r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4739
Expires: Wed, 30 Nov 2022 07:30:53 GMT
Date: Wed, 30 Nov 2022 06:11:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6593
Cache-Control: max-age=108550
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:54 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 12:21:04 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3060
Expires: Wed, 30 Nov 2022 07:02:54 GMT
Date: Wed, 30 Nov 2022 06:11:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 05:19:40 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3134
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eYn8T2MPIYhIwDQlvbESNG1WyYk7RiAv9ZuGXCgttxulLMMUM7oncfKx1iw6Zsd0HA9beSXDIDE=
x-amz-request-id: HKA51MPPA2RGHS8C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 05:45:06 GMT
age: 1608
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 06:11:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
meganandbobbyprine.com/
67.227.226.240200 OK 2.3 kB IP 67.227.226.240:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (646)
Hash 60fe50482894b9d6cbe7480264663fef
b4d1d4a32c7b4fdadc0edd85a7a56c429a03610d
05b291e879c28a4672f888f6b346d5de16a316051276d0ebfe8a198bf07ac9ff
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: meganandbobbyprine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 06:11:54 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 06:11:14 GMT
cache-control: public,max-age=3600
age: 41
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6594
Cache-Control: max-age=103487
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:55 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:56:42 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
meganandbobbyprine.com/page/bouncy.php?&bpae=GbhGdK3mvUx7j3OEnvOLfnzw2ra2W6Tndc01OsRqvH1Po3yTGNZLOsuUDqU4LTSzqSTFybJT%2BOX%2BTtqocjc%2BnpxQUGMkW4H4UyqUvrY3X7BHSfsaUjQHRKolfLaDRwMjDDMs0kW48B4bSPn%2FsuzQbM%2FjuFnO9%2BtL2yjqGpPHpDOcK%2FvPpTeSkKlwxfTXJS5eU6LKxSbklh4MBUfQ8E99ZK1jVc77b%2FKifo3UUJiArTHE27AtNbLDYqRa%2F9NlGvohTuCm64NRnMQAaUde5dfisWxikedtItMpUv9FEyTqaIkpKoR18bRDfIrIBj5VrzxP%2FwrEXKh48DcLPQHeU54PkK5zN8KXPfVxtNEnvD9b3qN8tkWpMBLPOykZP6oTghVZp57O%2BzGl30zpVsETCjlP486dhwQ13u8ylHmydwo4J7OZnfXM02idsftn0cGlQGN8g7eWmL091UCby8L1704iqGBaUPLD%2FD41jZT6%2Be3BoIVOJfqNJXqWSxMy9wie%2BFe4n9Wny3frrw%3D%3D&redirectType=js&inIframe=false&inPopUp=false
67.227.226.240200 OK 991 B URL HTTP/1.1 meganandbobbyprine.com/page/bouncy.php?&bpae=GbhGdK3mvUx7j3OEnvOLfnzw2ra2W6Tndc01OsRqvH1Po3yTGNZLOsuUDqU4LTSzqSTFybJT%2BOX%2BTtqocjc%2BnpxQUGMkW4H4UyqUvrY3X7BHSfsaUjQHRKolfLaDRwMjDDMs0kW48B4bSPn%2FsuzQbM%2FjuFnO9%2BtL2yjqGpPHpDOcK%2FvPpTeSkKlwxfTXJS5eU6LKxSbklh4MBUfQ8E99ZK1jVc77b%2FKifo3UUJiArTHE27AtNbLDYqRa%2F9NlGvohTuCm64NRnMQAaUde5dfisWxikedtItMpUv9FEyTqaIkpKoR18bRDfIrIBj5VrzxP%2FwrEXKh48DcLPQHeU54PkK5zN8KXPfVxtNEnvD9b3qN8tkWpMBLPOykZP6oTghVZp57O%2BzGl30zpVsETCjlP486dhwQ13u8ylHmydwo4J7OZnfXM02idsftn0cGlQGN8g7eWmL091UCby8L1704iqGBaUPLD%2FD41jZT6%2Be3BoIVOJfqNJXqWSxMy9wie%2BFe4n9Wny3frrw%3D%3D&redirectType=js&inIframe=false&inPopUp=false
IP 67.227.226.240:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 90afaeaa2c7185b111446fc0ebd5cf9a
9f1bc6cefc3d48c9674ff993041b46734b23141e
daa75a3d39e3d890c7dfb7287186181fcf049166c13fadd51e6bfa1155f5d5d6
GET /page/bouncy.php?&bpae=GbhGdK3mvUx7j3OEnvOLfnzw2ra2W6Tndc01OsRqvH1Po3yTGNZLOsuUDqU4LTSzqSTFybJT%2BOX%2BTtqocjc%2BnpxQUGMkW4H4UyqUvrY3X7BHSfsaUjQHRKolfLaDRwMjDDMs0kW48B4bSPn%2FsuzQbM%2FjuFnO9%2BtL2yjqGpPHpDOcK%2FvPpTeSkKlwxfTXJS5eU6LKxSbklh4MBUfQ8E99ZK1jVc77b%2FKifo3UUJiArTHE27AtNbLDYqRa%2F9NlGvohTuCm64NRnMQAaUde5dfisWxikedtItMpUv9FEyTqaIkpKoR18bRDfIrIBj5VrzxP%2FwrEXKh48DcLPQHeU54PkK5zN8KXPfVxtNEnvD9b3qN8tkWpMBLPOykZP6oTghVZp57O%2BzGl30zpVsETCjlP486dhwQ13u8ylHmydwo4J7OZnfXM02idsftn0cGlQGN8g7eWmL091UCby8L1704iqGBaUPLD%2FD41jZT6%2Be3BoIVOJfqNJXqWSxMy9wie%2BFe4n9Wny3frrw%3D%3D&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1
Host: meganandbobbyprine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://meganandbobbyprine.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 06:11:55 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
52.43.58.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.58.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3H4k2+QN7KosOOedd+4hxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: C8u05zypa80xnkFTw0q2dLnJLAo=
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash a4f328e3d83fa72e086356c911938780
442db29c9def210ee4da564e76e6bc0fd78fc629
dba6c36e31cae2d63f5ab1b1f82bd50b24c15b4c29682d09489d9eaa1895ea4d
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100997
Date: Wed, 30 Nov 2022 06:11:55 GMT
Etag: "6385c325-1d7"
Expires: Thu, 01 Dec 2022 10:15:12 GMT
Last-Modified: Tue, 29 Nov 2022 08:30:29 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8tHJ5pnRyuXgzyOhf70zR3eUC4RsFq0conpFCbpJ1yNXyE9Q5_tYSQ==
Age: 6283
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 14d95870f9a93fd54549a042314601bc
b06bcf8673df2d984a2a953789acd722e548c03d
a0dc6d4cd78e4068278ab54529c604c657409de920e939c2c929b104d906b6bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0DC6D4CD78E4068278AB54529C604C657409DE920E939C2C929B104D906B6BD"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11141
Expires: Wed, 30 Nov 2022 09:17:37 GMT
Date: Wed, 30 Nov 2022 06:11:56 GMT
Connection: keep-alive
bricius-ing.com/zcredirect?visitid=e3466783-7075-11ed-9c4e-127b180f0331&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
3.212.50.125200 OK 721 B URL HTTP/2 bricius-ing.com/zcredirect?visitid=e3466783-7075-11ed-9c4e-127b180f0331&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 3.212.50.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (366)
Hash 3fd452c6473d7adc88c85f6a5116f8f4
b19458ff0bab7d8c1c3dd479b9c486ec5ba4af57
0a6aaab56e138c304661cb0ffec115b3434990a1526049acf8c2f7749499f2d2
GET /zcredirect?visitid=e3466783-7075-11ed-9c4e-127b180f0331&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: bricius-ing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bricius-ing.com/zcvisitor/e3466783-7075-11ed-9c4e-127b180f0331/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 06:11:56 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: yHNiocES
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e04366178cde3e1c49bc2177a5fe1522
76d3292b8b59615da511940cac5039120b7afead
a73b23b47aa8bc231534c2dd12670ad4af61c6b32dc286416cbac9d504592aee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A73B23B47AA8BC231534C2DD12670AD4AF61C6B32DC286416CBAC9D504592AEE"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6235
Expires: Wed, 30 Nov 2022 07:55:51 GMT
Date: Wed, 30 Nov 2022 06:11:56 GMT
Connection: keep-alive
lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=shopping4net.com&s1=623619497&s2=infuscate-hornet&s3=uniform-sop-v2w20q86nd&s5=cf
5.9.110.29200 OK 939 B URL HTTP/1.1 lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=shopping4net.com&s1=623619497&s2=infuscate-hornet&s3=uniform-sop-v2w20q86nd&s5=cf
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document, ASCII text, with very long lines (939), with no line terminators
Hash 56065c5889c41fe64e2788d65956f448
cef44af7ba27a63be8e04359110cbd3187a13ed0
9ee8fdef8473d45ce5405bad79c65c1058f4b8cdcfeb5becad901d669626e3df
GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=shopping4net.com&s1=623619497&s2=infuscate-hornet&s3=uniform-sop-v2w20q86nd&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 06:11:56 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Set-Cookie: 20d33f5c1777432fb02b9bb20fa8a0ce=4c4b9a20094a5f9220c37a8d5e70954b299fe0c759bf8b578cbeb8061fc6cd93a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2220d33f5c1777432fb02b9bb20fa8a0ce%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Thu, 01-Dec-2022 06:11:56 GMT; Max-Age=86400; path=/; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DWDd4eVNMazBSTEhSOThyT0k2L0o0SGdMT0tOcGVZT245MnM4aTVnYUloSkpGNGd1VnE5cC9halhhTU5POFAvNDdWdmZRUFpNYmZuMkhMQzU2WnBHODI5cGh3QmtxZFZPMWtFcEorUFd1ZXlyUlNwZWU1enJteHlvaWxQSzBXYTFYU21EVVZwU1NTVTVMaUhxT25VMW9maExxWGgyVFh6Yk9KWEdzdnFlVUlSdEg5clptN2kzMDhqMi9JR2lRSTFXUGRSdGUrUkZiaDJnKzhxTGovQW5iNVMvQnV0NVNCbVllU0c0NnZ4ckpkaHlFdWZnVk5KekxtbWN4Q1ZCbTNtdHZxTE1rY2JmdHFQbXlFczBkY1IzS2g3ck9pcmJKbUNjRTJzY2ZBRDdudkd2ZjFHeE9TUTlLaDVlck8xSXo4TjZMNHNQSDhOWE9UcFh3QnFmaFoycnA5ZmFSdSt2MXFKYmpKU0VRbWM5RmxaK2YvT25qbXJzMkNBb0djcFFWOUZtVDB1a0NWZVYyeVM3NmpZUG9ob3VjWnZQbUxCSUwrOTNZQjd5b3c9PQ%3D%3D%26i%3DrFDpYHPBm34_r1xg%26placementId%3D390166c157bbee370b2773bd4b66b1be&h=c1ecddd86e855335a6dd86625b9899c3
5.9.110.29200 OK 867 B URL HTTP/1.1 lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DWDd4eVNMazBSTEhSOThyT0k2L0o0SGdMT0tOcGVZT245MnM4aTVnYUloSkpGNGd1VnE5cC9halhhTU5POFAvNDdWdmZRUFpNYmZuMkhMQzU2WnBHODI5cGh3QmtxZFZPMWtFcEorUFd1ZXlyUlNwZWU1enJteHlvaWxQSzBXYTFYU21EVVZwU1NTVTVMaUhxT25VMW9maExxWGgyVFh6Yk9KWEdzdnFlVUlSdEg5clptN2kzMDhqMi9JR2lRSTFXUGRSdGUrUkZiaDJnKzhxTGovQW5iNVMvQnV0NVNCbVllU0c0NnZ4ckpkaHlFdWZnVk5KekxtbWN4Q1ZCbTNtdHZxTE1rY2JmdHFQbXlFczBkY1IzS2g3ck9pcmJKbUNjRTJzY2ZBRDdudkd2ZjFHeE9TUTlLaDVlck8xSXo4TjZMNHNQSDhOWE9UcFh3QnFmaFoycnA5ZmFSdSt2MXFKYmpKU0VRbWM5RmxaK2YvT25qbXJzMkNBb0djcFFWOUZtVDB1a0NWZVYyeVM3NmpZUG9ob3VjWnZQbUxCSUwrOTNZQjd5b3c9PQ%3D%3D%26i%3DrFDpYHPBm34_r1xg%26placementId%3D390166c157bbee370b2773bd4b66b1be&h=c1ecddd86e855335a6dd86625b9899c3
