iepalink.com/IlOysTgNjFrGtHtEAwVo/index.php
77.247.179.89200 OK 498 B URL HTTP/1.1 iepalink.com/IlOysTgNjFrGtHtEAwVo/index.php
IP 77.247.179.89:0
ASN #43350 NForce Entertainment B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (498), with no line terminators
Hash 4bf21d3de2f8979ad413da2f5c5348fd
9373edd77cce8f6295c9ee3a68924c8446a5d241
9bbec2dbe7466f17fce9e5493fd00956c15a486286c4540857701e76cd4c1a70
GET /IlOysTgNjFrGtHtEAwVo/index.php HTTP/1.1
Host: iepalink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 498
content-type: text/html; charset=utf-8
date: Wed, 12 Oct 2022 03:39:20 GMT
server: nginx
set-cookie: sid=74a7871c-49df-11ed-b29b-94b5be865991; path=/; domain=.iepalink.com; expires=Mon, 30 Oct 2090 06:53:27 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0602913f3d432ffbfaa654440972ee1
e5aaf31749e65875fd840091f9a3bba641de413d
5495ad212166703dcd1d17d7aa6ff4d1c40e73dfad703d24f00f60f35bc7d56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5495AD212166703DCD1D17D7AA6FF4D1C40E73DFAD703D24F00F60F35BC7D56C"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8602
Expires: Wed, 12 Oct 2022 06:02:42 GMT
Date: Wed, 12 Oct 2022 03:39:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
54.230.111.7200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 12 Oct 2022 02:49:11 GMT
Expires: Wed, 12 Oct 2022 03:32:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UPc3rI9Poe744HYR_IVmNsM9VlbrVUfOhSCqjX38zceCejGraJdVjQ==
Age: 3009
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ceb45134349ef6afcb5b4bb730678041
15dc3ecb18e30e77cd7c694dd237bff9be583e7a
a39e0827fa31257562bb681e312ec2944a862e9ad4e568a803f6e09e994a6018
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A39E0827FA31257562BB681E312EC2944A862E9AD4E568A803F6E09E994A6018"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8494
Expires: Wed, 12 Oct 2022 06:00:54 GMT
Date: Wed, 12 Oct 2022 03:39:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RPZjJ086cN2dlQ3+mLzmWLXOZRiK6bj1nZMvf6RgEfub6wr3YAQzsc7v4X0dx7trRIkWnim/pfc=
x-amz-request-id: EW6AYEJ9P755RPDX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 12 Oct 2022 03:33:11 GMT
age: 369
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 03:39:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
iepalink.com/favicon.ico
77.247.179.89404 Not Found 9 B IP 77.247.179.89:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: iepalink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iepalink.com/IlOysTgNjFrGtHtEAwVo/index.php
Cookie: sid=74a7871c-49df-11ed-b29b-94b5be865991
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Wed, 12 Oct 2022 03:39:20 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.7200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 12 Oct 2022 03:29:41 GMT
Cache-Control: max-age=3600
Expires: Wed, 12 Oct 2022 03:43:06 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Qaacpk8mggHHv1gjSDz2oFUlOfd89dJq_cb_5k_Y-jeiVk4oEY9IYQ==
Age: 579
iepalink.com/IlOysTgNjFrGtHtEAwVo/index.php?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NTU1MzE2MCwiaWF0IjoxNjY1NTQ1OTYwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2VqYWVmamJwbmFnNGlrM2MyYjA4Z2EiLCJuYmYiOjE2NjU1NDU5NjAsInRzIjoxNjY1NTQ1OTYwMjA5MzMwfQ.EOP1uKv-J73-qNOZlmGgqmqXDqFVEM5u6KL3pwSOCjc&sid=74a7871c-49df-11ed-b29b-94b5be865991
77.247.179.89302 Found 11 B URL HTTP/1.1 iepalink.com/IlOysTgNjFrGtHtEAwVo/index.php?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NTU1MzE2MCwiaWF0IjoxNjY1NTQ1OTYwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2VqYWVmamJwbmFnNGlrM2MyYjA4Z2EiLCJuYmYiOjE2NjU1NDU5NjAsInRzIjoxNjY1NTQ1OTYwMjA5MzMwfQ.EOP1uKv-J73-qNOZlmGgqmqXDqFVEM5u6KL3pwSOCjc&sid=74a7871c-49df-11ed-b29b-94b5be865991
IP 77.247.179.89:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /IlOysTgNjFrGtHtEAwVo/index.php?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NTU1MzE2MCwiaWF0IjoxNjY1NTQ1OTYwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2VqYWVmamJwbmFnNGlrM2MyYjA4Z2EiLCJuYmYiOjE2NjU1NDU5NjAsInRzIjoxNjY1NTQ1OTYwMjA5MzMwfQ.EOP1uKv-J73-qNOZlmGgqmqXDqFVEM5u6KL3pwSOCjc&sid=74a7871c-49df-11ed-b29b-94b5be865991 HTTP/1.1
Host: iepalink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iepalink.com/IlOysTgNjFrGtHtEAwVo/index.php
Cookie: sid=74a7871c-49df-11ed-b29b-94b5be865991
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Wed, 12 Oct 2022 03:39:21 GMT
location: http://blode-cpq.com/zcvisitor/74f325a5-49df-11ed-a8a5-1224b5622e95/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
server: nginx
set-cookie: sid=74a7871c-49df-11ed-b29b-94b5be865991; path=/; domain=.iepalink.com; expires=Mon, 30 Oct 2090 06:53:28 GMT; max-age=2147483647; HttpOnly
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 34c15fee665f03aab24038618bb2d9a7
6b90ea5a496581b83daf1764938d1db1a5a32bb4
93e99055eb4a94f808eed2fac338d6c480047c30a56498b2a65036a7d5bdea04
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6128
Cache-Control: max-age=108577
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 03:39:21 GMT
Etag: "6345241a-1d7"
Expires: Thu, 13 Oct 2022 09:48:58 GMT
Last-Modified: Tue, 11 Oct 2022 08:06:50 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
blode-cpq.com/zcvisitor/74f325a5-49df-11ed-a8a5-1224b5622e95/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
34.239.209.41200 996 B URL HTTP/1.1 blode-cpq.com/zcvisitor/74f325a5-49df-11ed-a8a5-1224b5622e95/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
