33:2D:D4 ValidityMon, 09 Oct 2023 07:37:47 GMT - Sun, 07 Jan 2024 07:37:46 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (30900) Size 11 kB (10992 bytes) Hash 741d8b882d7b5cffc9285c666483c636 ac93667c934bf46bb93a55aaaf2d8254e849488a a90787fff54f89b5d768e5e87bbb27f43ada40eb4bf78a620564f916cb0931a7 HTTP Headers GET /36704/183997?tc=wrhjia3f98kem5dt29fb1tdc HTTP/1.1 Host: christmas.grndrs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Date: Thu, 30 Nov 2023 13:17:41 GMT Server: Apache Cache-Control: no-cache, private Set-Cookie: XSRF-TOKEN=eyJpdiI6ImFseE5RYXBxVjJ2NUV0a0E1NjZSRmc9PSIsInZhbHVlIjoiUnY1WG9FNVp5Q1VSVkZra1FjVUkyZTcwNllrZmxVcXBmWXh1a3BQZ1UwUEFOaXlJS1ZSOFE2Qjh0dENhSVhHeXR0NDB1QUNXMFlWOWRWSENiZnEyZ3c9PSIsIm1hYyI6IjU0Yjc2NmQ4YTU5NjUyNzhiZWJlMDJjODg4M2IwYzkxMWFmMmVkMWU3OGZlNDIwN2MyOTIyODdlM2MxOWUxNGIifQ%3D%3D; expires=Thu, 30-Nov-2023 15:17:41 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IktpandIbXNXQUk1OHdjeDdJcDdTWFE9PSIsInZhbHVlIjoiMm8wWkMyNU9xV2xFbzVhZ3AycTVcL0p0dVwvRkM5Y3JlNWxNRnFhVUU4ekZPMU1WaWNhdUxpa0tDcXRLNERNajEyczkwWmRqSFJlRnQxSHo1R3BhQzRkdz09IiwibWFjIjoiY2NmZjRiZGE1YmJiZDdmOWM5MGFmMzExZWEzNDgyYTgzNWU1NDMyZmFhOGI3MjczMGM2NzQ5NjQ3YjVhODBjMCJ9; expires=Thu, 30-Nov-2023 15:17:41 GMT; Max-Age=7200; path=/; httponly Strict-Transport-Security: max-age=31536000; includeSubDomains Location: https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 10992 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

	c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433	46.253.116.83	200 OK	19 kB
URL User Request GET HTTP/1.1 c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 IP 46.253.116.83:443 ASN #29551 Aixit GmbH Certificate IssuerLet's Encrypt Subjectshopbetter.no Fingerprint2E:C4:40:DF:67:45:43:F2:BD:3E:08:07:22:A8:75:07:84:1D:06:45 ValidityFri, 10 Nov 2023 22:08:40 GMT - Thu, 08 Feb 2024 22:08:39 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30900) Size 19 kB (18789 bytes) Hash 1e968a73d3366df6f5fbd38a503a5af4 2033f9ff947331ab831a8f9c2c09701ba59a8efa 6964c69dec10453ec5768c257b0235d2b3de45ce2b617abb84b490ff1d816f59 HTTP Headers GET /36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 HTTP/1.1 Host: c.shopbetter.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Date: Thu, 30 Nov 2023 13:17:41 GMT Server: Apache Cache-Control: no-cache, private Set-Cookie: XSRF-TOKEN=eyJpdiI6IklpNjA0SWF6eWx6UU1tZjJkVHBZUHc9PSIsInZhbHVlIjoiNFVHT01VeVd2YVBiV3lZZUJPdmxSQldNRnNzUEM3YW1QQkxYM1dlK3oxb2R1T29hRWpPQUJ3c3RBbkN4VkZQbHBuZ2ZBZkJnNU9NQlpsXC9YblNSWVF3PT0iLCJtYWMiOiIzYzdlYTMyZDQ5ODJhMTkzMGU1N2IxOWYxNTQ4YThlY2YwMjA0ZDQ4MWQyMzFiYTIzMzdlZDczOTJkNWIzNWMwIn0%3D; expires=Thu, 30-Nov-2023 15:17:42 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6ImViZFwvcGFMV0hkQXRsNStqSTA3MThnPT0iLCJ2YWx1ZSI6Ik9BNWZOdlpTTHRyM1VzV3piWFIzZjlpTE5sb293YUUrNnFFTWZObVFPenFlZWRcL09GVzYzSjZubGNLWHJWSkNWRTJZMU9xQmJcLzgxbHRhT1lSRmEzT0E9PSIsIm1hYyI6ImZiNjk3Mjc1ZDA1NzlhZDM5NzgzMzVjYTBhZDI2OTQ5ZmZmZTllODhmY2YwNjU0YzUxNTk4NzhlMjg3NmEyN2EifQ%3D%3D; expires=Thu, 30-Nov-2023 15:17:42 GMT; Max-Age=7200; path=/; httponly Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 18789 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

	cdnjs.cloudflare.com/ajax/libs/font-awesome-animation/0.2.1/font-awesome-animation.css	104.17.24.14	200 OK	26 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome-animation/0.2.1/font-awesome-animation.css IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (42858) Size 26 kB (26087 bytes) Hash 487c6a4cbd1b013edee261104cfef562 76e4d683ecc169b273207d2ad1529eca339435c3 dcd8c7c43ef7771e4f7f61209cf64f97313efca714121c91da46863c7eef1827 HTTP Headers `GET /ajax/libs/font-awesome-animation/0.2.1/font-awesome-animation.css HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://c.shopbetter.no DNT: 1 Connection: keep-alive Referer: https://c.shopbetter.no/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 30 Nov 2023 13:17:42 GMT content-type: text/css; charset=utf-8 content-length: 26087 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03e5f-2730f" last-modified: Mon, 04 May 2020 16:10:07 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 437691 expires: Tue, 19 Nov 2024 13:17:42 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vooz%2FH%2Fhr3lWEO3SZGQn1se8kLt3ffWw2bka7eNN1QCOcLzvt5U5pBuM5XuThzw%2BTh%2FRTHm6H5Ihv0fGhTBvIzmjPVMDlvs9jBVHh9o6BirNFrbcynfK3wP7dKv%2F3muTmAcI%2F7V1"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 82e35f4789da56c4-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css	151.101.2.137	200 OK	8.3 kB