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (867), with no line terminators
Hash 5d2fab9f18a57dbb6402302e92475460
4bc6509561871ce968955fafb1427bcf26458205
c162268d9a3ba89074930bb993abb44e4726dd467aad46f19486c7e1dae09f67
GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DWDd4eVNMazBSTEhSOThyT0k2L0o0SGdMT0tOcGVZT245MnM4aTVnYUloSkpGNGd1VnE5cC9halhhTU5POFAvNDdWdmZRUFpNYmZuMkhMQzU2WnBHODI5cGh3QmtxZFZPMWtFcEorUFd1ZXlyUlNwZWU1enJteHlvaWxQSzBXYTFYU21EVVZwU1NTVTVMaUhxT25VMW9maExxWGgyVFh6Yk9KWEdzdnFlVUlSdEg5clptN2kzMDhqMi9JR2lRSTFXUGRSdGUrUkZiaDJnKzhxTGovQW5iNVMvQnV0NVNCbVllU0c0NnZ4ckpkaHlFdWZnVk5KekxtbWN4Q1ZCbTNtdHZxTE1rY2JmdHFQbXlFczBkY1IzS2g3ck9pcmJKbUNjRTJzY2ZBRDdudkd2ZjFHeE9TUTlLaDVlck8xSXo4TjZMNHNQSDhOWE9UcFh3QnFmaFoycnA5ZmFSdSt2MXFKYmpKU0VRbWM5RmxaK2YvT25qbXJzMkNBb0djcFFWOUZtVDB1a0NWZVYyeVM3NmpZUG9ob3VjWnZQbUxCSUwrOTNZQjd5b3c9PQ%3D%3D%26i%3DrFDpYHPBm34_r1xg%26placementId%3D390166c157bbee370b2773bd4b66b1be&h=c1ecddd86e855335a6dd86625b9899c3 HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: 20d33f5c1777432fb02b9bb20fa8a0ce=4c4b9a20094a5f9220c37a8d5e70954b299fe0c759bf8b578cbeb8061fc6cd93a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2220d33f5c1777432fb02b9bb20fa8a0ce%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 06:11:56 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3861
Expires: Wed, 30 Nov 2022 07:16:18 GMT
Date: Wed, 30 Nov 2022 06:11:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3861
Expires: Wed, 30 Nov 2022 07:16:18 GMT
Date: Wed, 30 Nov 2022 06:11:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3861
Expires: Wed, 30 Nov 2022 07:16:18 GMT
Date: Wed, 30 Nov 2022 06:11:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3861
Expires: Wed, 30 Nov 2022 07:16:18 GMT
Date: Wed, 30 Nov 2022 06:11:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3861
Expires: Wed, 30 Nov 2022 07:16:18 GMT
Date: Wed, 30 Nov 2022 06:11:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
age: 28991
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e77736dabc29463f1235302f62683fb1
bd8bcb18d562ee16f4c54674f82aae312a938ae9
611d1382421bb9ef4846dff061ae7ffc09f1dec65234b7fb9b760c5a5a10f40b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "611D1382421BB9EF4846DFF061AE7FFC09F1DEC65234B7FB9B760C5A5A10F40B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5312
Expires: Wed, 30 Nov 2022 07:40:29 GMT
Date: Wed, 30 Nov 2022 06:11:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbe350ea797a0fec5a19a450fc5de4b4
2f3a39a528d3b759060203931de33c12303592e1
4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:00:54 GMT
age: 29463
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a644078-a260-40cb-abc4-b226762802d4.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a644078-a260-40cb-abc4-b226762802d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cc55889e6edaa76fa8c991914b5347b
9ab86eab2fac1c25eaaaaeeaec28eeb2783d9c8a
3122c681063a6ee629f5516c433ea3cc65f771d3394df1d6c4b0a1cb91100831
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a644078-a260-40cb-abc4-b226762802d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11070
x-amzn-requestid: 3f342f57-8231-4ba9-9105-dd3fa43ca8d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsg9FNAoAMFYgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6384279f-27e7956e0f3a694338951b8a;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:14:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qhq6EXPP69HkKofiAAD5x6j9gVuLzO9qvcwBfYUMiBGR47Sdqccf_g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 05:01:59 GMT
age: 4198
etag: "9ab86eab2fac1c25eaaaaeeaec28eeb2783d9c8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7a6f598-362e-4a6c-ba04-330df636e33b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7a6f598-362e-4a6c-ba04-330df636e33b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3c7e8351884491aeab9323c004bc3f3
127ac68bac21c88ffc6e09cc6666e93de4746a1f
e6fa04c502105c43c85c00d39481d2598c6d8fd56540e10107b6668c51597ae4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7a6f598-362e-4a6c-ba04-330df636e33b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8498
x-amzn-requestid: f6b92060-88d4-49bd-b60e-94d99feca4e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYiBaGPOIAMFu1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867d3c-331dacfb087d23881924eef9;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:44:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Zv5zu1q8h4GFU6agEcDzSVFYuvF74qu7UBnovs3vH5jpu17cmyxjQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:57:37 GMT
age: 29660
etag: "127ac68bac21c88ffc6e09cc6666e93de4746a1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52cf4797-5177-4859-9523-faeb4e38f224.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52cf4797-5177-4859-9523-faeb4e38f224.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c5277610f3a542571abb53ffb3d4df1
ce411cc5b0a37bbd89551d06d7d0349f45734e97
3bf1105631ef7fda0249a46390ca90f904ea73b0a4f017c2db85326550a80a3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52cf4797-5177-4859-9523-faeb4e38f224.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9812
x-amzn-requestid: 70bfeb68-0703-44bf-8550-50c759d52d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDbFolIAMFYBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-73fb65ee2b9161372819207f;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QQCoNlJBSE2V-IQlZr37dhINTABRu3ms9Y1p4FweO36HD-U6m9vvwg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 29952
etag: "ce411cc5b0a37bbd89551d06d7d0349f45734e97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bricius-ing.com/zcvisitor/e3466783-7075-11ed-9c4e-127b180f0331/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
3.212.50.125200 OK 8.8 kB URL HTTP/2 bricius-ing.com/zcvisitor/e3466783-7075-11ed-9c4e-127b180f0331/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
IP 3.212.50.125:0
Hash 050d2fa89e7a161e800f004fdcec6370
b8b36939c41e69b83d248e7319ff6a1c496c7898
80e0c097fb28ac02f9c4c9f38bc2503b6e3f2d64e15b26832f977360163d12f2
Analyzer Verdict Alert fortinet Malware
GET /zcvisitor/e3466783-7075-11ed-9c4e-127b180f0331/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1
Host: bricius-ing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://meganandbobbyprine.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 06:11:55 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: dQtGkOyU
X-Firefox-Spdy: h2
api.yadore.com/v2/r?e=WDd4eVNMazBSTEhSOThyT0k2L0o0SGdMT0tOcGVZT245MnM4aTVnYUloSkpGNGd1VnE5cC9halhhTU5POFAvNDdWdmZRUFpNYmZuMkhMQzU2WnBHODI5cGh3QmtxZFZPMWtFcEorUFd1ZXlyUlNwZWU1enJteHlvaWxQSzBXYTFYU21EVVZwU1NTVTVMaUhxT25VMW9maExxWGgyVFh6Yk9KWEdzdnFlVUlSdEg5clptN2kzMDhqMi9JR2lRSTFXUGRSdGUrUkZiaDJnKzhxTGovQW5iNVMvQnV0NVNCbVllU0c0NnZ4ckpkaHlFdWZnVk5KekxtbWN4Q1ZCbTNtdHZxTE1rY2JmdHFQbXlFczBkY1IzS2g3ck9pcmJKbUNjRTJzY2ZBRDdudkd2ZjFHeE9TUTlLaDVlck8xSXo4TjZMNHNQSDhOWE9UcFh3QnFmaFoycnA5ZmFSdSt2MXFKYmpKU0VRbWM5RmxaK2YvT25qbXJzMkNBb0djcFFWOUZtVDB1a0NWZVYyeVM3NmpZUG9ob3VjWnZQbUxCSUwrOTNZQjd5b3c9PQ==&i=rFDpYHPBm34_r1xg&placementId=390166c157bbee370b2773bd4b66b1be
88.99.112.6302 Found 0 B URL HTTP/2 api.yadore.com/v2/r?e=WDd4eVNMazBSTEhSOThyT0k2L0o0SGdMT0tOcGVZT245MnM4aTVnYUloSkpGNGd1VnE5cC9halhhTU5POFAvNDdWdmZRUFpNYmZuMkhMQzU2WnBHODI5cGh3QmtxZFZPMWtFcEorUFd1ZXlyUlNwZWU1enJteHlvaWxQSzBXYTFYU21EVVZwU1NTVTVMaUhxT25VMW9maExxWGgyVFh6Yk9KWEdzdnFlVUlSdEg5clptN2kzMDhqMi9JR2lRSTFXUGRSdGUrUkZiaDJnKzhxTGovQW5iNVMvQnV0NVNCbVllU0c0NnZ4ckpkaHlFdWZnVk5KekxtbWN4Q1ZCbTNtdHZxTE1rY2JmdHFQbXlFczBkY1IzS2g3ck9pcmJKbUNjRTJzY2ZBRDdudkd2ZjFHeE9TUTlLaDVlck8xSXo4TjZMNHNQSDhOWE9UcFh3QnFmaFoycnA5ZmFSdSt2MXFKYmpKU0VRbWM5RmxaK2YvT25qbXJzMkNBb0djcFFWOUZtVDB1a0NWZVYyeVM3NmpZUG9ob3VjWnZQbUxCSUwrOTNZQjd5b3c9PQ==&i=rFDpYHPBm34_r1xg&placementId=390166c157bbee370b2773bd4b66b1be
IP 88.99.112.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/r?e=WDd4eVNMazBSTEhSOThyT0k2L0o0SGdMT0tOcGVZT245MnM4aTVnYUloSkpGNGd1VnE5cC9halhhTU5POFAvNDdWdmZRUFpNYmZuMkhMQzU2WnBHODI5cGh3QmtxZFZPMWtFcEorUFd1ZXlyUlNwZWU1enJteHlvaWxQSzBXYTFYU21EVVZwU1NTVTVMaUhxT25VMW9maExxWGgyVFh6Yk9KWEdzdnFlVUlSdEg5clptN2kzMDhqMi9JR2lRSTFXUGRSdGUrUkZiaDJnKzhxTGovQW5iNVMvQnV0NVNCbVllU0c0NnZ4ckpkaHlFdWZnVk5KekxtbWN4Q1ZCbTNtdHZxTE1rY2JmdHFQbXlFczBkY1IzS2g3ck9pcmJKbUNjRTJzY2ZBRDdudkd2ZjFHeE9TUTlLaDVlck8xSXo4TjZMNHNQSDhOWE9UcFh3QnFmaFoycnA5ZmFSdSt2MXFKYmpKU0VRbWM5RmxaK2YvT25qbXJzMkNBb0djcFFWOUZtVDB1a0NWZVYyeVM3NmpZUG9ob3VjWnZQbUxCSUwrOTNZQjd5b3c9PQ==&i=rFDpYHPBm34_r1xg&placementId=390166c157bbee370b2773bd4b66b1be HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 06:11:57 GMT
location: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669774500031&.sig=Sh2rOBpEzGk1LcB_.nTKP4BktWQ-&affiliationId=96965886&comId=9468123&country=no&offerId=9cc08af2ecc95c314caa21275f07face&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=0b4fc4d8a1cc4de7084a3a2853ee322bbdfe6e6b1b3fce26f8e5da2c30fc5022&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.25
content-length: 0
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e4a2ae30cd73a7497321a5b199c56339
4f7e96ab880bb10bddffa26ba542d46805ebabcf
2e54334977ebbb1644dca922c2db5a569b74a3d4db4e29c180478d5d4c280a34
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6263
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:57 GMT