IP 34.239.209.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e6069800f410ade784c351a6fe56fdd8
6cfcd84733d7d6c8948492d776c939189f38c355
318f74069267e2d742d0121008085afbe4e40e283171627ced9157b354339771
Analyzer Verdict Alert fortinet Phishing
GET /zcvisitor/74f325a5-49df-11ed-a8a5-1224b5622e95/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1
Host: blode-cpq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iepalink.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Wed, 12 Oct 2022 03:39:21 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: CGzdRNdC
blode-cpq.com/zcredirect?visitid=74f325a5-49df-11ed-a8a5-1224b5622e95&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
34.239.209.41200 354 B URL HTTP/1.1 blode-cpq.com/zcredirect?visitid=74f325a5-49df-11ed-a8a5-1224b5622e95&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP 34.239.209.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d44795132835ee4f982e6bd389a42b8b
a12088a3dd0b3d5af1faef04f30b2165abc43f7a
c95d41094f83fe64dc73020bfa0c5714a5cd5c2770bb34b0afcd7eed9c175ff2
GET /zcredirect?visitid=74f325a5-49df-11ed-a8a5-1224b5622e95&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: blode-cpq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blode-cpq.com/zcvisitor/74f325a5-49df-11ed-a8a5-1224b5622e95/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Wed, 12 Oct 2022 03:39:21 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: ALGPeUGd
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sMuCeH75klpzKS6wbdKAtg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IqJSEN6YZiE58roi/WEUoTAiiWU=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 45385ab8da1b3c7920662c8609dfc5a4
c79a28cc1089b86cde01d963758a079164c80a86
a327805c1802c693849ac440e9f042ce14d2e4d1cea45ba6a0b6098300cfa519
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A327805C1802C693849AC440E9F042CE14D2E4D1CEA45BA6A0B6098300CFA519"
Last-Modified: Wed, 12 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12780
Expires: Wed, 12 Oct 2022 07:12:21 GMT
Date: Wed, 12 Oct 2022 03:39:21 GMT
Connection: keep-alive
clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=victor-oft-0sg99IhD
78.46.197.88200 OK 356 B URL HTTP/2 clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=victor-oft-0sg99IhD
IP 78.46.197.88:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (356), with no line terminators
Hash eb50c28b4cb0f4b006bab72edc38e06b
33ff6da3cfc369fd49d5b7dc1d706e5e75c8f559
82c3bde10a4092960e69362976d0cd47f50dd1f6d5ceed36e08a5bd6a86ebbb7
GET /s/r6?s=623619497&s2=badious-buzzard&s3=victor-oft-0sg99IhD HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://blode-cpq.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
set-cookie: e2742bb10f6ed39af366909bae89e92e=c4bd43093e2a43c5f34ed6859a3d0087af7be31db0c59745843b4acdc5cb667da%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22e2742bb10f6ed39af366909bae89e92e%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Thu, 13-Oct-2022 03:39:21 GMT; Max-Age=86400; path=/; HttpOnly
content-length: 356
content-type: text/html; charset=UTF-8
date: Wed, 12 Oct 2022 03:39:21 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bb2ad857e0826ba5f629755c14e60fe7
4a31491aa4079c9ff875f6278294125eef7ffd4a
8f57dfb90fa5823e241ce7b4c1f12efb5bb121c7e8ed69cb8226e086f0b53284
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F57DFB90FA5823E241CE7B4C1F12EFB5BB121C7E8ED69CB8226E086F0B53284"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18095
Expires: Wed, 12 Oct 2022 08:40:57 GMT
Date: Wed, 12 Oct 2022 03:39:22 GMT
Connection: keep-alive
lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=tjenestetorget.no&s1=623619497&s2=badious-buzzard&s3=victor-oft-0sg99IhD&s5=cf
5.9.110.29200 OK 616 B URL HTTP/1.1 lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=tjenestetorget.no&s1=623619497&s2=badious-buzzard&s3=victor-oft-0sg99IhD&s5=cf
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document, ASCII text, with very long lines (616), with no line terminators
Hash a2da424228b36758421ad7476a4522d8
ec2ea309d510205bbafaa96e544142b234e5e82a
43f83591045337261f8c3213b19fdb9c47335812da0de5c1733a037a9c15834c
GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=tjenestetorget.no&s1=623619497&s2=badious-buzzard&s3=victor-oft-0sg99IhD&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 03:39:22 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Set-Cookie: 40c4b18782ff56ffac54fd43750cf18a=a135458adb50485efba764199eb2f6f2ba3c8a7cadfbab794e9e5e639cd9f0d1a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2240c4b18782ff56ffac54fd43750cf18a%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Thu, 13-Oct-2022 03:39:22 GMT; Max-Age=86400; path=/; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DY2JFVDZWS29Gbk1Tejh3SWtHVWd0VWNtMlJScEE2SHdsT0ZSYllSQ3o1VnFJVDdFM2lJNkpaVWdUYXZnNUk5R2xndkxWdkMyZ2k2YnN2ZmdyV0kwN1pPTEN2YW1xVTBQSHI2MHJKVE92QzhRZjJyTXdPNGxjMFh1Yk9jWGtrM0FOck84REhjbkRpbUhGTHNlbkI5bHNwL2lkNkJBWFRwSVlmT2kzZ2pQbnFLNUZGVT0%3D%26i%3DaS4D7JfYHgNJh1fY%26placementId%3D47b58bdbc3b5c9f50e9d138a353be550&h=cc515acdf8cde28cadd54b1360fe7ccc
5.9.110.29200 OK 544 B URL HTTP/1.1 lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DY2JFVDZWS29Gbk1Tejh3SWtHVWd0VWNtMlJScEE2SHdsT0ZSYllSQ3o1VnFJVDdFM2lJNkpaVWdUYXZnNUk5R2xndkxWdkMyZ2k2YnN2ZmdyV0kwN1pPTEN2YW1xVTBQSHI2MHJKVE92QzhRZjJyTXdPNGxjMFh1Yk9jWGtrM0FOck84REhjbkRpbUhGTHNlbkI5bHNwL2lkNkJBWFRwSVlmT2kzZ2pQbnFLNUZGVT0%3D%26i%3DaS4D7JfYHgNJh1fY%26placementId%3D47b58bdbc3b5c9f50e9d138a353be550&h=cc515acdf8cde28cadd54b1360fe7ccc