URL GET HTTP/2 code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css IP 151.101.2.137:443 ASN #54113 FASTLY Requested by https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Certificate IssuerSectigo Limited Subject.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (2363) Size 8.3 kB (8323 bytes) Hash c4a88ec0cb998929a670c0c58d7dc526 03135a88e8dbc36020dd453d1e7407ce9a3a2cc2 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0 HTTP Headers `GET /ui/1.12.1/themes/base/jquery-ui.css HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c.shopbetter.no/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: text/css last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-8c85" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Thu, 30 Nov 2023 13:17:42 GMT age: 6548065 x-served-by: cache-lga13627-LGA, cache-bma1674-BMA x-cache: HIT, HIT x-cache-hits: 78, 201892 x-timer: S1701350263.981711,VS0,VE0 vary: Accept-Encoding content-length: 8323 X-Firefox-Spdy: h2

	code.jquery.com/ui/1.12.1/jquery-ui.min.js	151.101.2.137	200 OK	68 kB
URL GET HTTP/2 code.jquery.com/ui/1.12.1/jquery-ui.min.js IP 151.101.2.137:443 ASN #54113 FASTLY Requested by https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Certificate IssuerSectigo Limited Subject.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (32073) Size 68 kB (67751 bytes) Hash 0a497d4661df7b82feee14332ce0bdaf f77d06b0c5dedef1f1db051a44a2b0d7f233ba3a 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5 HTTP Headers `GET /ui/1.12.1/jquery-ui.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://c.shopbetter.no DNT: 1 Connection: keep-alive Referer: https://c.shopbetter.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-3dee4" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Thu, 30 Nov 2023 13:17:43 GMT age: 6548064 x-served-by: cache-lga13623-LGA, cache-bma1677-BMA x-cache: HIT, HIT x-cache-hits: 79, 249070 x-timer: S1701350263.023486,VS0,VE0 vary: Accept-Encoding content-length: 67751 X-Firefox-Spdy: h2

	code.jquery.com/jquery-3.1.1.min.js	151.101.2.137	200 OK	30 kB
URL GET HTTP/2 code.jquery.com/jquery-3.1.1.min.js IP 151.101.2.137:443 ASN #54113 FASTLY Requested by https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Certificate IssuerSectigo Limited Subject.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (32030) Size 30 kB (30070 bytes) Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf HTTP Headers `GET /jquery-3.1.1.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://c.shopbetter.no DNT: 1 Connection: keep-alive Referer: https://c.shopbetter.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-152b5" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Thu, 30 Nov 2023 13:17:43 GMT age: 6549661 x-served-by: cache-lga21947-LGA, cache-bma1677-BMA x-cache: HIT, HIT x-cache-hits: 119, 134009 x-timer: S1701350263.028726,VS0,VE0 vary: Accept-Encoding content-length: 30070 X-Firefox-Spdy: h2

	maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css	104.18.10.207	200 OK	20 kB
URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css IP 104.18.10.207:443 ASN #13335 CLOUDFLARENET Requested by https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Certificate IssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04 ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT File type ASCII text, with very long lines (65371) Size 20 kB (20524 bytes) Hash ec3bb52a00e176a7181d454dffaea219 6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68 f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c HTTP Headers `GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://c.shopbetter.no DNT: 1 Connection: keep-alive Referer: https://c.shopbetter.no/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 30 Nov 2023 13:17:43 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"ec3bb52a00e176a7181d454dffaea219" last-modified: Mon, 25 Jan 2021 22:03:59 GMT cdn-cachedat: 10/31/2023 18:59:36 cdn-proxyver: 1.04 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 1078 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: 1725ba8ae8eb6b8d623a53d204025db9 cdn-cache: HIT cf-cache-status: HIT age: 532733 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 82e35f47be5d712b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js	104.18.10.207	200 OK	11 kB
URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP 104.18.10.207:443 ASN #13335 CLOUDFLARENET Requested by https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Certificate IssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04 ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT File type ASCII text, with very long lines (32033) Size 11 kB (10726 bytes) Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef HTTP Headers `GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://c.shopbetter.no DNT: 1 Connection: keep-alive Referer: https://c.shopbetter.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 30 Nov 2023 13:17:43 GMT content-type: application/javascript; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"5869c96cc8f19086aee625d670d741f9" last-modified: Mon, 25 Jan 2021 22:04:00 GMT cdn-cachedat: 10/31/2023 19:27:53 cdn-proxyver: 1.04 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 1053 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: 84efa9ffd0160cfb133f2706e2c731b2 cdn-cache: HIT cf-cache-status: HIT age: 702807 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 82e35f47ce76712b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	s3.eu-central-1.amazonaws.com/storage-plusservicelabs-com/microsite_picture/eedb1071-d28c-48f9-8f77-c2fff74cc101/Maestro.png	52.219.170.49	200 OK	4.9 kB
URL GET HTTP/1.1 s3.eu-central-1.amazonaws.com/storage-plusservicelabs-com/microsite_picture/eedb1071-d28c-48f9-8f77-c2fff74cc101/Maestro.png IP 52.219.170.49:443 ASN #16509 AMAZON-02 Requested by https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Certificate IssuerAmazon Subject.s3.eu-central-1.amazonaws.com FingerprintC0:F4:6F:4D:C6:AC:6C:A1:11:26:8C:E5:92:0B:79:40:04:7A:A3:D9 ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 12 Aug 2024 23:59:59 GMT File type PNG image data, 71 x 48, 8-bit/color RGBA, non-interlaced\012- data Size 4.9 kB (4890 bytes) Hash 3cd584fb23197a7a5a7e8895ce57ee31 489f8cd0895ec909b6c63145747ef2e00ab25b7f 64ffb6948b82644cf20c05cb3aad1d0dc77fdabc6bbe2dc09bcd456c4465f82f HTTP Headers GET /storage-plusservicelabs-com/microsite_picture/eedb1071-d28c-48f9-8f77-c2fff74cc101/Maestro.png HTTP/1.1 Host: s3.eu-central-1.amazonaws.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c.shopbetter.no/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK x-amz-id-2: AlE4Qj2e6XIQF+2vSYdH3flkKmnpWwXmicjcbnXrNsueuwayWLlCefbvIhuX/B8QN3/s+CDSGyo= x-amz-request-id: 9BY77B5WYE0G2AXA Date: Thu, 30 Nov 2023 13:17:44 GMT x-amz-replication-status: COMPLETED Last-Modified: Tue, 10 Oct 2023 08:57:50 GMT ETag: "3cd584fb23197a7a5a7e8895ce57ee31" x-amz-server-side-encryption: AES256 x-amz-version-id: xCCi_JtYFgLgdNDCIRosnlOM4qX7iudd Accept-Ranges: bytes Content-Type: image/png Server: AmazonS3 Content-Length: 4890`

	s3.eu-central-1.amazonaws.com/storage-plusservicelabs-com/microsite_picture/043c7d24-e3f2-4d98-9ff2-9e9a2fd6da3a/Master%20Card.png	52.219.170.49	200 OK	4.0 kB
URL GET HTTP/1.1 s3.eu-central-1.amazonaws.com/storage-plusservicelabs-com/microsite_picture/043c7d24-e3f2-4d98-9ff2-9e9a2fd6da3a/Master%20Card.png IP 52.219.170.49:443 ASN #16509 AMAZON-02 Requested by https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Certificate IssuerAmazon Subject.s3.eu-central-1.amazonaws.com FingerprintC0:F4:6F:4D:C6:AC:6C:A1:11:26:8C:E5:92:0B:79:40:04:7A:A3:D9 ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 12 Aug 2024 23:59:59 GMT File type PNG image data, 71 x 48, 8-bit/color RGBA, non-interlaced\012- data Size 4.0 kB (4010 bytes) Hash 63bc19c47958fb7e8b33c0640e3cc410 ef8e9f0446e2316306e36a4e25db7a9f23c773b1 e098913e3288e05c19b535d4efef1c4063e0e272ca3a071ab4846aa6a5651434 HTTP Headers GET /storage-plusservicelabs-com/microsite_picture/043c7d24-e3f2-4d98-9ff2-9e9a2fd6da3a/Master%20Card.png HTTP/1.1 Host: s3.eu-central-1.amazonaws.