Last-Modified: Wed, 30 Nov 2022 04:27:34 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669774500031&.sig=Sh2rOBpEzGk1LcB_.nTKP4BktWQ-&affiliationId=96965886&comId=9468123&country=no&offerId=9cc08af2ecc95c314caa21275f07face&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=0b4fc4d8a1cc4de7084a3a2853ee322bbdfe6e6b1b3fce26f8e5da2c30fc5022&custom2=SRdytlITOR16&custom3=false
95.211.116.27200 OK 33 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669774500031&.sig=Sh2rOBpEzGk1LcB_.nTKP4BktWQ-&affiliationId=96965886&comId=9468123&country=no&offerId=9cc08af2ecc95c314caa21275f07face&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=0b4fc4d8a1cc4de7084a3a2853ee322bbdfe6e6b1b3fce26f8e5da2c30fc5022&custom2=SRdytlITOR16&custom3=false
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash 41b41f4715d123e4596edd4d3f613054
10aaf80377f28b0010bb930c4be8401699b52d8a
a4cba3439f5240e7614534c72557a335d673842f7b5a3901e0c1dd38332438a9
GET /ctl/go/offersearchGo?.ts=1669774500031&.sig=Sh2rOBpEzGk1LcB_.nTKP4BktWQ-&affiliationId=96965886&comId=9468123&country=no&offerId=9cc08af2ecc95c314caa21275f07face&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=0b4fc4d8a1cc4de7084a3a2853ee322bbdfe6e6b1b3fce26f8e5da2c30fc5022&custom2=SRdytlITOR16&custom3=false HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 06:11:57 GMT
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1669788717424_311754
clickId: 107698111_1669788717416_400973
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.020172S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 33042
Set-Cookie: datadome=6gajr2LxNZt5rcjqB6ZYWxVB8hB0MuBGmI-P36JVyTI_CH3MM-AV4tf6NGYeyC0Dg7l5Vgn7yzKVZcehNEvSNFx8ol9g1zqqbdxiB3zE3g5jkdz9SIIyHGCN4PmtKhqt; Max-Age=31536000; Expires=Thu, 30 Nov 2023 06:11:57 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c626f-184c729d168-1e4ce; Max-Age=31536000; Expires=Thu, 30 Nov 2023 06:11:57 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=90
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7eae31d890b19ca8c91f5156827e79c7588bc5cd3a5bbe4903d27942b64fff6139deee6aa161544a69fa7bc25320a211f29d901a4c0d6126978432507439974be815172287246acf196c17f8c7794cceb093cd1bae68076c54bbb87e043d5901b86b79a188fdd3f0e8f4467b46633ce4bb24a3fb66694f5bae132b72b8a02b2268c091bed182621dad5f6cf33b5ae2e7e3b682d14da4987eaab39225854ccc6b9f65f6d26f39cad9ce69877aa7ee555fa63ad0d039a3091201cfb9f719f026c4e954804b2f69a7e1eb11f21dae7a7910c7ac24e8b08a2645a6eb9b416b1f32d76c3f18a753d27949987f51d18c676efb8053bb38bceead961&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1669788717424_311754&clickId=107698111_1669788717416_400973
95.211.116.27200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7eae31d890b19ca8c91f5156827e79c7588bc5cd3a5bbe4903d27942b64fff6139deee6aa161544a69fa7bc25320a211f29d901a4c0d6126978432507439974be815172287246acf196c17f8c7794cceb093cd1bae68076c54bbb87e043d5901b86b79a188fdd3f0e8f4467b46633ce4bb24a3fb66694f5bae132b72b8a02b2268c091bed182621dad5f6cf33b5ae2e7e3b682d14da4987eaab39225854ccc6b9f65f6d26f39cad9ce69877aa7ee555fa63ad0d039a3091201cfb9f719f026c4e954804b2f69a7e1eb11f21dae7a7910c7ac24e8b08a2645a6eb9b416b1f32d76c3f18a753d27949987f51d18c676efb8053bb38bceead961&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1669788717424_311754&clickId=107698111_1669788717416_400973
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7eae31d890b19ca8c91f5156827e79c7588bc5cd3a5bbe4903d27942b64fff6139deee6aa161544a69fa7bc25320a211f29d901a4c0d6126978432507439974be815172287246acf196c17f8c7794cceb093cd1bae68076c54bbb87e043d5901b86b79a188fdd3f0e8f4467b46633ce4bb24a3fb66694f5bae132b72b8a02b2268c091bed182621dad5f6cf33b5ae2e7e3b682d14da4987eaab39225854ccc6b9f65f6d26f39cad9ce69877aa7ee555fa63ad0d039a3091201cfb9f719f026c4e954804b2f69a7e1eb11f21dae7a7910c7ac24e8b08a2645a6eb9b416b1f32d76c3f18a753d27949987f51d18c676efb8053bb38bceead961&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1669788717424_311754&clickId=107698111_1669788717416_400973 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669774500031&.sig=Sh2rOBpEzGk1LcB_.nTKP4BktWQ-&affiliationId=96965886&comId=9468123&country=no&offerId=9cc08af2ecc95c314caa21275f07face&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=0b4fc4d8a1cc4de7084a3a2853ee322bbdfe6e6b1b3fce26f8e5da2c30fc5022&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=6gajr2LxNZt5rcjqB6ZYWxVB8hB0MuBGmI-P36JVyTI_CH3MM-AV4tf6NGYeyC0Dg7l5Vgn7yzKVZcehNEvSNFx8ol9g1zqqbdxiB3zE3g5jkdz9SIIyHGCN4PmtKhqt; kelkooID=a4c626f-184c729d168-1e4ce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 06:11:57 GMT
Request-Time: PT0.001192S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=82
Connection: Keep-Alive
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7eae31d890b19ca8c91f5156827e79c7588bc5cd3a5bbe4903d27942b64fff6139deee6aa161544a69fa7bc25320a211f29d901a4c0d6126978432507439974be815172287246acf196c17f8c7794cceb093cd1bae68076c54bbb87e043d5901b86b79a188fdd3f0e8f4467b46633ce4bb24a3fb66694f5bae132b72b8a02b2268c091bed182621dad5f6cf33b5ae2e7e3b682d14da4987eaab39225854ccc6b9f65f6d26f39cad9ce69877aa7ee555fa63ad0d039a3091201cfb9f719f026c4e954804b2f69a7e1eb11f21dae7a7910c7ac24e8b08a2645a6eb9b416b1f32d76c3f18a753d27949987f51d18c676efb8053bb38bceead961&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1669788717424_311754&clickId=107698111_1669788717416_400973
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7eae31d890b19ca8c91f5156827e79c7588bc5cd3a5bbe4903d27942b64fff6139deee6aa161544a69fa7bc25320a211f29d901a4c0d6126978432507439974be815172287246acf196c17f8c7794cceb093cd1bae68076c54bbb87e043d5901b86b79a188fdd3f0e8f4467b46633ce4bb24a3fb66694f5bae132b72b8a02b2268c091bed182621dad5f6cf33b5ae2e7e3b682d14da4987eaab39225854ccc6b9f65f6d26f39cad9ce69877aa7ee555fa63ad0d039a3091201cfb9f719f026c4e954804b2f69a7e1eb11f21dae7a7910c7ac24e8b08a2645a6eb9b416b1f32d76c3f18a753d27949987f51d18c676efb8053bb38bceead961&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1669788717424_311754&clickId=107698111_1669788717416_400973
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7eae31d890b19ca8c91f5156827e79c7588bc5cd3a5bbe4903d27942b64fff6139deee6aa161544a69fa7bc25320a211f29d901a4c0d6126978432507439974be815172287246acf196c17f8c7794cceb093cd1bae68076c54bbb87e043d5901b86b79a188fdd3f0e8f4467b46633ce4bb24a3fb66694f5bae132b72b8a02b2268c091bed182621dad5f6cf33b5ae2e7e3b682d14da4987eaab39225854ccc6b9f65f6d26f39cad9ce69877aa7ee555fa63ad0d039a3091201cfb9f719f026c4e954804b2f69a7e1eb11f21dae7a7910c7ac24e8b08a2645a6eb9b416b1f32d76c3f18a753d27949987f51d18c676efb8053bb38bceead961&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1669788717424_311754&clickId=107698111_1669788717416_400973 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669774500031&.sig=Sh2rOBpEzGk1LcB_.nTKP4BktWQ-&affiliationId=96965886&comId=9468123&country=no&offerId=9cc08af2ecc95c314caa21275f07face&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=0b4fc4d8a1cc4de7084a3a2853ee322bbdfe6e6b1b3fce26f8e5da2c30fc5022&custom2=SRdytlITOR16&custom3=false
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=6gajr2LxNZt5rcjqB6ZYWxVB8hB0MuBGmI-P36JVyTI_CH3MM-AV4tf6NGYeyC0Dg7l5Vgn7yzKVZcehNEvSNFx8ol9g1zqqbdxiB3zE3g5jkdz9SIIyHGCN4PmtKhqt; kelkooID=a4c626f-184c729d168-1e4ce; _ga=GA1.2.2137282976.1669788716; _gid=GA1.2.853838379.1669788716
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 06:11:57 GMT
Request-Time: PT0.002644S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=99
Connection: Keep-Alive
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7eae31d890b19ca8c91f5156827e79c7588bc5cd3a5bbe4903d27942b64fff6139deee6aa161544a69fa7bc25320a211f29d901a4c0d6126978432507439974be815172287246acf196c17f8c7794cceb093cd1bae68076c54bbb87e043d5901b86b79a188fdd3f0e8f4467b46633ce4bb24a3fb66694f5bae132b72b8a02b2268c091bed182621dad5f6cf33b5ae2e7e3b682d14da4987eaab39225854ccc6b9f65f6d26f39cad9ce69877aa7ee555fa63ad0d039a3091201cfb9f719f026c4e954804b2f69a7e1eb11f21dae7a7910c7ac24e8b08a2645a6eb9b416b1f32d76c3f18a753d27949987f51d18c676efb8053bb38bceead961&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1669788717424_311754&clickId=107698111_1669788717416_400973&url=https%3A%2F%2Fwww.shopping4net.com%2Fno%2FSkjoennhet%2FFor-henne%2FHudpleie%2FGiftset%2FEight-Hour-Cream-Lip-Set.htm%3FsClickID%3DKelkoo-7-3%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DElizabeth%2BArden%2BVisible%2BDifference%2B-%2BGif
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7eae31d890b19ca8c91f5156827e79c7588bc5cd3a5bbe4903d27942b64fff6139deee6aa161544a69fa7bc25320a211f29d901a4c0d6126978432507439974be815172287246acf196c17f8c7794cceb093cd1bae68076c54bbb87e043d5901b86b79a188fdd3f0e8f4467b46633ce4bb24a3fb66694f5bae132b72b8a02b2268c091bed182621dad5f6cf33b5ae2e7e3b682d14da4987eaab39225854ccc6b9f65f6d26f39cad9ce69877aa7ee555fa63ad0d039a3091201cfb9f719f026c4e954804b2f69a7e1eb11f21dae7a7910c7ac24e8b08a2645a6eb9b416b1f32d76c3f18a753d27949987f51d18c676efb8053bb38bceead961&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1669788717424_311754&clickId=107698111_1669788717416_400973&url=https%3A%2F%2Fwww.shopping4net.com%2Fno%2FSkjoennhet%2FFor-henne%2FHudpleie%2FGiftset%2FEight-Hour-Cream-Lip-Set.htm%3FsClickID%3DKelkoo-7-3%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DElizabeth%2BArden%2BVisible%2BDifference%2B-%2BGif