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (544), with no line terminators
Hash f1acd6c12cb721a54f600532b9dfef14
eba5db79eadcd3cee438ddead493459b8f50656a
62b886a32b361ed5b129e28ae3fe8cfec99b59b52d1ac1b93faac72b954a94f7
GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DY2JFVDZWS29Gbk1Tejh3SWtHVWd0VWNtMlJScEE2SHdsT0ZSYllSQ3o1VnFJVDdFM2lJNkpaVWdUYXZnNUk5R2xndkxWdkMyZ2k2YnN2ZmdyV0kwN1pPTEN2YW1xVTBQSHI2MHJKVE92QzhRZjJyTXdPNGxjMFh1Yk9jWGtrM0FOck84REhjbkRpbUhGTHNlbkI5bHNwL2lkNkJBWFRwSVlmT2kzZ2pQbnFLNUZGVT0%3D%26i%3DaS4D7JfYHgNJh1fY%26placementId%3D47b58bdbc3b5c9f50e9d138a353be550&h=cc515acdf8cde28cadd54b1360fe7ccc HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: 40c4b18782ff56ffac54fd43750cf18a=a135458adb50485efba764199eb2f6f2ba3c8a7cadfbab794e9e5e639cd9f0d1a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2240c4b18782ff56ffac54fd43750cf18a%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 03:39:22 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8704
Expires: Wed, 12 Oct 2022 06:04:26 GMT
Date: Wed, 12 Oct 2022 03:39:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8704
Expires: Wed, 12 Oct 2022 06:04:26 GMT
Date: Wed, 12 Oct 2022 03:39:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8704
Expires: Wed, 12 Oct 2022 06:04:26 GMT
Date: Wed, 12 Oct 2022 03:39:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8704
Expires: Wed, 12 Oct 2022 06:04:26 GMT
Date: Wed, 12 Oct 2022 03:39:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a6de788-8d97-4f94-bc1e-5e186ab0f084.webp
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a6de788-8d97-4f94-bc1e-5e186ab0f084.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5935f664339bfd6b3a680e0293a85206
6939666e52ea22d84546b37908a05205a7e86114
6afabffe02d71e1cdad6868d9c372627c6248511d4320f6dd1ad984e2212d162
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a6de788-8d97-4f94-bc1e-5e186ab0f084.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10735
x-amzn-requestid: 5c584c89-219f-49a8-8a3a-ce572550d7a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BPMEqmIAMFf1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e261-557d611664d69d6a678a40da;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nMtQeCV6lx8Y_JbrATc2akklt26o-CXjXwx-aNtmhuBhlNGlkfvVQw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 22:11:28 GMT
age: 19674
etag: "6939666e52ea22d84546b37908a05205a7e86114"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d2e6a3-fdda-4fcf-8005-616606887def.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d2e6a3-fdda-4fcf-8005-616606887def.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cb1cec13e512112d85f494c2207dad9
b90edfbd7f9f5ee0a4d11597c8a9f79f75ff0efb
78f7e4cc530967e019ba13b85b5ae9350c80d138a5f3727be81a4b72e5e00491
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d2e6a3-fdda-4fcf-8005-616606887def.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9712
x-amzn-requestid: c47fefde-d06c-4c1e-ab92-189808a9b67e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BLOEEsoAMFRyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e247-1dde77920432dd6d0f0736f2;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: F4dbsXMh5TBVqS2os9ShcFB6ZXBwooVDbBEp0xAm-DT-5hEgwU36HQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:56:43 GMT
etag: "b90edfbd7f9f5ee0a4d11597c8a9f79f75ff0efb"
content-type: image/jpeg
age: 20559
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29343d49-0496-4fa8-a9fd-57bc7c016c4b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29343d49-0496-4fa8-a9fd-57bc7c016c4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd4d75488f43e3043ff2128ced92afbf
c6f3d4e851fcd59b7b30b57cd2b2a3b3be167903
200daa637b122cd4f8dcefadfe70172ad849981aeae9b90016b4ac624df61ef5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29343d49-0496-4fa8-a9fd-57bc7c016c4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11471
x-amzn-requestid: 07e93e6b-2340-4706-8867-d17d620528a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3AkhFwRoAMFQ6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e14f-0dbff9d342d48af57e10f854;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:34:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dQYZ7O6E63ro5mVgvJVFMDKGFDmWtGdossBb-uU5urs-1fAwbD3V4w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 22:07:08 GMT
age: 19934
etag: "c6f3d4e851fcd59b7b30b57cd2b2a3b3be167903"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5dcf5ef-7db7-4ea1-94ab-4f64163898dc.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5dcf5ef-7db7-4ea1-94ab-4f64163898dc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c44735cb9a0eba8f445262a24c9cc478
ef570c9938890ec942e4786cc549d687cb8a2e95
5974dbdba95af9dbaeb5ef6ff4a2e045e88482987c296e6afba5381b14da9600
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5dcf5ef-7db7-4ea1-94ab-4f64163898dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6504
x-amzn-requestid: 21151bfb-93e7-485c-9ab3-13b7439e09ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3B7uE1iIAMFnww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e37e-54087c9c7a4b72962bf78531;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:43:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vINWu8ABGbLR_tD2eMQaKXFxdY34qMkAQIpOvNq5qchVYpLetmPzqw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 22:09:04 GMT