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c.shopbetter.no/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK x-amz-id-2: pDQ3Yu/SnMQDb3s6zqVp2F7HhHU9IXjd1OtvYLAqP6WqdnheoofxgIywiGaH7eLyUEiz7i7TPOs= x-amz-request-id: 9BY2VK9YHBKZ8S75 Date: Thu, 30 Nov 2023 13:17:44 GMT x-amz-replication-status: COMPLETED Last-Modified: Tue, 10 Oct 2023 08:57:51 GMT ETag: "63bc19c47958fb7e8b33c0640e3cc410" x-amz-server-side-encryption: AES256 x-amz-version-id: YlrmWAqkyxnXRkZSGHC_A25X_24f9Ykp Accept-Ranges: bytes Content-Type: image/png Server: AmazonS3 Content-Length: 4010`

	s3.eu-central-1.amazonaws.com/storage-plusservicelabs-com/microsite_picture/22caf741-8bd9-4a8b-9dca-c4e2273de409/Visa.png	52.219.170.49	200 OK	2.9 kB
URL GET HTTP/1.1 s3.eu-central-1.amazonaws.com/storage-plusservicelabs-com/microsite_picture/22caf741-8bd9-4a8b-9dca-c4e2273de409/Visa.png IP 52.219.170.49:443 ASN #16509 AMAZON-02 Requested by https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Certificate IssuerAmazon Subject.s3.eu-central-1.amazonaws.com FingerprintC0:F4:6F:4D:C6:AC:6C:A1:11:26:8C:E5:92:0B:79:40:04:7A:A3:D9 ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 12 Aug 2024 23:59:59 GMT File type PNG image data, 70 x 50, 8-bit/color RGBA, non-interlaced\012- data Size 2.9 kB (2850 bytes) Hash 76469b0de5967189c5cffcea50dd81a5 5ea63f321e3cb26d016855329350edd6eca0668e 193f3e199372bc80ab93bde191d77afc54d8c2c79590437dd521860c645eba5b HTTP Headers GET /storage-plusservicelabs-com/microsite_picture/22caf741-8bd9-4a8b-9dca-c4e2273de409/Visa.png HTTP/1.1 Host: s3.eu-central-1.amazonaws.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c.shopbetter.no/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK x-amz-id-2: qRkJCeHvFvWPec0/uNwceAG4lWFh/kPEbNEU3gGPoh5cymafARv6EQCNrQ6ZgdQZsIXWh4jIq/8= x-amz-request-id: 9BY1MQGX7M8J5SC5 Date: Thu, 30 Nov 2023 13:17:44 GMT x-amz-replication-status: COMPLETED Last-Modified: Tue, 10 Oct 2023 08:57:51 GMT ETag: "76469b0de5967189c5cffcea50dd81a5" x-amz-server-side-encryption: AES256 x-amz-version-id: UvMfa.0m1Svqnp4tmIb7OFOG_HjRFDmP Accept-Ranges: bytes Content-Type: image/png Server: AmazonS3 Content-Length: 2850`

	use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2	172.64.140.13	200 OK	74 kB
URL GET HTTP/2 use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2 IP 172.64.140.13:443 ASN #13335 CLOUDFLARENET Requested by https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Certificate IssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 74256, version 329.-17761\012- data Size 74 kB (74256 bytes) Hash 418dad87601f9c8abd0e5798c0dc1feb a6b003ef506e92d05cde73adf67487d7fd7ec6df f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe HTTP Headers GET /releases/v5.8.1/webfonts/fa-solid-900.woff2 HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://c.shopbetter.no DNT: 1 Connection: keep-alive Referer: https://use.fontawesome.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Thu, 30 Nov 2023 13:17:43 GMT content-type: font/woff2 content-length: 74256 access-control-allow-origin: * cache-control: max-age=31556926 etag: "418dad87601f9c8abd0e5798c0dc1feb" last-modified: Fri, 22 Sep 2023 01:45:57 GMT vary: Origin, Accept-Encoding cf-cache-status: HIT age: 39110 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQWSGJXA89AQhrUM9IOtLLBGevBZZ7sBoYwFYiSX1x3vaM%2BEFNKyuNE%2Fmlnr5%2BTqxp9o7G9I%2Bffj3M5DSIq%2BMzh2Z9hA0aVpviPRaLsI1n42DhmkiUVZ6SaTb0mk2qYWTUR4VKaD"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82e35f498efb06d8-AMS alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	s3.eu-central-1.amazonaws.com/storage-plusservicelabs-com/microsite_picture/dc1f88ba-6cc9-4db3-89b9-e9f868e7f2bf/Visa2.png	52.219.170.49	200 OK	2.3 kB