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7eae31d890b19ca8c91f5156827e79c7588bc5cd3a5bbe4903d27942b64fff6139deee6aa161544a69fa7bc25320a211f29d901a4c0d6126978432507439974be815172287246acf196c17f8c7794cceb093cd1bae68076c54bbb87e043d5901b86b79a188fdd3f0e8f4467b46633ce4bb24a3fb66694f5bae132b72b8a02b2268c091bed182621dad5f6cf33b5ae2e7e3b682d14da4987eaab39225854ccc6b9f65f6d26f39cad9ce69877aa7ee555fa63ad0d039a3091201cfb9f719f026c4e954804b2f69a7e1eb11f21dae7a7910c7ac24e8b08a2645a6eb9b416b1f32d76c3f18a753d27949987f51d18c676efb8053bb38bceead961&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1669788717424_311754&clickId=107698111_1669788717416_400973&url=https%3A%2F%2Fwww.shopping4net.com%2Fno%2FSkjoennhet%2FFor-henne%2FHudpleie%2FGiftset%2FEight-Hour-Cream-Lip-Set.htm%3FsClickID%3DKelkoo-7-3%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DElizabeth%2BArden%2BVisible%2BDifference%2B-%2BGif HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669774500031&.sig=Sh2rOBpEzGk1LcB_.nTKP4BktWQ-&affiliationId=96965886&comId=9468123&country=no&offerId=9cc08af2ecc95c314caa21275f07face&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=0b4fc4d8a1cc4de7084a3a2853ee322bbdfe6e6b1b3fce26f8e5da2c30fc5022&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=6gajr2LxNZt5rcjqB6ZYWxVB8hB0MuBGmI-P36JVyTI_CH3MM-AV4tf6NGYeyC0Dg7l5Vgn7yzKVZcehNEvSNFx8ol9g1zqqbdxiB3zE3g5jkdz9SIIyHGCN4PmtKhqt; kelkooID=a4c626f-184c729d168-1e4ce; _ga=GA1.2.2137282976.1669788716; _gid=GA1.2.853838379.1669788716
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Wed, 30 Nov 2022 06:11:57 GMT
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1669788717424_311754
clickId: 107698111_1669788717416_400973
country: no
Location: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.01434S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=5xmon0Yz8Yvp~Z1Z2MyKf9Co_ggnNER~CY0JSXt-JKNJ41WesvxzL1t8TBjhYtD7gwE_JJ8Fg3AWFcklpzyuR2W7IJ5cnarPcQEznCZLfyyBSq~EYB7yZ_pbJHKkxPsq; Max-Age=31536000; Expires=Thu, 30 Nov 2023 06:11:57 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=96
Connection: Keep-Alive
Content-Type: text/plain
www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
62.20.105.103200 OK 29 kB URL HTTP/1.1 www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (17516), with CRLF line terminators
Hash 894e50a8976caef120c980fbd856f010
ac4c9c725c456c41549d6fc7c8a9e9760abbc3d7
09d2bea7c23ff9f66b7d803e848f6d4fe7b16de1e8d591699ffe5cbe4dcd4f79
GET /no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 28805
www.shopping4net.com/partner/shopping4net/css/shopping4net.min.css?v=221116172756
62.20.105.103200 OK 37 kB URL HTTP/1.1 www.shopping4net.com/partner/shopping4net/css/shopping4net.min.css?v=221116172756
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type ASCII text, with very long lines (325)
Hash e0cc3954d9c270dde8b303744c2d0a5a
c9f20afe5e40b6893d26a04b9fbadb78c8fcbdf7
c59ad9f432fa5d6a2ad9d23af18e40ea6e0c38d266beb37b156ad1951e02a923
GET /partner/shopping4net/css/shopping4net.min.css?v=221116172756 HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 16 Nov 2022 16:27:56 GMT
Accept-Ranges: bytes
ETag: "04e262d8f9d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 37114
www.shopping4net.com/Common/Script/bootstrap.min.js
62.20.105.103200 OK 9.9 kB URL HTTP/1.1 www.shopping4net.com/Common/Script/bootstrap.min.js
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type ASCII text, with very long lines (28514)
Hash 4a7e9efe465b9e9b546c47b249cb80cd
8c51c64fb94e03c37ab186a68c99f30dd5af0a49
78187d268890aae9680671ac5559b40e0448bcd805bf091628812a9db5503003
GET /Common/Script/bootstrap.min.js HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Fri, 26 Jul 2013 22:50:48 GMT
Accept-Ranges: bytes
ETag: "054e591528ace1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 9875
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2f97615382bf395ea3c1ec6a0ef44e78
e2288dde80462517f76a882116f35f0eff1450a0
b7b8885a2db7e143edfc34cdfb2a0adf09e946606c86fca2a04160cf78a493c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5669
Cache-Control: max-age=137831
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:58 GMT
Etag: "63865570-117"
Expires: Thu, 01 Dec 2022 20:29:09 GMT
Last-Modified: Tue, 29 Nov 2022 18:54:40 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
www.shopping4net.com/partner/shopping4net/script/newsletter.aspx?v=121019113058
62.20.105.103200 OK 889 B URL HTTP/1.1 www.shopping4net.com/partner/shopping4net/script/newsletter.aspx?v=121019113058
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 1a3a409d2dd7dd7627cb983a1f31ce18
bc0a3cca008525d709e4e2420f4d6675fc0072df
a737c3326f5c7f3c07c10155b37a6baf4a66d3c239e8c4f71dd17c6bfce3a3ec
GET /partner/shopping4net/script/newsletter.aspx?v=121019113058 HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 889
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.shopping4net.com/Common/Script/modernizr-2.6.1-respond-1.1.0.min.js
62.20.105.103200 OK 9.6 kB URL HTTP/1.1 www.shopping4net.com/Common/Script/modernizr-2.6.1-respond-1.1.0.min.js
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type HTML document, ASCII text, with very long lines (14709)
Hash f67b01240ea76c125bdc1c4815f846d0
e67403b56938db18f8865b0726ce0e9aa4e26e1d
e28cf8c0b8efbf5cb1b9985fd87f8d790472f230cf2eaf25122f842f92fda4e6
GET /Common/Script/modernizr-2.6.1-respond-1.1.0.min.js HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Tue, 16 Oct 2012 08:04:18 GMT
Accept-Ranges: bytes
ETag: "02d48d774abcd1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 9624
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.shopping4net.com/Common/Script/jquery.ba-dotimeout.min.js
62.20.105.103200 OK 806 B URL HTTP/1.1 www.shopping4net.com/Common/Script/jquery.ba-dotimeout.min.js
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type ASCII text, with very long lines (801)
Hash 88e8a260e9702ec8957311452570143b
c22bd689675d02e6b47591251ffa4f7c09c9f2fc
976472c5b98cc8b708a41117d05dea2aa6f6bd191f38bf8cb1d7018bdda6a00c
GET /Common/Script/jquery.ba-dotimeout.min.js HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Tue, 16 Oct 2012 08:04:18 GMT
Accept-Ranges: bytes
ETag: "02d48d774abcd1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 806
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2f97615382bf395ea3c1ec6a0ef44e78
e2288dde80462517f76a882116f35f0eff1450a0
b7b8885a2db7e143edfc34cdfb2a0adf09e946606c86fca2a04160cf78a493c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5669
Cache-Control: max-age=137831
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:58 GMT
Etag: "63865570-117"
Expires: Thu, 01 Dec 2022 20:29:09 GMT
Last-Modified: Tue, 29 Nov 2022 18:54:40 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.106:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:01:47 GMT
expires: Wed, 29 Nov 2023 13:01:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 61811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.shopping4net.com/royalslider/royalslider.css
62.20.105.103200 OK 1.5 kB URL HTTP/1.1 www.shopping4net.com/royalslider/royalslider.css
IP 62.20.105.103:0
ASN #3301 Telia Company AB
Hash 3d20186c77c6cd22749e3e00cc597888
c15e69976b72c4886ac6ec56406a9381702de016
9c1658b0e3bd6962ef8e9cd5e3f2dea128c6d72d77ede1b01cc5563b329c8981
GET /royalslider/royalslider.css HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 22 Oct 2019 10:08:40 GMT
Accept-Ranges: bytes
ETag: "0844eadc088d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 1489
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1669774500031%26.sig%3DSh2rOBpEzGk1LcB_.nTKP4BktWQ-%26affiliationId%3D96965886%26comId%3D9468123%26country%3Dno%26offerId%3D9cc08af2ecc95c314caa21275f07face%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D0b4fc4d8a1cc4de7084a3a2853ee322bbdfe6e6b1b3fce26f8e5da2c30fc5022%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C9468123%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Shopping4net.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=2137282976.1669788716&tid=UA-168544891-6&_gid=853838379.1669788716&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1669788717424_311754&cd3=9468123&cd4=a4c626f-184c729d168-1e4ce&cd5=&cd6=96965886%7C9468123%7C&z=42173311
142.250.74.110200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1669774500031%26.sig%3DSh2rOBpEzGk1LcB_.nTKP4BktWQ-%26affiliationId%3D96965886%26comId%3D9468123%26country%3Dno%26offerId%3D9cc08af2ecc95c314caa21275f07face%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D0b4fc4d8a1cc4de7084a3a2853ee322bbdfe6e6b1b3fce26f8e5da2c30fc5022%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C9468123%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Shopping4net.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=2137282976.1669788716&tid=UA-168544891-6&_gid=853838379.1669788716&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1669788717424_311754&cd3=9468123&cd4=a4c626f-184c729d168-1e4ce&cd5=&cd6=96965886%7C9468123%7C&z=42173311