age: 19818
etag: "ef570c9938890ec942e4786cc549d687cb8a2e95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd952f4-819b-4d3c-91a1-0f9020bae81c.png
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd952f4-819b-4d3c-91a1-0f9020bae81c.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d31330d47548d966e50813d7e2253551
ec0a371cca2d4e43f3375dd6b699478c5af62884
309f2cf9ccd62d5c2fd8713836b602317875f4273ef560f3bf3d681aa868b9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd952f4-819b-4d3c-91a1-0f9020bae81c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9325
x-amzn-requestid: 6a0388e5-97d6-42f4-b54d-a3f4826f2293
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZxMaDE2JoAMFieg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63438dd9-76ff69230ce03c033b35a4c4;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 03:13:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TQR3RWU9GhRmffPnjHBHVtlPRtbJtpT2QwWcXTL98IasJTmIW1_IPQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 04:00:51 GMT
age: 85111
etag: "ec0a371cca2d4e43f3375dd6b699478c5af62884"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e9aa9808428e5fd81ac9d61d6f7c708
3a8d76badce50dd98938885082dcb6e30363ae88
d8f7c48a1cbe04af2f7e0455d1ef7af9b63506b9ae343ebf14ece8689bb06bf6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11800
x-amzn-requestid: 5f2ce4dd-0df8-4df7-a12d-e6fffd622752
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZnTQHGADIAMFXfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f98cd-5044665325e5d64975c1ff0c;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 03:11:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZKsi1hYgZdJQNWpphaMVLfpg69dC93J575Y2RsOzFV3ZzBb6x-nrew==
via: 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 22:22:17 GMT
age: 19025
etag: "3a8d76badce50dd98938885082dcb6e30363ae88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dca22a95eb2b4d8674fb192b896e0ec0
7998aab074066fde50d37798a8ac3d554ce5b70f
e19971fd22354fa5fbfe0906eceaf3e703626381d997caa7b1312c3846fb3113
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E19971FD22354FA5FBFE0906ECEAF3E703626381D997CAA7B1312C3846FB3113"
Last-Modified: Tue, 11 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18841
Expires: Wed, 12 Oct 2022 08:53:23 GMT
Date: Wed, 12 Oct 2022 03:39:22 GMT
Connection: keep-alive
api.yadore.com/v2/r/deeplink?e=Y2JFVDZWS29Gbk1Tejh3SWtHVWd0VWNtMlJScEE2SHdsT0ZSYllSQ3o1VnFJVDdFM2lJNkpaVWdUYXZnNUk5R2xndkxWdkMyZ2k2YnN2ZmdyV0kwN1pPTEN2YW1xVTBQSHI2MHJKVE92QzhRZjJyTXdPNGxjMFh1Yk9jWGtrM0FOck84REhjbkRpbUhGTHNlbkI5bHNwL2lkNkJBWFRwSVlmT2kzZ2pQbnFLNUZGVT0=&i=aS4D7JfYHgNJh1fY&placementId=47b58bdbc3b5c9f50e9d138a353be550
88.99.112.2302 Found 0 B URL HTTP/2 api.yadore.com/v2/r/deeplink?e=Y2JFVDZWS29Gbk1Tejh3SWtHVWd0VWNtMlJScEE2SHdsT0ZSYllSQ3o1VnFJVDdFM2lJNkpaVWdUYXZnNUk5R2xndkxWdkMyZ2k2YnN2ZmdyV0kwN1pPTEN2YW1xVTBQSHI2MHJKVE92QzhRZjJyTXdPNGxjMFh1Yk9jWGtrM0FOck84REhjbkRpbUhGTHNlbkI5bHNwL2lkNkJBWFRwSVlmT2kzZ2pQbnFLNUZGVT0=&i=aS4D7JfYHgNJh1fY&placementId=47b58bdbc3b5c9f50e9d138a353be550
IP 88.99.112.2:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/r/deeplink?e=Y2JFVDZWS29Gbk1Tejh3SWtHVWd0VWNtMlJScEE2SHdsT0ZSYllSQ3o1VnFJVDdFM2lJNkpaVWdUYXZnNUk5R2xndkxWdkMyZ2k2YnN2ZmdyV0kwN1pPTEN2YW1xVTBQSHI2MHJKVE92QzhRZjJyTXdPNGxjMFh1Yk9jWGtrM0FOck84REhjbkRpbUhGTHNlbkI5bHNwL2lkNkJBWFRwSVlmT2kzZ2pQbnFLNUZGVT0=&i=aS4D7JfYHgNJh1fY&placementId=47b58bdbc3b5c9f50e9d138a353be550 HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Wed, 12 Oct 2022 03:39:22 GMT
location: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ftjenestetorget.no%2F&custom1=ce2df1bd3a8f7ba59848b10e77422a50f4a7a8419f83e75fadde8363e7ed7dcf&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.24
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 667212d656fd1f49afb607f2553f8c43
c4b548c3167997e804ac996d425acc90bf6b9dfd
cd35a86a326e03fd775cf576c361e2faa6a3dcf9e2b6554d676902c3d8116112
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168347
Date: Wed, 12 Oct 2022 03:39:22 GMT
Etag: "63462585-1d7"
Expires: Fri, 14 Oct 2022 02:25:09 GMT
Last-Modified: Wed, 12 Oct 2022 02:25:09 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jy7UzGJJK8pGNcsOg_tRyu2P-a5xaNrfc9JySdMTiWqOprHvFrtbAg==
api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ftjenestetorget.no%2F&custom1=ce2df1bd3a8f7ba59848b10e77422a50f4a7a8419f83e75fadde8363e7ed7dcf&custom2=SRdytlITOR16&custom3=false
54.230.111.108302 Found 0 B URL HTTP/2 api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ftjenestetorget.no%2F&custom1=ce2df1bd3a8f7ba59848b10e77422a50f4a7a8419f83e75fadde8363e7ed7dcf&custom2=SRdytlITOR16&custom3=false
IP 54.230.111.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ftjenestetorget.no%2F&custom1=ce2df1bd3a8f7ba59848b10e77422a50f4a7a8419f83e75fadde8363e7ed7dcf&custom2=SRdytlITOR16&custom3=false HTTP/1.1
Host: api.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1665545963681&.sig=CT617_4QtSaZ5BacATlWX4UdcUM-&affiliationId=96965886&comId=100523305&country=no&cpcId=499331&merchantName=Tjenstetorget.no&searchId=1076100343720963_1665545963021_21861043&service=30&url=https%3A%2F%2Ftjenestetorget.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=ce2df1bd3a8f7ba59848b10e77422a50f4a7a8419f83e75fadde8363e7ed7dcf
x-gravitee-transaction-id: 0de02c3b-c692-4766-a02c-3bc692276688
x-gravitee-request-id: 0de02c3b-c692-4766-a02c-3bc692276688
vary: Origin