URL GET HTTP/1.1 s3.eu-central-1.amazonaws.com/storage-plusservicelabs-com/microsite_picture/dc1f88ba-6cc9-4db3-89b9-e9f868e7f2bf/Visa2.png IP 52.219.170.49:443 ASN #16509 AMAZON-02 Requested by https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Certificate IssuerAmazon Subject.s3.eu-central-1.amazonaws.com FingerprintC0:F4:6F:4D:C6:AC:6C:A1:11:26:8C:E5:92:0B:79:40:04:7A:A3:D9 ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 12 Aug 2024 23:59:59 GMT File type PNG image data, 71 x 48, 8-bit/color RGBA, non-interlaced\012- data Size 2.3 kB (2314 bytes) Hash 5eab46630b02201e653d41f8d89af0dd cd066e334f1016c2f34305c9f9d17bffd016bbf8 5419044cbe9e6eeab7e8ed9c6081a61aefb2f7c20df204d75a45fda02a4b4bd5 HTTP Headers GET /storage-plusservicelabs-com/microsite_picture/dc1f88ba-6cc9-4db3-89b9-e9f868e7f2bf/Visa2.png HTTP/1.1 Host: s3.eu-central-1.amazonaws.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c.shopbetter.no/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK x-amz-id-2: gZzZ7T6je0PMU2qkFSoId6GJ1NcpXdz1GT2p3kAcNYechP+jwA2mz1NgygkB6fVmziPysVttyyY= x-amz-request-id: 9BYCGTQ51CF09CXA Date: Thu, 30 Nov 2023 13:17:44 GMT x-amz-replication-status: COMPLETED Last-Modified: Tue, 10 Oct 2023 08:57:51 GMT ETag: "5eab46630b02201e653d41f8d89af0dd" x-amz-server-side-encryption: AES256 x-amz-version-id: YzPZDLyKikaXLpj7aBQPqzN1jbgjfIfK Accept-Ranges: bytes Content-Type: image/png Server: AmazonS3 Content-Length: 2314`

	s3.eu-central-1.amazonaws.com/storage-plusservicelabs-com/favicon/8c4b6308-3845-4204-838c-1bf635854084/SBsquare.png	52.219.170.49	200 OK	1.9 kB
URL GET HTTP/1.1 s3.eu-central-1.amazonaws.com/storage-plusservicelabs-com/favicon/8c4b6308-3845-4204-838c-1bf635854084/SBsquare.png IP 52.219.170.49:443 ASN #16509 AMAZON-02 Requested by https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Certificate IssuerAmazon Subject.s3.eu-central-1.amazonaws.com FingerprintC0:F4:6F:4D:C6:AC:6C:A1:11:26:8C:E5:92:0B:79:40:04:7A:A3:D9 ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 12 Aug 2024 23:59:59 GMT File type PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced\012- data Size 1.9 kB (1888 bytes) Hash 3e277eefe03536eb1752920629f66fe4 9ef6c010cf4fc9b7d97fd09aa79cf0ce0df2c717 20c7413faf891b739d56c98144a5778f30a31c31c8e8f5f99b854704b7c681d0 HTTP Headers GET /storage-plusservicelabs-com/favicon/8c4b6308-3845-4204-838c-1bf635854084/SBsquare.png HTTP/1.1 Host: s3.eu-central-1.amazonaws.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c.shopbetter.no/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK x-amz-id-2: OCxoUZZoSZJGnwBQ3S3UeCEtT8ycrxcAWBD9lorFvLgzGr7O9w7C66G2Q/WfBqN4tmWdU4tCCDc= x-amz-request-id: 9BYA05HBEZ263WJ9 Date: Thu, 30 Nov 2023 13:17:44 GMT x-amz-replication-status: COMPLETED Last-Modified: Fri, 04 Feb 2022 13:30:08 GMT ETag: "3e277eefe03536eb1752920629f66fe4" x-amz-version-id: Ht6W4NQWjgJWLmln7p_S8QXZrq_HmItu Accept-Ranges: bytes Content-Type: image/png Server: AmazonS3 Content-Length: 1888`

	shopbetter.no/ct	46.253.116.83	301 Moved Permanently	194 B
URL GET HTTP/1.1 shopbetter.no/ct IP 46.253.116.83:443 ASN #29551 Aixit GmbH Requested by https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Certificate IssuerLet's Encrypt Subjectshopbetter.no Fingerprint2E:C4:40:DF:67:45:43:F2:BD:3E:08:07:22:A8:75:07:84:1D:06:45 ValidityFri, 10 Nov 2023 22:08:40 GMT - Thu, 08 Feb 2024 22:08:39 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 194 B (194 bytes) Hash 34a55569680d8a82f7614fa634e36c1c 34aff0d236a111bfaad4a4c017e7df46b2b65c99 f92aa2b44cf1a28d73558a510f207c7b6f99686b4da5696c1ce3664c817ad78e HTTP Headers `GET /ct HTTP/1.1 Host: shopbetter.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c.shopbetter.no/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Date: Thu, 30 Nov 2023 13:17:43 GMT Server: Apache Location: https://www.shopbetter.no/ct Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 194 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1`

	www.shopbetter.no/ct	46.253.116.83	200 OK	11 kB