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1669774500031%26.sig%3DSh2rOBpEzGk1LcB_.nTKP4BktWQ-%26affiliationId%3D96965886%26comId%3D9468123%26country%3Dno%26offerId%3D9cc08af2ecc95c314caa21275f07face%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D0b4fc4d8a1cc4de7084a3a2853ee322bbdfe6e6b1b3fce26f8e5da2c30fc5022%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C9468123%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Shopping4net.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=2137282976.1669788716&tid=UA-168544891-6&_gid=853838379.1669788716&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1669788717424_311754&cd3=9468123&cd4=a4c626f-184c729d168-1e4ce&cd5=&cd6=96965886%7C9468123%7C&z=42173311 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Wed, 30 Nov 2022 06:11:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.shopping4net.com/Common/Script/jquery.autocomplete.js
62.20.105.103200 OK 7.9 kB URL HTTP/1.1 www.shopping4net.com/Common/Script/jquery.autocomplete.js
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Hash 5e70eecfb2d7db22c96506cf0a5af7bf
bc5e044351a43c2cec16de24a2b7bb7397a3d68e
ef74ea7bc716bb512fa598b923e3652c3f301db9585a8ac1682b2b822959d399
GET /Common/Script/jquery.autocomplete.js HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 13:43:44 GMT
Accept-Ranges: bytes
ETag: "46ffdb73af5d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 7942
www.shopping4net.com/Common/Script/jquery.validate.js
62.20.105.103200 OK 12 kB URL HTTP/1.1 www.shopping4net.com/Common/Script/jquery.validate.js
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type Unicode text, UTF-8 text, with very long lines (1238)
Hash 2e19b6e9b9bc60d251fe76fdceb6a576
862937a897434e2d3ccdc887d460cda13febeae1
628557d410e251f3c21363962b5bcf91aec6c8b0d5d5ca10cb4df4e5975a10e6
GET /Common/Script/jquery.validate.js HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Tue, 16 Oct 2012 08:04:18 GMT
Accept-Ranges: bytes
ETag: "02d48d774abcd1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 11685
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.shopping4net.com/Common/Script/fsbase.js?v=191015171906
62.20.105.103200 OK 3.6 kB URL HTTP/1.1 www.shopping4net.com/Common/Script/fsbase.js?v=191015171906
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type Unicode text, UTF-8 (with BOM) text, with very long lines (662), with CRLF line terminators
Hash 0423699768425fbcd1b44292bc3f1e2e
a271fe30771489c607cd8049daed89f89ecbd639
3651e8e451ef8afcc96dd6cd057bbccd2923c529ca51c55af0527550492464c7
GET /Common/Script/fsbase.js?v=191015171906 HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Tue, 15 Oct 2019 15:19:06 GMT
Accept-Ranges: bytes
ETag: "05160e26b83d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 3637
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.shopping4net.com/royalslider/skins/default-inverted/rs-default-inverted.css
62.20.105.103200 OK 2.8 kB URL HTTP/1.1 www.shopping4net.com/royalslider/skins/default-inverted/rs-default-inverted.css
IP 62.20.105.103:0
ASN #3301 Telia Company AB
Hash 90373191c0543b109a1fdc8e3331762d
27b3bbfbce4efda693824e0e7b18682f61318501
ca1ff8ac2a57c773c58175251bc315f379918eb749cdb077f393c93b7e974265
GET /royalslider/skins/default-inverted/rs-default-inverted.css HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 22 Oct 2019 08:27:04 GMT
Accept-Ranges: bytes
ETag: "0bcce7bb288d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 2751
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.shopping4net.com/WebResource.axd?d=-2cr83kx1H6xINGrXGg-kr19PvHjopd-uU3rFEwugnG0Y5NBGj-JRa_tHdKu6wg2lBjvcQMHWkwdo8dluof1UJOW-9sdiXNqjheV3gKvUG81&t=635823490080000000
62.20.105.103200 OK 6.0 kB URL HTTP/1.1 www.shopping4net.com/WebResource.axd?d=-2cr83kx1H6xINGrXGg-kr19PvHjopd-uU3rFEwugnG0Y5NBGj-JRa_tHdKu6wg2lBjvcQMHWkwdo8dluof1UJOW-9sdiXNqjheV3gKvUG81&t=635823490080000000
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type ASCII text, with CRLF line terminators
Hash 06fd446079195e9866f38728a31b8416
bce7935598a51703a7077dd75e1d30882533c6e1
5466d19b6349cc09de47de356c3195b2fd367a5ab8f1c55e8aaf2f296915d46d
GET /WebResource.axd?d=-2cr83kx1H6xINGrXGg-kr19PvHjopd-uU3rFEwugnG0Y5NBGj-JRa_tHdKu6wg2lBjvcQMHWkwdo8dluof1UJOW-9sdiXNqjheV3gKvUG81&t=635823490080000000 HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Thu, 30 Nov 2023 03:19:24 GMT
Last-Modified: Thu, 05 Nov 2015 18:36:48 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 6007
fonts.googleapis.com/css?family=Overpass:400,400i,600,700
142.250.74.106200 OK 39 kB URL HTTP/2 fonts.googleapis.com/css?family=Overpass:400,400i,600,700
IP 142.250.74.106:0
Hash bb3f9a0514029d1a39b4fb21cf174c92
ff9f072a2624a70c5c3bc6f90f2846851a760c6d
63dc26b452b3ed08c7cb5949ee9cd956e1334eaefdb8e62c16c8cf392ef8fccf
GET /css?family=Overpass:400,400i,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 06:11:58 GMT
date: Wed, 30 Nov 2022 06:11:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.shopping4net.com/ScriptResource.axd?d=Atyhl56ygMEgmO5_d_XoUXk8x3n5tHqv6kAtpZrArDa5D580uz_hKrA6u3JkYs4XSlmNFmU8huIffSyh7aPjN8iawCPypjgIHa6RK8dq9UJ2TplH6efa-xCXkA4rBJGsadF5cHyL1fS3owpcx5QlFGYLB3IJf4rdVtVsQ4_tojA1&t=ffffffffdcbc5956
62.20.105.103200 OK 5.5 kB URL HTTP/1.1 www.shopping4net.com/ScriptResource.axd?d=Atyhl56ygMEgmO5_d_XoUXk8x3n5tHqv6kAtpZrArDa5D580uz_hKrA6u3JkYs4XSlmNFmU8huIffSyh7aPjN8iawCPypjgIHa6RK8dq9UJ2TplH6efa-xCXkA4rBJGsadF5cHyL1fS3owpcx5QlFGYLB3IJf4rdVtVsQ4_tojA1&t=ffffffffdcbc5956
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash cd81a5effc23af770be1c6ad035a5e4e
ec3cdf31293e2e43fb1f189decc18019cd3d2f23
0bbe6b1d897c994aa54d02d1692b8dd4d64a2f28d809f954ce6ba356c7d16abb
GET /ScriptResource.axd?d=Atyhl56ygMEgmO5_d_XoUXk8x3n5tHqv6kAtpZrArDa5D580uz_hKrA6u3JkYs4XSlmNFmU8huIffSyh7aPjN8iawCPypjgIHa6RK8dq9UJ2TplH6efa-xCXkA4rBJGsadF5cHyL1fS3owpcx5QlFGYLB3IJf4rdVtVsQ4_tojA1&t=ffffffffdcbc5956 HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Thu, 30 Nov 2023 03:19:24 GMT
Last-Modified: Wed, 30 Nov 2022 03:19:24 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 5479
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.shopping4net.com/ScriptResource.axd?d=xwOLVta1a96qYvTZfz8YbJytrukAr__x7_lSKIf5F_mmSIk3IWmrm5R48LKiiDqE8_zOYbNL1UdKe45hypIeNRxCn4NU3ujuPGPZOmX4jvuZgJl0zVojU5VFjueTJ92TC1iJVK3GPTHeDwYSE6xfoYM1-IUeOM3lGfgiSFEAO9s1&t=ffffffffcc58dd65
62.20.105.103200 OK 26 kB URL HTTP/1.1 www.shopping4net.com/ScriptResource.axd?d=xwOLVta1a96qYvTZfz8YbJytrukAr__x7_lSKIf5F_mmSIk3IWmrm5R48LKiiDqE8_zOYbNL1UdKe45hypIeNRxCn4NU3ujuPGPZOmX4jvuZgJl0zVojU5VFjueTJ92TC1iJVK3GPTHeDwYSE6xfoYM1-IUeOM3lGfgiSFEAO9s1&t=ffffffffcc58dd65
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65326), with CRLF line terminators
Hash b62553925bd98826c60457d2eb6b9a46
84dbbb6d9b36a587c21b5a56b1d9e587e33ba943
c58166fe4df4ba8f25a960c21451eaf841d97f6f552f104e43431c9db1c2e2cc
GET /ScriptResource.axd?d=xwOLVta1a96qYvTZfz8YbJytrukAr__x7_lSKIf5F_mmSIk3IWmrm5R48LKiiDqE8_zOYbNL1UdKe45hypIeNRxCn4NU3ujuPGPZOmX4jvuZgJl0zVojU5VFjueTJ92TC1iJVK3GPTHeDwYSE6xfoYM1-IUeOM3lGfgiSFEAO9s1&t=ffffffffcc58dd65 HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Thu, 30 Nov 2023 03:19:24 GMT
Last-Modified: Wed, 30 Nov 2022 03:19:24 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 25609
www.shopping4net.com/royalslider/jquery.royalslider.min.js
62.20.105.103200 OK 22 kB URL HTTP/1.1 www.shopping4net.com/royalslider/jquery.royalslider.min.js
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type ASCII text, with very long lines (566)
Hash 679a9e4de2a39fd9bf22027f72beae76
2840bf1ec0911ec76530e824ffbedd2d4b48195b
312073c7276329fb14bef40370eb414a32e0d46855a0027f3a91cbf1be4d93ae
GET /royalslider/jquery.royalslider.min.js HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Thu, 05 Dec 2013 13:30:28 GMT
Accept-Ranges: bytes
ETag: "0725729bef1ce1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 21657
www.shopping4net.com/ScriptResource.axd?d=8scLtub0DJxoGoKJ7iAV2mrlNIss7dMm5b4NSb_LfKZpgJk5zKHXfEFrFwH8h9wrzw0zwdnwK8ayvliK7M36gKEs6k6dTNbaLNKJ8BCqca4xkxIGiQjoEAoSaIVqf2pJ5uOFv50u0GyWc7sHa7lzMYBvxnrYngjRqgqVbXNFi2DbL8xl8QGziV-SOuZxWOts0&t=ffffffffcc58dd65
62.20.105.103200 OK 10 kB URL HTTP/1.1 www.shopping4net.com/ScriptResource.axd?d=8scLtub0DJxoGoKJ7iAV2mrlNIss7dMm5b4NSb_LfKZpgJk5zKHXfEFrFwH8h9wrzw0zwdnwK8ayvliK7M36gKEs6k6dTNbaLNKJ8BCqca4xkxIGiQjoEAoSaIVqf2pJ5uOFv50u0GyWc7sHa7lzMYBvxnrYngjRqgqVbXNFi2DbL8xl8QGziV-SOuZxWOts0&t=ffffffffcc58dd65
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type Unicode text, UTF-8 (with BOM) text, with very long lines (39257), with CRLF line terminators
Hash 027a7d52e1ceed8aef7dc13505b81d36
33cf0bce6a4c8b44b4a80b3116c978c12ee93fd0
29061464fb6fce2326b952eacaa95c3c6183bfea74c3851390e9838720d372a6
GET /ScriptResource.axd?d=8scLtub0DJxoGoKJ7iAV2mrlNIss7dMm5b4NSb_LfKZpgJk5zKHXfEFrFwH8h9wrzw0zwdnwK8ayvliK7M36gKEs6k6dTNbaLNKJ8BCqca4xkxIGiQjoEAoSaIVqf2pJ5uOFv50u0GyWc7sHa7lzMYBvxnrYngjRqgqVbXNFi2DbL8xl8QGziV-SOuZxWOts0&t=ffffffffcc58dd65 HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Thu, 30 Nov 2023 03:19:24 GMT
Last-Modified: Wed, 30 Nov 2022 03:19:24 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 9984
www.shopping4net.com/Common/Grpx/Mainpage/Brand-Elizabeth-Arden.png
62.20.105.103200 OK 4.2 kB URL HTTP/1.1 www.shopping4net.com/Common/Grpx/Mainpage/Brand-Elizabeth-Arden.png
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type PNG image data, 190 x 55, 8-bit/color RGB, non-interlaced\012- data
Hash f7a57681c3d04754e563c2788e9443b1
fbad4a192f909b9e39382bf61492763c1589280d