request-time: 663
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
date: Wed, 12 Oct 2022 03:39:23 GMT
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MG1U8jthIDahQ4pbUweXPFzOUSDaRsd3YUZhjm-DKSDaE_1VFyfOow==
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb27eb4aa067e017f055c35e73b1248a
baebb072479e19e3c86d687b5a4d798d0452930d
255a2ec7ca836ec540868cfd915ea4532b740d74b9e58c10bd1c7ea38dd4e1de
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5332
Cache-Control: max-age=138007
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 03:39:23 GMT
Etag: "63459a2e-1d7"
Expires: Thu, 13 Oct 2022 17:59:30 GMT
Last-Modified: Tue, 11 Oct 2022 16:30:38 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1665545963681&.sig=CT617_4QtSaZ5BacATlWX4UdcUM-&affiliationId=96965886&comId=100523305&country=no&cpcId=499331&merchantName=Tjenstetorget.no&searchId=1076100343720963_1665545963021_21861043&service=30&url=https%3A%2F%2Ftjenestetorget.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=ce2df1bd3a8f7ba59848b10e77422a50f4a7a8419f83e75fadde8363e7ed7dcf
95.211.116.27200 OK 33 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1665545963681&.sig=CT617_4QtSaZ5BacATlWX4UdcUM-&affiliationId=96965886&comId=100523305&country=no&cpcId=499331&merchantName=Tjenstetorget.no&searchId=1076100343720963_1665545963021_21861043&service=30&url=https%3A%2F%2Ftjenestetorget.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=ce2df1bd3a8f7ba59848b10e77422a50f4a7a8419f83e75fadde8363e7ed7dcf
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash 01f52156583d018256363fbb7fa2e940
7079b2b12e4c393241de5daa1ed2a2906c6f4a94
e9bb04dc8ecbad27e55b8b7dbf4b8f593cc2a8bc8bfa959e040ae5770d6eda55
GET /ctl/go/merchantGo?.ts=1665545963681&.sig=CT617_4QtSaZ5BacATlWX4UdcUM-&affiliationId=96965886&comId=100523305&country=no&cpcId=499331&merchantName=Tjenstetorget.no&searchId=1076100343720963_1665545963021_21861043&service=30&url=https%3A%2F%2Ftjenestetorget.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=ce2df1bd3a8f7ba59848b10e77422a50f4a7a8419f83e75fadde8363e7ed7dcf HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 03:39:23 GMT
leadId: dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856
clickId: 107698154_1665545963799_522755
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.012323S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 32832
Set-Cookie: datadome=CZ.Iy~qG7QrW6jDL76_9cJ._7L1v74AenkBspkh6CR-M7F5evYp20~_U-jZ-SoqwDfA~0cedN6YS3sGtISR_0iZaDoyQ8KxdzSiZejD0G52ycEQGTXp9Gm9-SeiDZGH; Max-Age=31536000; Expires=Thu, 12 Oct 2023 03:39:23 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c629a-183ca468917-22fb1; Max-Age=31536000; Expires=Thu, 12 Oct 2023 03:39:23 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=92
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421717a01f787d4a170128715f4f881cfd7528f43994fb858b3d2aabab0e3d88be845204fd85b2878063b6acf4971e260dd164addf10d0de4dc0d7a99f52faa4a1b4643cd80b784b3ee9730b0336569009a21b9acba591a7d1b640429911c7ee3cc00343080ce1642a4d00ad475ea553edbb821768d69926158b6b1121219ed72191b1d7422fd90511d15b7e4e2da1e34ff6bbbad88e8a4d5b8e229c1e8f74c16d38b8d1bf24809c74da9483753bc7b61975fc82759668db7c501f9746f075f9be1abcea99d093d8e840687785143cd5c2b48b65053f69d7b68459bc11594923bba0566a65db0de8638c9d77b4d42d39326fd608448b8a311e756fd5ac7a2472f5fd097dcd85a8cdec9a9ced89abbca7369a2f8dcf52fd4eaca&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&clickId=107698154_1665545963799_522755
95.211.116.27200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421717a01f787d4a170128715f4f881cfd7528f43994fb858b3d2aabab0e3d88be845204fd85b2878063b6acf4971e260dd164addf10d0de4dc0d7a99f52faa4a1b4643cd80b784b3ee9730b0336569009a21b9acba591a7d1b640429911c7ee3cc00343080ce1642a4d00ad475ea553edbb821768d69926158b6b1121219ed72191b1d7422fd90511d15b7e4e2da1e34ff6bbbad88e8a4d5b8e229c1e8f74c16d38b8d1bf24809c74da9483753bc7b61975fc82759668db7c501f9746f075f9be1abcea99d093d8e840687785143cd5c2b48b65053f69d7b68459bc11594923bba0566a65db0de8638c9d77b4d42d39326fd608448b8a311e756fd5ac7a2472f5fd097dcd85a8cdec9a9ced89abbca7369a2f8dcf52fd4eaca&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&clickId=107698154_1665545963799_522755
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421717a01f787d4a170128715f4f881cfd7528f43994fb858b3d2aabab0e3d88be845204fd85b2878063b6acf4971e260dd164addf10d0de4dc0d7a99f52faa4a1b4643cd80b784b3ee9730b0336569009a21b9acba591a7d1b640429911c7ee3cc00343080ce1642a4d00ad475ea553edbb821768d69926158b6b1121219ed72191b1d7422fd90511d15b7e4e2da1e34ff6bbbad88e8a4d5b8e229c1e8f74c16d38b8d1bf24809c74da9483753bc7b61975fc82759668db7c501f9746f075f9be1abcea99d093d8e840687785143cd5c2b48b65053f69d7b68459bc11594923bba0566a65db0de8638c9d77b4d42d39326fd608448b8a311e756fd5ac7a2472f5fd097dcd85a8cdec9a9ced89abbca7369a2f8dcf52fd4eaca&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&clickId=107698154_1665545963799_522755 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1665545963681&.sig=CT617_4QtSaZ5BacATlWX4UdcUM-&affiliationId=96965886&comId=100523305&country=no&cpcId=499331&merchantName=Tjenstetorget.no&searchId=1076100343720963_1665545963021_21861043&service=30&url=https%3A%2F%2Ftjenestetorget.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=ce2df1bd3a8f7ba59848b10e77422a50f4a7a8419f83e75fadde8363e7ed7dcf
Connection: keep-alive