URL GET HTTP/1.1 www.shopbetter.no/ct IP 46.253.116.83:443 ASN #29551 Aixit GmbH Requested by https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Certificate IssuerLet's Encrypt Subjectshopbetter.no Fingerprint2E:C4:40:DF:67:45:43:F2:BD:3E:08:07:22:A8:75:07:84:1D:06:45 ValidityFri, 10 Nov 2023 22:08:40 GMT - Thu, 08 Feb 2024 22:08:39 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (30900) Size 11 kB (10993 bytes) Hash e7eeb23edb2851360a3f9fe72c158e6a 78fa4d0acc04b9b3c26b052dd05deaad618e344d ef32f58d22699f4347f85df1028b3a48de520854212d580496a8c1a94b2c8188 HTTP Headers GET /ct HTTP/1.1 Host: www.shopbetter.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://c.shopbetter.no/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Date: Thu, 30 Nov 2023 13:17:43 GMT Server: Apache Cache-Control: no-cache, private Set-Cookie: XSRF-TOKEN=eyJpdiI6IlFOZDFPdHFIdzQxZlBQQ2gxM3dlcVE9PSIsInZhbHVlIjoia1dBdm9mK05ZRGRzcVVvTmxOMXZCVmNFeTZaK3FJVGpJa0doNGVPbUI1N2UwSDlJVVQvOEpXQWdwMElZOVpTR0FRdkFVUGJGdjNiNCtPcDB2akFaN0hqcnZpTzk1ZXRUZ3E5OU9HaEFsRWRDeEdvWGd2V01TUWhpb1ZaSjgvQ2ciLCJtYWMiOiJmN2FmNjMxZjRjMDljZGQyNjI5NTE5YjhlZjI4ZTI2YTQzYzg5MDI5NjU2ZjE2ZDYxNjZiMDJmODg3Y2Y3ZjM5IiwidGFnIjoiIn0%3D; expires=Thu, 30-Nov-2023 15:17:44 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IlM2NU9BWWttR3JzeWdYa1F2bWcwc3c9PSIsInZhbHVlIjoiU0xUL1I5bXl0L2p0U2VYNzdXQXlwbkVvbUhZTzdWcFNUYk94bFpGS2MvTXlvRWlheFpYcjRTeGlLbHpkL2lhSjduL1d5NEVSdzkvV0lOaE9EcFI0TjR2dXRhanpxQXBVUzlFN0VhbFVid2orTG5UZGhXM25IcVVlcVNwKzI4aFoiLCJtYWMiOiI0M2Y2YTcyNjdlOGE4MTQwZTFlYjM0NjU1ZTk3NzcwMzdjOTJlZGIzNjVjYjlhYjU2NDdkMzNiNDRhMzMyOWM1IiwidGFnIjoiIn0%3D; expires=Thu, 30-Nov-2023 15:17:44 GMT; Max-Age=7200; path=/; httponly device_session_id=eyJpdiI6IktLSHpJSkxaZCtVd2NLZ0JFcnNnUXc9PSIsInZhbHVlIjoiaWppdER3VmlyZDM2QTR4clRLRFZkRWhIWTBicHJTWVNtaUtxYzRLZ0lrRzhzMWUyeEFHQnBWZ1dHZEQwRkZRYlJaV3Q2ZEpFUGZGYWhGek5ScjJSVVE9PSIsIm1hYyI6ImE5Mjk0MzIwNDA4NDcyNTJmYzhlMTU5NGU3MDQ1MmU0ZWZkMjk3NDgxODI1ZmNmMTk0Y2Y1NmUxYjQ0ZTFlZWMiLCJ0YWciOiIifQ%3D%3D; expires=Sun, 14-Jan-2024 13:17:44 GMT; Max-Age=3888000; path=/; httponly Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 10993 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

	use.fontawesome.com/releases/v5.8.1/css/all.css	172.64.140.13	200 OK	12 kB
URL GET HTTP/2 use.fontawesome.com/releases/v5.8.1/css/all.css IP 172.64.140.13:443 ASN #13335 CLOUDFLARENET Requested by https://c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc&access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Certificate IssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT File type ASCII text, with very long lines (54926) Size 12 kB (12531 bytes) Hash e4c542a7f6bf6f74fdd8cdf6e8096396 3a0571a695a35f238026b9398386dc99d9a0c56d eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3 HTTP Headers `GET /releases/v5.8.1/css/all.css HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://c.shopbetter.no DNT: 1 Connection: keep-alive Referer: https://c.shopbetter.no/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 30 Nov 2023 13:17:43 GMT content-type: text/css access-control-allow-origin: * cache-control: max-age=31556926 etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396" last-modified: Fri, 22 Sep 2023 01:45:55 GMT vary: Origin, Accept-Encoding cf-cache-status: HIT age: 39110 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z21HH%2BWLdiZjlwOLrQpf5K5gDbNxdmGE5sCl5zDOjYX4zJ5RUHLq2Me227EVW0WLHk2hEKtrrEbVsUbZptEmkjozcHTPWB0ynDC%2F1BxPehembk9rGZUMqduH5AeLaAmOZsvrfYV1"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82e35f48ede406d8-AMS content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=GTM-TKRM52M	142.250.74.168	200 OK	85 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=GTM-TKRM52M IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://www.shopbetter.no/ct Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (11471) Size 85 kB (85313 bytes) Hash 7db3bcd4a598624fc54a54d5080c22eb 0d94b35ae74536f8604a19e0a66d9e6a92ee5e66 2791306ddb8f67fdd70f30bfa2ea8ec0fd332d7754437bfbe8cb660f72763f01 HTTP Headers `GET /gtag/js?id=GTM-TKRM52M HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.shopbetter.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 30 Nov 2023 13:17:46 GMT expires: Thu, 30 Nov 2023 13:17:46 GMT cache-control: private, max-age=900 last-modified: Thu, 30 Nov 2023 12:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 85313 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=G-337K85Z6SH&l=dataLayer&cx=c	142.250.74.168	200 OK	93 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-337K85Z6SH&l=dataLayer&cx=c IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://www.shopbetter.no/ct Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (5955) Size 93 kB (92762 bytes) Hash 0550fcdde89e3b923d421c7c884cb31b a57f2e6aecb7bf112f2dea5177dfb324637971ce ccea2900586a6288bbc0589e09bdb66d43280ee157474c331b6a924818686e8f HTTP Headers `GET /gtag/js?id=G-337K85Z6SH&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.shopbetter.