35e30fee3ec87cc7ff50be93956a03b3a64e95d2a38058bdaea17f8be85b843e
GET /Common/Grpx/Mainpage/Brand-Elizabeth-Arden.png HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 22 Oct 2013 08:11:51 GMT
Accept-Ranges: bytes
ETag: "ccaae75cfecece1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 4196
www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX-small.jpg
62.20.105.103200 OK 29 kB URL HTTP/1.1 www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX-small.jpg
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 220x220, components 3\012- data
Hash e036f16159ff49a7610e52781caaa5f2
f7e764c18527dd38d4bd741724ab4b3b88a42124
5b33a5a76a576b98fd44b7559529ceec0cfb1c54dad0db609d05c8a55308a42d
GET /Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX-small.jpg HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Fri, 12 Nov 2021 14:41:08 GMT
Accept-Ranges: bytes
ETag: "72372a54d3d7d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 28906
www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CVDC3-EZ-300-XX-XX-small.jpg
62.20.105.103200 OK 8.2 kB URL HTTP/1.1 www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CVDC3-EZ-300-XX-XX-small.jpg
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 220x220, components 3\012- data
Hash 973667f7a00a6aadcd128fafbb7148e3
70d377bffda156e9ce4e7868f474160c8d1e4756
54c7a163a94fedfa5d09f68baac1b8f6402ba25bec80f3aa48a43bc161e8eb2f
GET /Common/PCCs/Products/Grpx/C4Net/Img-CVDC3-EZ-300-XX-XX-small.jpg HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 16 Dec 2019 09:55:04 GMT
Accept-Ranges: bytes
ETag: "bb865e4f6b3d51:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 8201
www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_2-large.jpg
62.20.105.103200 OK 83 kB URL HTTP/1.1 www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_2-large.jpg
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x600, components 3\012- data
Hash 69671a5e3a2f47571842413caf764fd8
a920d38c934c53f53b686a376c9c2fa1b4bc0b11
f7aa36716eeade0aeda45d60c3aed7376206f0ffa8503bc289a2fa45976393a8
GET /Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_2-large.jpg HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Fri, 12 Nov 2021 14:41:08 GMT
Accept-Ranges: bytes
ETag: "41189a54d3d7d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 82860
www.shopping4net.com/Common/Grpx/Mainpage/Brand-Paco-Rabanne.png
62.20.105.103200 OK 3.6 kB URL HTTP/1.1 www.shopping4net.com/Common/Grpx/Mainpage/Brand-Paco-Rabanne.png
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type PNG image data, 210 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash 2b9567276170747606fbd2687f4ce671
84e7a5f65f98baf5db30b060d732ccdd87024033
052c5689d4475cf3c4bbccab80f09a4819e5c9daa878ba9d21ff8a345035c01e
GET /Common/Grpx/Mainpage/Brand-Paco-Rabanne.png HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 06 Dec 2012 12:48:54 GMT
Accept-Ranges: bytes
ETag: "a29beecb0d3cd1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 3589
www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH7-EZ-1-XX-XX-small.jpg
62.20.105.103200 OK 29 kB URL HTTP/1.1 www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH7-EZ-1-XX-XX-small.jpg
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 220x220, components 3\012- data
Hash dee7368ffb17c2362487873c399ea402
363324f25819ce32d8c734a30138ee08060009d0
5e5908fa0b7b44025b311d6051e07be147a3a69d7c78f527661df95a24f1615f
GET /Common/PCCs/Products/Grpx/C4Net/Img-CEAH7-EZ-1-XX-XX-small.jpg HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Fri, 12 Nov 2021 14:41:09 GMT
Accept-Ranges: bytes
ETag: "f5df1555d3d7d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 29149
www.shopping4net.com/Common/Grpx/MainPage/S4n-logo-white-SE.png?v=210202152850
62.20.105.103200 OK 12 kB URL HTTP/1.1 www.shopping4net.com/Common/Grpx/MainPage/S4n-logo-white-SE.png?v=210202152850
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type PNG image data, 432 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash 701e2eaf593ade70d279e20d8cd914ef
24f2e666db16ce6a7a56e50b8bb60ce4d7b18e88
f2a2aa3841fc2b061ae743ca0029a0912b89bf2dd77f6f9f86db998230ceee0c
GET /Common/Grpx/MainPage/S4n-logo-white-SE.png?v=210202152850 HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Feb 2021 14:28:50 GMT
Accept-Ranges: bytes
ETag: "781be5b96ff9d61:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 11926
www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_1-large.jpg
62.20.105.103200 OK 161 kB URL HTTP/1.1 www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_1-large.jpg
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x600, components 3\012- data
Size 161 kB (161355 bytes)
Hash be4c2bff6ea754fe2fcb724150714cbd
6ba52bd7af42567cd889002a0b10d955f897ae5e
3340088909319d45e1a44e29133913f36b5c18291f44b91b1bc5f73d0962810d
GET /Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_1-large.jpg HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Fri, 12 Nov 2021 14:41:08 GMT
Accept-Ranges: bytes
ETag: "b5877d54d3d7d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 161355
www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_3-large.jpg
62.20.105.103200 OK 143 kB URL HTTP/1.1 www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_3-large.jpg
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x600, components 3\012- data
Size 143 kB (142874 bytes)
Hash 5102d94b81f4289c886046bde5cedf21
de1823dafa61e550caa6569341c4b6b7bf12e18c
cf07d47919857f6aded1ba5b347833227f466cce7a097d78a870c9d32c18fe40
GET /Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_3-large.jpg HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Fri, 12 Nov 2021 14:41:09 GMT
Accept-Ranges: bytes
ETag: "237eb54d3d7d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 142874
www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CVDC2-EZ-75-XX-XX-small.jpg
62.20.105.103200 OK 15 kB URL HTTP/1.1 www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CVDC2-EZ-75-XX-XX-small.jpg
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 220x220, components 3\012- data
Hash 086df29011b506a1878e6dc4adb9da8a
22c436214bde89a25139a458f041bddbb3dcb4ac
62d91ea718c5ee844bf6f57b885a0307aa828c0ad58bad973a3a38a9e0b1c904
GET /Common/PCCs/Products/Grpx/C4Net/Img-CVDC2-EZ-75-XX-XX-small.jpg HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 16 Dec 2019 09:55:02 GMT
Accept-Ranges: bytes
ETag: "eb1daae2f6b3d51:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 14843
www.shopping4net.com/Common/Grpx/Mainpage/Brand-Gripen.png
62.20.105.103200 OK 3.4 kB URL HTTP/1.1 www.shopping4net.com/Common/Grpx/Mainpage/Brand-Gripen.png
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type PNG image data, 54 x 55, 8-bit/color RGB, non-interlaced\012- data
Hash 6393fd34c986d6277b79c217641cb522
7e79dcd7d74ae061c79ddd9ad7989c29a64b85b8
19308aee2db016387223858e14b4473eba161931cfe47671c124c3f32c0ec17a
GET /Common/Grpx/Mainpage/Brand-Gripen.png HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 16 Mar 2018 12:52:40 GMT
Accept-Ranges: bytes
ETag: "09cbfaa25bdd31:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 3361
www.shopping4net.com/Common/Grpx/Mainpage/Brand-Van-Cleef.png
62.20.105.103200 OK 17 kB URL HTTP/1.1 www.shopping4net.com/Common/Grpx/Mainpage/Brand-Van-Cleef.png
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type PNG image data, 265 x 55, 8-bit/color RGB, non-interlaced\012- data
Hash 2cec1a646c317c5bf655cca0f938cfd6
2ae0aaac3defa498bfed4878117b90ae8cb9fac8
cbe0be88776b354068e6c8754334a8d1b401b67d5a507a74a53cae4179f20a54
GET /Common/Grpx/Mainpage/Brand-Van-Cleef.png HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 23 May 2013 06:57:16 GMT
Accept-Ranges: bytes
ETag: "d8afb5c28257ce1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 17190
www.shopping4net.com/Common/Grpx/Mainpage/Brand-Hydrea-London.png
62.20.105.103200 OK 6.1 kB URL HTTP/1.1 www.shopping4net.com/Common/Grpx/Mainpage/Brand-Hydrea-London.png
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type PNG image data, 150 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c54dee9551112f96b63afad039680f0
7034eaede9eef5cf58b76cb0678fe4482f411f07
1ce8e5213efe745502358290aaa5be95c0fc33a1db57e02261f0687344f26309
GET /Common/Grpx/Mainpage/Brand-Hydrea-London.png HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 17 Oct 2018 06:54:56 GMT
Accept-Ranges: bytes
ETag: "fb366950e665d41:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 6105
www.shopping4net.com/Common/Grpx/Mainpage/Brand-Wilkinson-Sword.png
62.20.105.103200 OK 6.6 kB URL HTTP/1.1 www.shopping4net.com/Common/Grpx/Mainpage/Brand-Wilkinson-Sword.png
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type PNG image data, 105 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash d25a19ce083590882e4289fd0ffd381b
d47bc5089afaf9fefb3cd34ec2e73d1ba559301b
2b634584ddf81d6a12ccc7e246833b1b2a7475b4600a4dcc15be2afa70905737
GET /Common/Grpx/Mainpage/Brand-Wilkinson-Sword.png HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 27 Mar 2019 14:19:55 GMT
Accept-Ranges: bytes
ETag: "20acd326a8e4d41:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 6608
www.shopping4net.com/Common/Grpx/Mainpage/Brand-Sunday-Rain.png
62.20.105.103200 OK 11 kB URL HTTP/1.1 www.shopping4net.com/Common/Grpx/Mainpage/Brand-Sunday-Rain.png