Cookie: datadome=CZ.Iy~qG7QrW6jDL76_9cJ._7L1v74AenkBspkh6CR-M7F5evYp20~_U-jZ-SoqwDfA~0cedN6YS3sGtISR_0iZaDoyQ8KxdzSiZejD0G52ycEQGTXp9Gm9-SeiDZGH; kelkooID=a4c629a-183ca468917-22fb1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 03:39:23 GMT
Request-Time: PT0.00165S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=86
Connection: Keep-Alive
dd.kelkoogroup.net/tags.js
54.230.111.25200 OK 43 kB URL HTTP/2 dd.kelkoogroup.net/tags.js
IP 54.230.111.25:0
File type ASCII text, with very long lines (65432)
Hash a9f75aaa24c508083c6eda2912cb2929
c47edaa4aa173610bef816ec6078b8385b271bca
092fecd8bdaf2416d3c813569c99ca72665726b2231a01308c07db16489ca93d
GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=CZ.Iy~qG7QrW6jDL76_9cJ._7L1v74AenkBspkh6CR-M7F5evYp20~_U-jZ-SoqwDfA~0cedN6YS3sGtISR_0iZaDoyQ8KxdzSiZejD0G52ycEQGTXp9Gm9-SeiDZGH; kelkooID=a4c629a-183ca468917-22fb1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 43000
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Fri, 30 Sep 2022 11:57:45 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront), 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
date: Wed, 12 Oct 2022 03:30:10 GMT
cache-control: max-age=3600, public
expires: Wed, 12 Oct 2022 04:28:15 GMT
etag: "33929-5e9e3b3bbc8ac-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: ANNXWZUZsS_TbXNzkIY50NTuBNtr-mrIpD74I2JTpxYmgdChyaTyxg==
age: 668
X-Firefox-Spdy: h2
no-go.kelkoogroup.net/favicon.ico
95.211.116.27403 Forbidden 0 B URL HTTP/1.0 no-go.kelkoogroup.net/favicon.ico
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1665545963681&.sig=CT617_4QtSaZ5BacATlWX4UdcUM-&affiliationId=96965886&comId=100523305&country=no&cpcId=499331&merchantName=Tjenstetorget.no&searchId=1076100343720963_1665545963021_21861043&service=30&url=https%3A%2F%2Ftjenestetorget.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=ce2df1bd3a8f7ba59848b10e77422a50f4a7a8419f83e75fadde8363e7ed7dcf
Connection: keep-alive
Cookie: datadome=CZ.Iy~qG7QrW6jDL76_9cJ._7L1v74AenkBspkh6CR-M7F5evYp20~_U-jZ-SoqwDfA~0cedN6YS3sGtISR_0iZaDoyQ8KxdzSiZejD0G52ycEQGTXp9Gm9-SeiDZGH; kelkooID=a4c629a-183ca468917-22fb1; _ga=GA1.2.716389374.1665545963; _gid=GA1.2.781077912.1665545963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.0 403 Forbidden
Server: BigIP
Connection: Keep-Alive
Content-Length: 0
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421717a01f787d4a170128715f4f881cfd7528f43994fb858b3d2aabab0e3d88be845204fd85b2878063b6acf4971e260dd164addf10d0de4dc0d7a99f52faa4a1b4643cd80b784b3ee9730b0336569009a21b9acba591a7d1b640429911c7ee3cc00343080ce1642a4d00ad475ea553edbb821768d69926158b6b1121219ed72191b1d7422fd90511d15b7e4e2da1e34ff6bbbad88e8a4d5b8e229c1e8f74c16d38b8d1bf24809c74da9483753bc7b61975fc82759668db7c501f9746f075f9be1abcea99d093d8e840687785143cd5c2b48b65053f69d7b68459bc11594923bba0566a65db0de8638c9d77b4d42d39326fd608448b8a311e756fd5ac7a2472f5fd097dcd85a8cdec9a9ced89abbca7369a2f8dcf52fd4eaca&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&clickId=107698154_1665545963799_522755
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421717a01f787d4a170128715f4f881cfd7528f43994fb858b3d2aabab0e3d88be845204fd85b2878063b6acf4971e260dd164addf10d0de4dc0d7a99f52faa4a1b4643cd80b784b3ee9730b0336569009a21b9acba591a7d1b640429911c7ee3cc00343080ce1642a4d00ad475ea553edbb821768d69926158b6b1121219ed72191b1d7422fd90511d15b7e4e2da1e34ff6bbbad88e8a4d5b8e229c1e8f74c16d38b8d1bf24809c74da9483753bc7b61975fc82759668db7c501f9746f075f9be1abcea99d093d8e840687785143cd5c2b48b65053f69d7b68459bc11594923bba0566a65db0de8638c9d77b4d42d39326fd608448b8a311e756fd5ac7a2472f5fd097dcd85a8cdec9a9ced89abbca7369a2f8dcf52fd4eaca&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&clickId=107698154_1665545963799_522755
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421717a01f787d4a170128715f4f881cfd7528f43994fb858b3d2aabab0e3d88be845204fd85b2878063b6acf4971e260dd164addf10d0de4dc0d7a99f52faa4a1b4643cd80b784b3ee9730b0336569009a21b9acba591a7d1b640429911c7ee3cc00343080ce1642a4d00ad475ea553edbb821768d69926158b6b1121219ed72191b1d7422fd90511d15b7e4e2da1e34ff6bbbad88e8a4d5b8e229c1e8f74c16d38b8d1bf24809c74da9483753bc7b61975fc82759668db7c501f9746f075f9be1abcea99d093d8e840687785143cd5c2b48b65053f69d7b68459bc11594923bba0566a65db0de8638c9d77b4d42d39326fd608448b8a311e756fd5ac7a2472f5fd097dcd85a8cdec9a9ced89abbca7369a2f8dcf52fd4eaca&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&clickId=107698154_1665545963799_522755 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1665545963681&.sig=CT617_4QtSaZ5BacATlWX4UdcUM-&affiliationId=96965886&comId=100523305&country=no&cpcId=499331&merchantName=Tjenstetorget.no&searchId=1076100343720963_1665545963021_21861043&service=30&url=https%3A%2F%2Ftjenestetorget.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=ce2df1bd3a8f7ba59848b10e77422a50f4a7a8419f83e75fadde8363e7ed7dcf
Content-Type: text/plain;charset=utf-8
Content-Length: 520
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=CZ.Iy~qG7QrW6jDL76_9cJ._7L1v74AenkBspkh6CR-M7F5evYp20~_U-jZ-SoqwDfA~0cedN6YS3sGtISR_0iZaDoyQ8KxdzSiZejD0G52ycEQGTXp9Gm9-SeiDZGH; kelkooID=a4c629a-183ca468917-22fb1; _ga=GA1.2.716389374.1665545963; _gid=GA1.2.781077912.1665545963
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 03:39:23 GMT
Request-Time: PT0.009029S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=90
Connection: Keep-Alive