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 30 Nov 2023 13:17:46 GMT expires: Thu, 30 Nov 2023 13:17:46 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 92762 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-337K85Z6SH&cid=955904423.1701350271&gtm=45je3b60v9166954017&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=312064475	142.250.74.163	200 OK	42 B
URL GET HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-337K85Z6SH&cid=955904423.1701350271&gtm=45je3b60v9166954017&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=312064475 IP 142.250.74.163:443 ASN #15169 GOOGLE Requested by https://www.shopbetter.no/ct Certificate IssuerGoogle Trust Services LLC Subject.google.no Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32 ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-337K85Z6SH&cid=955904423.1701350271&gtm=45je3b60v9166954017&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=312064475 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.shopbetter.no/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Thu, 30 Nov 2023 13:17:46 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	region1.analytics.google.com/g/collect?v=2&tid=G-337K85Z6SH&gtm=45je3b60v9166954017&_p=1701350268580&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=955904423.1701350271&ul=en-us&sr=1280x1024&_s=1&sid=1701350271&sct=1&seg=0&dl=https%3A%2F%2Fwww.shopbetter.no%2Fct&dr=https%3A%2F%2Fc.shopbetter.no%2F&dt=ShopBetter.no%20Campaign%20Visitor&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3272	216.239.32.36	204 No Content	0 B
URL POST HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-337K85Z6SH&gtm=45je3b60v9166954017&_p=1701350268580&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=955904423.1701350271&ul=en-us&sr=1280x1024&_s=1&sid=1701350271&sct=1&seg=0&dl=https%3A%2F%2Fwww.shopbetter.no%2Fct&dr=https%3A%2F%2Fc.shopbetter.no%2F&dt=ShopBetter.no%20Campaign%20Visitor&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3272 IP 216.239.32.36:443 ASN #15169 GOOGLE Requested by https://www.shopbetter.no/ct Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-337K85Z6SH&gtm=45je3b60v9166954017&_p=1701350268580&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=955904423.1701350271&ul=en-us&sr=1280x1024&_s=1&sid=1701350271&sct=1&seg=0&dl=https%3A%2F%2Fwww.shopbetter.no%2Fct&dr=https%3A%2F%2Fc.shopbetter.no%2F&dt=ShopBetter.no%20Campaign%20Visitor&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3272 HTTP/1.1 Host: region1.analytics.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.shopbetter.no DNT: 1 Connection: keep-alive Referer: https://www.shopbetter.no/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: https://www.shopbetter.no date: Thu, 30 Nov 2023 13:17:47 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc	46.253.116.83		11 kB
URL c.shopbetter.no/36703/183998?tc=wrhjia3f98kem5dt29fb1tdc IP 46.253.116.83:0 ASN #29551 Aixit GmbH Certificate IssuerLet's Encrypt Subjectshopbetter.no Fingerprint2E:C4:40:DF:67:45:43:F2:BD:3E:08:07:22:A8:75:07:84:1D:06:45 ValidityFri, 10 Nov 2023 22:08:40 GMT - Thu, 08 Feb 2024 22:08:39 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (30900) Size 11 kB (10919 bytes) Hash 3e1792df004d954376a5e9cc0ea8e2db 5af41c2d3a7543c8fd1ebf90378c825aab69291d 7cf9d0c89641527098e83cd1dd0c1e5685db0dece8b34e3146ac57cc89facfb9 HTTP Headers `GET /36703/183998?tc=wrhjia3f98kem5dt29fb1tdc HTTP/1.1 Host: c.shopbetter.