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type PNG image data, 202 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash 01704b08254eed1684b1be7c8f899f68
714dd6569d3621d8d344318e955ddcbbf13c9bd4
df58faa1870c6b19b17e5dcebb2e22829f49eea8a80358269bc1c7d45679eb48
GET /Common/Grpx/Mainpage/Brand-Sunday-Rain.png HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 16 Mar 2021 08:39:27 GMT
Accept-Ranges: bytes
ETag: "b84b1e03f1ad71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 10565
www.shopping4net.com/font/fontawesome-webfont.woff?v=3.2.1
62.20.105.103200 OK 44 kB URL HTTP/1.1 www.shopping4net.com/font/fontawesome-webfont.woff?v=3.2.1
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type Web Open Font Format, TrueType, length 43572, version 1.0\012- data
Hash b683029bafe0305ac2234038a03e1541
12f8c193902e99348493ace32e498031bf79b654
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
GET /font/fontawesome-webfont.woff?v=3.2.1 HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.shopping4net.com/partner/shopping4net/css/shopping4net.min.css?v=221116172756
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
Last-Modified: Tue, 26 Nov 2013 16:06:06 GMT
Accept-Ranges: bytes
ETag: "06b8169c1eace1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 43572
www.shopping4net.com/Common/Grpx/Mainpage/Brand-PFG-Stockholm.png
62.20.105.103200 OK 10 kB URL HTTP/1.1 www.shopping4net.com/Common/Grpx/Mainpage/Brand-PFG-Stockholm.png
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type PNG image data, 174 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash f5bbbd6ada617364d8da1a929aa2e42b
0f42d9217af46f99bd7ca1b201f4bb2cecf83515
9a50dcb7574905ebe59af3ac3884db6461cb00b7bb05ce7407218a8de75cdb2b
GET /Common/Grpx/Mainpage/Brand-PFG-Stockholm.png HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 08 Mar 2019 09:16:07 GMT
Accept-Ranges: bytes
ETag: "fc52f98f8fd5d41:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 10136
www.shopping4net.com/Common/Grpx/Mainpage/Brand-Les-Freres.png
62.20.105.103200 OK 2.5 kB URL HTTP/1.1 www.shopping4net.com/Common/Grpx/Mainpage/Brand-Les-Freres.png
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type PNG image data, 55 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash 69d499b65e875a5d69cef3f2839fa3aa
4fa98a7b0ed9a71e1dcf0e42abf54397304aef3d
a46b5db94b23e1ecd8b2ffe2ac9f2c77d1bbb8d2971c4985bbc27bfd88292436
GET /Common/Grpx/Mainpage/Brand-Les-Freres.png HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 15 Jan 2020 13:00:15 GMT
Accept-Ranges: bytes
ETag: "e98f1baa3cbd51:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 2484
www.shopping4net.com/Common/Grpx/MainPage/prisjakt-pris-NO-2013.png
62.20.105.103200 OK 8.2 kB URL HTTP/1.1 www.shopping4net.com/Common/Grpx/MainPage/prisjakt-pris-NO-2013.png
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type PNG image data, 64 x 64, 8-bit/color RGBA, interlaced\012- data
Hash a0fe94a788b0576e3daf7ce04d538f39
a049380b4dcbc27753be7c7a04dfbd972db8516c
83646ee474f8fda9ac61ff0644a2697192d49a73100975c244295217478b1a51
GET /Common/Grpx/MainPage/prisjakt-pris-NO-2013.png HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 06 Nov 2015 10:20:56 GMT
Accept-Ranges: bytes
ETag: "92440d37c18d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 8214
www.shopping4net.com/partner/shopping4net/images/PaymentLogos-3.png
62.20.105.103200 OK 4.6 kB URL HTTP/1.1 www.shopping4net.com/partner/shopping4net/images/PaymentLogos-3.png
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type PNG image data, 278 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash d630b10b5d529c201e9cc941abfecf6d
22d5b3ab7c68066c398217227948ef5671bbe4d1
7cf2e834a8d8c23821b1c15222828575eca14047db9b9ee158c680c616e47afe
GET /partner/shopping4net/images/PaymentLogos-3.png HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 06 Mar 2018 16:18:38 GMT
Accept-Ranges: bytes
ETag: "0438fc866b5d31:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:57 GMT
Content-Length: 4576
ocsp.pki.goog/s/gts1d4/7dRTFErkwxQ
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/7dRTFErkwxQ
IP 142.250.74.131:0
Hash 47736de1b71b16d96cac8c292a07cca2
1abe35d23e937fd587012e190c4e8497c9ae666d
200b93072f2e9f295f24ed580478e63f9e9c16e979d79733e81d7486bd309e95
POST /s/gts1d4/7dRTFErkwxQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.shopping4net.com/font/icomoon.ttf
62.20.105.103200 OK 15 kB URL HTTP/1.1 www.shopping4net.com/font/icomoon.ttf
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoonVersion 0.0icomooncmo \012- data
Hash 07c9bac0f16a24794683b40bba24bbf0
294ceb6942b43c049b009ec38288b440e3798067
7b109d631db22abdb1bad37ae9724b0a4466d2fda3df0c609df59f3b8e09798a
GET /font/icomoon.ttf HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/partner/shopping4net/css/shopping4net.min.css?v=221116172756
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Last-Modified: Thu, 05 Dec 2013 14:03:52 GMT
Accept-Ranges: bytes
ETag: "094d1d3c2f1ce1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:58 GMT
Content-Length: 15388
saas.smilee.fi/assets/javascripts/cobrowse.js
34.117.113.3200 OK 405 B URL HTTP/2 saas.smilee.fi/assets/javascripts/cobrowse.js
IP 34.117.113.3:0
File type ASCII text, with very long lines (881), with no line terminators
Hash a486d88ff1094e7524d0bac64b6f3f11
d621156bb6df5d1c0551179c6ebf978fa0d0f107
20e33047617c4fc58ff18cfd628e7201d23c0f521e9ece67187d38dad9259764
GET /assets/javascripts/cobrowse.js HTTP/1.1
Host: saas.smilee.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Fri, 25 Nov 2022 13:21:43 GMT
etag: W/"195-184aef37a58"
content-length: 405
date: Wed, 30 Nov 2022 06:11:58 GMT
x-envoy-upstream-service-time: 6
server: istio-envoy
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_2.jpg
62.20.105.103200 OK 21 kB URL HTTP/1.1 www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_2.jpg
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 270x270, components 3\012- data
Hash 7ba0bf7ae08588aaf80284a17e344a0d
0ab55b635d6e529cbef5311a4d61081188a6cc97
5bbe862278409b87f6dd464cf681bdd28b93192ac6fc3600af95d1f7b16b2675
GET /Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_2.jpg HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Fri, 12 Nov 2021 14:41:08 GMT
Accept-Ranges: bytes
ETag: "fbcf8b54d3d7d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:58 GMT
Content-Length: 20963
www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_1.jpg
62.20.105.103200 OK 40 kB URL HTTP/1.1 www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_1.jpg
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 270x270, components 3\012- data
Hash ac716dbade4f7371dcb1ee21cdb10e79
a578d9cc8ac80a877b4ccdeb605ded6bc3df0c8d
627543bc2d8d6ae760d25ba93b504b6265fea1e495840374c07999e5c3941f16
GET /Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_1.jpg HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Fri, 12 Nov 2021 14:41:08 GMT
Accept-Ranges: bytes
ETag: "824d5054d3d7d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:58 GMT
Content-Length: 40364
www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_3.jpg
62.20.105.103200 OK 35 kB URL HTTP/1.1 www.shopping4net.com/Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_3.jpg
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 270x270, components 3\012- data
Hash 008a982bd6a7b963cbc7d86e9a4797c6
02390180b5a592fd1ad12841532eb8699a14b789
19f064f1f604622c436f22fc8f63d81db3a9a1ae40fe8670b6c437279eecfe4a
GET /Common/PCCs/Products/Grpx/C4Net/Img-CEAH6-EZ-1-XX-XX_3.jpg HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Fri, 12 Nov 2021 14:41:09 GMT
Accept-Ranges: bytes
ETag: "b28fc254d3d7d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:58 GMT
Content-Length: 34606
ocsp.pki.goog/s/gts1d4/7dRTFErkwxQ
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/7dRTFErkwxQ
IP 142.250.74.131:0
Hash 47736de1b71b16d96cac8c292a07cca2
1abe35d23e937fd587012e190c4e8497c9ae666d
200b93072f2e9f295f24ed580478e63f9e9c16e979d79733e81d7486bd309e95
POST /s/gts1d4/7dRTFErkwxQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.shopping4net.com/royalslider/skins/default-inverted/rs-default-inverted.png
62.20.105.103200 OK 2.8 kB URL HTTP/1.1 www.shopping4net.com/royalslider/skins/default-inverted/rs-default-inverted.png
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type PNG image data, 181 x 115, 8-bit/color RGBA, non-interlaced\012- data
Hash 533d3f39b0fdc08879f72c8865236260
eb2de80614d62ffe26783b8adaeab324f2008e2d
21bec7406d0ed7f261f9297693357e16b47e9d2d4f5d2a4ccf425e3fd1980235
GET /royalslider/skins/default-inverted/rs-default-inverted.png HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/royalslider/skins/default-inverted/rs-default-inverted.css
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 05 Dec 2013 13:30:28 GMT
Accept-Ranges: bytes
ETag: "0725729bef1ce1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:58 GMT
Content-Length: 2831
www.shopping4net.com/royalslider/skins/preloaders/preloader.gif
62.20.105.103200 OK 2.0 kB URL HTTP/1.1 www.shopping4net.com/royalslider/skins/preloaders/preloader.gif
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type GIF image data, version 89a, 20 x 20\012- data
Hash 5695f03663b39ed4b9436d789f0b27ec