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421717a01f787d4a170128715f4f881cfd7528f43994fb858b3d2aabab0e3d88be845204fd85b2878063b6acf4971e260dd164addf10d0de4dc0d7a99f52faa4a1b4643cd80b784b3ee9730b0336569009a21b9acba591a7d1b640429911c7ee3cc00343080ce1642a4d00ad475ea553edbb821768d69926158b6b1121219ed72191b1d7422fd90511d15b7e4e2da1e34ff6bbbad88e8a4d5b8e229c1e8f74c16d38b8d1bf24809c74da9483753bc7b61975fc82759668db7c501f9746f075f9be1abcea99d093d8e840687785143cd5c2b48b65053f69d7b68459bc11594923bba0566a65db0de8638c9d77b4d42d39326fd608448b8a311e756fd5ac7a2472f5fd097dcd85a8cdec9a9ced89abbca7369a2f8dcf52fd4eaca&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&clickId=107698154_1665545963799_522755&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D315716%26epi%3Ddc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856%26url%3Dhttps%253A%252F%252Ftjenestetorget.no%252F
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421717a01f787d4a170128715f4f881cfd7528f43994fb858b3d2aabab0e3d88be845204fd85b2878063b6acf4971e260dd164addf10d0de4dc0d7a99f52faa4a1b4643cd80b784b3ee9730b0336569009a21b9acba591a7d1b640429911c7ee3cc00343080ce1642a4d00ad475ea553edbb821768d69926158b6b1121219ed72191b1d7422fd90511d15b7e4e2da1e34ff6bbbad88e8a4d5b8e229c1e8f74c16d38b8d1bf24809c74da9483753bc7b61975fc82759668db7c501f9746f075f9be1abcea99d093d8e840687785143cd5c2b48b65053f69d7b68459bc11594923bba0566a65db0de8638c9d77b4d42d39326fd608448b8a311e756fd5ac7a2472f5fd097dcd85a8cdec9a9ced89abbca7369a2f8dcf52fd4eaca&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&clickId=107698154_1665545963799_522755&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D315716%26epi%3Ddc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856%26url%3Dhttps%253A%252F%252Ftjenestetorget.no%252F
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421717a01f787d4a170128715f4f881cfd7528f43994fb858b3d2aabab0e3d88be845204fd85b2878063b6acf4971e260dd164addf10d0de4dc0d7a99f52faa4a1b4643cd80b784b3ee9730b0336569009a21b9acba591a7d1b640429911c7ee3cc00343080ce1642a4d00ad475ea553edbb821768d69926158b6b1121219ed72191b1d7422fd90511d15b7e4e2da1e34ff6bbbad88e8a4d5b8e229c1e8f74c16d38b8d1bf24809c74da9483753bc7b61975fc82759668db7c501f9746f075f9be1abcea99d093d8e840687785143cd5c2b48b65053f69d7b68459bc11594923bba0566a65db0de8638c9d77b4d42d39326fd608448b8a311e756fd5ac7a2472f5fd097dcd85a8cdec9a9ced89abbca7369a2f8dcf52fd4eaca&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&clickId=107698154_1665545963799_522755&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D315716%26epi%3Ddc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856%26url%3Dhttps%253A%252F%252Ftjenestetorget.no%252F HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1665545963681&.sig=CT617_4QtSaZ5BacATlWX4UdcUM-&affiliationId=96965886&comId=100523305&country=no&cpcId=499331&merchantName=Tjenstetorget.no&searchId=1076100343720963_1665545963021_21861043&service=30&url=https%3A%2F%2Ftjenestetorget.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=ce2df1bd3a8f7ba59848b10e77422a50f4a7a8419f83e75fadde8363e7ed7dcf
Connection: keep-alive
Cookie: datadome=CZ.Iy~qG7QrW6jDL76_9cJ._7L1v74AenkBspkh6CR-M7F5evYp20~_U-jZ-SoqwDfA~0cedN6YS3sGtISR_0iZaDoyQ8KxdzSiZejD0G52ycEQGTXp9Gm9-SeiDZGH; kelkooID=a4c629a-183ca468917-22fb1; _ga=GA1.2.716389374.1665545963; _gid=GA1.2.781077912.1665545963
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Wed, 12 Oct 2022 03:39:24 GMT
leadId: dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856
clickId: 107698154_1665545963799_522755
country: no
Location: https://pdt.tradedoubler.com/click?a=332280&p=315716&epi=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&url=https%3A%2F%2Ftjenestetorget.no%2F
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.015291S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=V7UoHj050eIOMrivz6izRN_rxMqdxsFoZ4UfQIUIEXg~YEE6v92RdpLP23rN_0Qs41h5U5RGGA7HH.sxvPcbNPgRt47euPNLlaplTfsuUtHa4sfIW1UwAA~9bps9eRZ; Max-Age=31536000; Expires=Thu, 12 Oct 2023 03:39:24 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=91
Connection: Keep-Alive
Content-Type: text/plain
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eec965343f93d38b8e3d2121eeecf574
0e2f27380c1ae29663edcae236b5433219e0b8de
7a338465f80b2ebc6cd842e39d0025f277ce5d199ca2a85f22b043e6e18138ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A338465F80B2EBC6CD842E39D0025F277CE5D199CA2A85F22B043E6E18138CA"
Last-Modified: Mon, 10 Oct 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4727
Expires: Wed, 12 Oct 2022 04:58:11 GMT
Date: Wed, 12 Oct 2022 03:39:24 GMT
Connection: keep-alive
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 12920c080a082384216335961560f5cb
9484ea11c70f2f392349cba11b055c8e134407d7
301664623172d8c5aeb3a54ba5e3f796b4b90dfd424b9859fe6bc87cb19b8b0f
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 03:39:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 20:57:00 GMT
Expires: Mon, 17 Oct 2022 20:56:59 GMT
Etag: "9484ea11c70f2f392349cba11b055c8e134407d7"
Cache-Control: max-age=603880,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 883
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758ccee398dd0b45-OSL
api-js.datadome.co/js/
13.51.3.189200 OK 235 B IP 13.51.3.189:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 14c53e70e354bd8740d06cec6307aa2a
8f00538900d5973a962f5c180cb1124092a52303
f38d5515275b064df49c72a6e9de23d1cb6fe9432704d4eb8451d3e08c5fc57f
POST /js/ HTTP/1.1
Host: api-js.datadome.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4181