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 302 Found Date: Thu, 30 Nov 2023 13:17:55 GMT Server: Apache Cache-Control: no-cache, private Set-Cookie: XSRF-TOKEN=eyJpdiI6IlBtVURSZUs2ZXpFeGNUeVdxV0J6NGc9PSIsInZhbHVlIjoiMU85b1F2Z2ttdFplZlZXWTZxSlhwenNyUCtWQzlWaHNEbHBUR3NqczUxNHdXbExaNjBYWWNVQm9RVFZDY0w2cmJvcEthK0lWZXRsR3FBZ3VRejBPS2c9PSIsIm1hYyI6ImU0MTU0OWZlZmU3NzljYTJhMjAyMTc1NDI4NmQ0ZmFjNDBjYjBkMDkzNDNmY2RmZDYzMGQ1M2UwZmUyMTY4YWQifQ%3D%3D; expires=Thu, 30-Nov-2023 15:17:55 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6InJkZ1V2SkZcLzVKbTU2dW5wMElNd2x3PT0iLCJ2YWx1ZSI6IjkyNGRUOW5TR2x5MmxEUHhybUZHMFdoXC9oVFNiaDBcL2tjTExuTW9QeGJtYVhpam9DWWFLSFpxRFVtakVOTUxRVm9HRWRpMUhsTnNXbHlUaU1HYlhQd2c9PSIsIm1hYyI6IjhmNWQ5MDY1YTFlNzQzM2IzZjFiMmQ2NTMwZDNkZjMzZmMyNWJhOThlOTJkYWM3YjFhYjA4ZDU3OGY4ODIxOTYifQ%3D%3D; expires=Thu, 30-Nov-2023 15:17:55 GMT; Max-Age=7200; path=/; httponly Location: https://christmas.grndrs.com/36704/183997 Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 10919 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

	christmas.grndrs.com/36704/183997	46.253.116.85		11 kB
URL christmas.grndrs.com/36704/183997 IP 46.253.116.85:0 ASN #29551 Aixit GmbH Certificate IssuerLet's Encrypt Subjectchristmas.grndrs.com FingerprintC8:62:0C:A7:31:6F:7A:47:F8:E5:8E:1F:27:71:DC:D2:34:33:2D:D4 ValidityMon, 09 Oct 2023 07:37:47 GMT - Sun, 07 Jan 2024 07:37:46 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (30900) Size 11 kB (10963 bytes) Hash 9751d448e62a29444a6afc5e57d1d09c 8410bb84fb64e0dc81fd7d88e1636bc4baa8c574 af2241a2ca34c55f8bab99828be9a1dd0d97c5e243f2df3542ac1ffa1a67670b HTTP Headers `GET /36704/183997 HTTP/1.1 Host: christmas.grndrs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 302 Found Date: Thu, 30 Nov 2023 13:17:55 GMT Server: Apache Cache-Control: no-cache, private Set-Cookie: XSRF-TOKEN=eyJpdiI6InJIZXdQem9tTGQ4YjFWWk1RbVU2Tnc9PSIsInZhbHVlIjoiczNaNVBkOG5vYW9jckNGaGFOVGtWdEJ2MWVyekczVUxKNUZGT0NMakxNaHZKTnNoRU9SUXhnSUVvSHQ4S1hsZHV4d25odEtZWlhlNjA4a2VDNWxcL0d3PT0iLCJtYWMiOiIzZDhkYTRkODMwMDgzMGE3YmIyYzcwMTMwOGEwOGIyMTA1YTIwYjU1YmZjMDE3ZjFlOWQzNDYxOTRlOTMwNTdkIn0%3D; expires=Thu, 30-Nov-2023 15:17:55 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6Ino2RloycnVWak11ekRscFJWWm1HQlE9PSIsInZhbHVlIjoib0NRTGFDRU1XQ0QrSWRScnhKekRPOFMrVkM0Y2p2WkFYUlB1OXU1MEZwcTh6bEpvenFIMzhRaFRDd0RFVXpEd1FuQ0czSTBhdm50QndlVmZMK0xXRWc9PSIsIm1hYyI6IjFkZTFjM2IyNGI2NGQ4OGQxZTlmNzE5OGFkMjc5ODM4ZTQzMThkZjBiNmJkMzJjNzJhZDk3ODYyZDEwNTE1OWQifQ%3D%3D; expires=Thu, 30-Nov-2023 15:17:55 GMT; Max-Age=7200; path=/; httponly Strict-Transport-Security: max-age=31536000; includeSubDomains Location: https://c.shopbetter.no/36703/183998?access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 10963 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

	c.shopbetter.no/36703/183998?access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433	46.253.116.83		19 kB
URL c.shopbetter.no/36703/183998?access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 IP 46.253.116.83:0 ASN #29551 Aixit GmbH Certificate IssuerLet's Encrypt Subjectshopbetter.no Fingerprint2E:C4:40:DF:67:45:43:F2:BD:3E:08:07:22:A8:75:07:84:1D:06:45 ValidityFri, 10 Nov 2023 22:08:40 GMT - Thu, 08 Feb 2024 22:08:39 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30900) Size 19 kB (18787 bytes) Hash e88f0f97367387ff7596283e6855c211 b2aaef7b5fd9287417f3005ffedc52eae84c7f27 5309c4c47bcbff77f2598b331a640c53b0d183dfd7780387b1e294c4893356f7 HTTP Headers `GET /36703/183998?access_token=bd399555ca3a25b66d2ac7ca3a80ccd20abba433 HTTP/1.1 Host: c.shopbetter.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Thu, 30 Nov 2023 13:17:55 GMT Server: Apache Cache-Control: no-cache, private Set-Cookie: XSRF-TOKEN=eyJpdiI6IkJVRXVPbDdHdnI4d1pcL0JEcHpOTVpRPT0iLCJ2YWx1ZSI6ImdJUVJkZnMrVzlHQVRzXC8yZXl6blUzTEdMUHd0MWpEZnJ0SGdCY3BVc2dkOHNFclJUa3hiRlJBWTE3OFF2RmtndytZUFoyQUYzWWtNS3ZcL21oM0hPYXc9PSIsIm1hYyI6ImI4Mjg3NWY3YjUxMWNhNGU4YzAwZTY5Zjg5YmYwYTRjNDY4M2E4ZTRkMjk4MDJhZGVkMjE1Yzg0NWQ5NzVlNDcifQ%3D%3D; expires=Thu, 30-Nov-2023 15:17:55 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IlR2Y0NVM2hJU0tEd3NGc0hyVkNESXc9PSIsInZhbHVlIjoibFo0ZkxCSURINUZRRllaTlBxeUMxOFEwd1ZJRHdHcnlQXC9zczRraU83Z0RRbTZiSXFBVDlla1k4ZVo3Y2VIN1dDcENQV0JNWjNUVGd3aGtNcElQXC85UT09IiwibWFjIjoiZjc0OTQ3ZDJlNWNjYzBkMzYzYWIyZGY5MDczOWViNmU3OGEyMzVmNTAxNWY1NTAwMzkyMDM2NWE2YTA2NzIzZCJ9; expires=Thu, 30-Nov-2023 15:17:55 GMT; Max-Age=7200; path=/; httponly Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 18787 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by