62be0d1e5848a717a52ea0b923a47f0d0d6086e3
04c9abd7ff30a71e2e308f76c509c325b099ab6e3667859df6ede4b9aebf6c4c
GET /royalslider/skins/preloaders/preloader.gif HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/royalslider/skins/default-inverted/rs-default-inverted.css
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Thu, 05 Dec 2013 13:30:28 GMT
Accept-Ranges: bytes
ETag: "0725729bef1ce1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:58 GMT
Content-Length: 1986
www.shopping4net.com/partner/shopping4net/favicon.ico?v=161018123302
62.20.105.103200 OK 1.2 kB URL HTTP/1.1 www.shopping4net.com/partner/shopping4net/favicon.ico?v=161018123302
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash ba5db14bfd914694f52d551a6b5c7e56
6de12ed2b7bcd7ba935f875666a80c87d21fa73d
8291e5bf614bb73b98b19579519efacda4f18421a6edd6bbe053f97170c69182
GET /partner/shopping4net/favicon.ico?v=161018123302 HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Tue, 18 Oct 2016 10:33:02 GMT
Accept-Ranges: bytes
ETag: "0c3be02b29d21:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:58 GMT
Content-Length: 1150
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c3c6fcc1a6ec6e438b371359a220d437
646d2c502eb3579d0c394dbdd16ef10f60f43063
5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 58
Cache-Control: max-age=98366
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:58 GMT
Etag: "6385d132-1d7"
Expires: Thu, 01 Dec 2022 09:31:24 GMT
Last-Modified: Tue, 29 Nov 2022 09:30:26 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.shopping4net.com/apple-touch-icon-144x144.png
62.20.105.103200 OK 2.9 kB URL HTTP/1.1 www.shopping4net.com/apple-touch-icon-144x144.png
IP 62.20.105.103:0
ASN #3301 Telia Company AB
File type PNG image data, 144 x 144, 8-bit/color RGB, non-interlaced\012- data
Hash 57507df6f0407411fbf3b94a9d71869e
495f6d872b7664df806c78d15f413eb140cae6f0
a4db45c8e78a74e3032d11afeaafb765a519f097dbccbe3704a056fbc4c54887
GET /apple-touch-icon-144x144.png HTTP/1.1
Host: www.shopping4net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/no/Skjoennhet/For-henne/Hudpleie/Giftset/Eight-Hour-Cream-Lip-Set.htm?sClickID=Kelkoo-7-3&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Elizabeth+Arden+Visible+Difference+-+Gif
Cookie: ASP.NET_SessionId=kcupfkjdjkck35alwkfh1nyb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 18 Oct 2016 10:46:44 GMT
Accept-Ranges: bytes
ETag: "02b2ea2c29d21:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Date: Wed, 30 Nov 2022 06:11:58 GMT
Content-Length: 2865
connect.facebook.net/nb_NO/all.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/nb_NO/all.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 2069b2cf7455abc48a4a9d0a2cefc17c
5baacb7e735971479227a114210017efbc0e35e0
9e2bb44ec268465f75a3033fd8a31b0e5f4ab41a6b7a989e3c24be7338189ae8
GET /nb_NO/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: a0c953578ce8ff218e9c8664bea22221
etag: "b4eb57afb0318affcd7ec3ab84cd282c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 30 Nov 2022 06:13:38 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: IGmyz3RVq8SKSp0KLO/BfA==
x-fb-debug: fVLt8F6fc7u/7SkR+lIgRosg3of4H+pxaRflctMG/KfvQAQont6DxEEBVTjdDFk1adjtNmOhhy0eEsvB8UyjOA==
content-length: 1688
x-fb-trip-id: 1904183273
date: Wed, 30 Nov 2022 06:11:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 04:41:08 GMT
expires: Wed, 30 Nov 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 5450
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c3c6fcc1a6ec6e438b371359a220d437
646d2c502eb3579d0c394dbdd16ef10f60f43063
5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 58
Cache-Control: max-age=98366
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:58 GMT
Etag: "6385d132-1d7"
Expires: Thu, 01 Dec 2022 09:31:24 GMT
Last-Modified: Tue, 29 Nov 2022 09:30:26 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/nb_NO/all.js?hash=5f87346a840178503bf21029c851a7ee
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/nb_NO/all.js?hash=5f87346a840178503bf21029c851a7ee
IP 31.13.72.12:0
File type ASCII text, with very long lines (18318)
Hash 509725f01ed7c6b5f8bb645fe7c5ee2d
3d40ee6203f1bc9a4711c71fbed840629b3193ca
3136550beec5664c913b02fb5965d6baa92689d48dfb40eed852134c05d9bdbf
GET /nb_NO/all.js?hash=5f87346a840178503bf21029c851a7ee HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.shopping4net.com
Connection: keep-alive
Referer: https://www.shopping4net.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: eaa36b42d3a40a3e7a563f6d129c1a94
etag: "3a75f984738de7a9f54ac2267959ce7b"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 30 Nov 2023 05:53:39 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: UJcl8B7XxrX4u2Rf58XuLQ==
x-fb-debug: WII1tH7VuJM1sN3+8trPtk32wOMiZ49PJi5N2yrj4j+0+GROLKWyLup9FZw5OldjT/uqEKvHRjIIg5379RY0gA==
priority: u=3,i
content-length: 88248
x-fb-trip-id: 1904183273
date: Wed, 30 Nov 2022 06:11:59 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-46538514-3&cid=539597487.1669788718&jid=909972835&gjid=857848607&_gid=664893676.1669788718&_u=YEBAAAAAAAAAAC~&z=868017622
74.125.131.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-46538514-3&cid=539597487.1669788718&jid=909972835&gjid=857848607&_gid=664893676.1669788718&_u=YEBAAAAAAAAAAC~&z=868017622
IP 74.125.131.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-46538514-3&cid=539597487.1669788718&jid=909972835&gjid=857848607&_gid=664893676.1669788718&_u=YEBAAAAAAAAAAC~&z=868017622 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.shopping4net.com
Connection: keep-alive
Referer: https://www.shopping4net.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.shopping4net.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 30 Nov 2022 06:11:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f58cd30443a495eed3ec0d9827550c1
fd0f53d2acc63ae015b7b42155136ade5841ebc7
333a3cae36081ea37371e32dc9587faacfda5970daa476b3b36cd6f587ce1594
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46538514-3&cid=539597487.1669788718&jid=909972835&_u=YEBAAAAAAAAAAC~&z=273571889
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46538514-3&cid=539597487.1669788718&jid=909972835&_u=YEBAAAAAAAAAAC~&z=273571889
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46538514-3&cid=539597487.1669788718&jid=909972835&_u=YEBAAAAAAAAAAC~&z=273571889 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 06:11:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46538514-3&cid=539597487.1669788718&jid=909972835&_u=YEBAAAAAAAAAAC~&z=273571889
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46538514-3&cid=539597487.1669788718&jid=909972835&_u=YEBAAAAAAAAAAC~&z=273571889
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46538514-3&cid=539597487.1669788718&jid=909972835&_u=YEBAAAAAAAAAAC~&z=273571889 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 06:11:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe837031184a6%26domain%3Dwww.shopping4net.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.shopping4net.com%252Ff1470983bc55da6%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.shopping4net.com%2Fno%2FSkjoennhet%2FFor-henne%2FHudpleie%2FGiftset%2FEight-Hour-Cream-Lip-Set.htm&layout=button_count&locale=nb_NO&sdk=joey&send=true&show_faces=false
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe837031184a6%26domain%3Dwww.shopping4net.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.shopping4net.com%252Ff1470983bc55da6%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.shopping4net.com%2Fno%2FSkjoennhet%2FFor-henne%2FHudpleie%2FGiftset%2FEight-Hour-Cream-Lip-Set.htm&layout=button_count&locale=nb_NO&sdk=joey&send=true&show_faces=false
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe837031184a6%26domain%3Dwww.shopping4net.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.shopping4net.com%252Ff1470983bc55da6%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.shopping4net.com%2Fno%2FSkjoennhet%2FFor-henne%2FHudpleie%2FGiftset%2FEight-Hour-Cream-Lip-Set.htm&layout=button_count&locale=nb_NO&sdk=joey&send=true&show_faces=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 13XLKMvclvCZFDJiST3RVxKSMLT/pvST1y/t77ZCPO1SS2sVVwqvuRzxtfJr3OdFMO01kUCdflTqyIK5X/pwWw==
content-length: 0
date: Wed, 30 Nov 2022 06:11:59 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cookieinfoscript.com/js/cookieinfo.min.js
104.21.34.18200 OK 0 B URL HTTP/2 cookieinfoscript.com/js/cookieinfo.min.js
IP 104.21.34.18:0
GET /js/cookieinfo.min.js HTTP/1.1
Host: cookieinfoscript.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.shopping4net.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 06:11:58 GMT
content-type: application/x-javascript
x-amz-id-2: scD+jI49bgDpkSsayoO8NMGEeMAg8uyEzYmd2TDwWaa5DpJZchpugmE1fcRG0gu3wK+jmB/jBww=
x-amz-request-id: 51SSPQYQZSA5RPMV
x-amz-meta-cb-modifiedtime: Wed, 07 Apr 2021 11:38:58 GMT
last-modified: Wed, 07 Apr 2021 11:39:17 GMT
etag: W/"d15d93068c1121f63008407d339bd819"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWiiuc2vHxAWEOgq%2B%2FKQVxUbjjGgP0%2FKr5NGriSxCr9lhfez1tTyf%2F%2BYfM0tsG%2F45tyAYa80m3pSJYKkMSm0lhJ3WaH7jtHpActWZ4ahAy7G8klHDLFGc%2FhvJNxdydLGSvy8T2FUNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77216dc0b9b9b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2