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 12 Oct 2022 03:39:24 GMT
content-type: application/json;charset=utf-8
content-length: 235
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2
pdt.tradedoubler.com/click?a=332280&p=315716&epi=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&url=https%3A%2F%2Ftjenestetorget.no%2F
35.186.231.97200 OK 1.1 kB URL HTTP/2 pdt.tradedoubler.com/click?a=332280&p=315716&epi=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&url=https%3A%2F%2Ftjenestetorget.no%2F
IP 35.186.231.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (475)
Hash 555a2f8dbcb470c5d7094cc0f5cadffc
409d1d69f36f9cfddb544b662e311de404a8604c
6a4bf1b47512b0b1c0239007321d2adc06d3a515b8c4fbe1ef1eaf194c8a9128
GET /click?a=332280&p=315716&epi=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&url=https%3A%2F%2Ftjenestetorget.no%2F HTTP/1.1
Host: pdt.tradedoubler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=ISO-8859-1
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Wed, 12 Oct 2022 03:39:23 GMT
content-length: 1130
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eec965343f93d38b8e3d2121eeecf574
0e2f27380c1ae29663edcae236b5433219e0b8de
7a338465f80b2ebc6cd842e39d0025f277ce5d199ca2a85f22b043e6e18138ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A338465F80B2EBC6CD842E39D0025F277CE5D199CA2A85F22B043E6E18138CA"
Last-Modified: Mon, 10 Oct 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4727
Expires: Wed, 12 Oct 2022 04:58:11 GMT
Date: Wed, 12 Oct 2022 03:39:24 GMT
Connection: keep-alive
vht.tradedoubler.com/fp/prefs.js
54.230.111.56200 OK 3.7 kB URL HTTP/1.1 vht.tradedoubler.com/fp/prefs.js
IP 54.230.111.56:0
File type ASCII text, with very long lines (764)
Hash 9042aeefa6b50fd89dafd065aee87148
0903b60da6faa7a16b30fe42a0974ae20c0e09bf
dcde81d721f2b5f9e932b434eff9f39b07ce0803a772c991296ddd4e9e8e0b30
GET /fp/prefs.js HTTP/1.1
Host: vht.tradedoubler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pdt.tradedoubler.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 3705
Connection: keep-alive
Date: Thu, 06 Oct 2022 07:29:16 GMT
Server: Apache
Strict-Transport-Security: max-age=15552000; includeSubDomains
Last-Modified: Mon, 15 Oct 2018 09:28:46 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: J0S-IMle6vcXPRejfyw_Sp8w5DObsky5zNN-im4u61X1RMmu3av3-g==
Age: 504608
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
analytics.tradedoubler.com/
188.165.150.178200 OK 213 B URL HTTP/2 analytics.tradedoubler.com/
IP 188.165.150.178:0
Hash 71190bd3223b13ce1dcf2568550008e8
785d1521d98b6b8af771bca7968b38b4fbaacdf5
521779ccfd2ce63e1d4ab4566933c22e09470ab7bf8d4b4e2650b7561413c68f
POST / HTTP/1.1
Host: analytics.tradedoubler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pdt.tradedoubler.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 239
Origin: https://pdt.tradedoubler.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 03:39:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-via-popn: primary
content-encoding: gzip
x-via-poph: replica1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash befa75dbbe9d5dfa501f9c1f03b7cdfa
73814c47bdcd6bebffc963b71d0a20fb361fad50
76b8f843416709a64e030343fbea3e04b9ee9faf2872ddba29f7c8ea28041e28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 03:39:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FmerchantGo%3F.ts%3D1665545963681%26.sig%3DCT617_4QtSaZ5BacATlWX4UdcUM-%26affiliationId%3D96965886%26comId%3D100523305%26country%3Dno%26cpcId%3D499331%26merchantName%3DTjenstetorget.no%26searchId%3D1076100343720963_1665545963021_21861043%26service%3D30%26url%3Dhttps%253A%252F%252Ftjenestetorget.no%252F%26custom2%3DSRdytlITOR16%26custom3%3Dfalse%26custom1%3Dce2df1bd3a8f7ba59848b10e77422a50f4a7a8419f83e75fadde8363e7ed7dcf&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100523305%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Tjenstetorget.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=716389374.1665545963&tid=UA-168544891-6&_gid=781077912.1665545963&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&cd3=100523305&cd4=a4c629a-183ca468917-22fb1&cd5=&cd6=96965886%7C100523305%7C&z=65692570
142.250.74.174200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FmerchantGo%3F.ts%3D1665545963681%26.sig%3DCT617_4QtSaZ5BacATlWX4UdcUM-%26affiliationId%3D96965886%26comId%3D100523305%26country%3Dno%26cpcId%3D499331%26merchantName%3DTjenstetorget.no%26searchId%3D1076100343720963_1665545963021_21861043%26service%3D30%26url%3Dhttps%253A%252F%252Ftjenestetorget.no%252F%26custom2%3DSRdytlITOR16%26custom3%3Dfalse%26custom1%3Dce2df1bd3a8f7ba59848b10e77422a50f4a7a8419f83e75fadde8363e7ed7dcf&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100523305%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Tjenstetorget.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=716389374.1665545963&tid=UA-168544891-6&_gid=781077912.1665545963&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&cd3=100523305&cd4=a4c629a-183ca468917-22fb1&cd5=&cd6=96965886%7C100523305%7C&z=65692570
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FmerchantGo%3F.ts%3D1665545963681%26.sig%3DCT617_4QtSaZ5BacATlWX4UdcUM-%26affiliationId%3D96965886%26comId%3D100523305%26country%3Dno%26cpcId%3D499331%26merchantName%3DTjenstetorget.no%26searchId%3D1076100343720963_1665545963021_21861043%26service%3D30%26url%3Dhttps%253A%252F%252Ftjenestetorget.no%252F%26custom2%3DSRdytlITOR16%26custom3%3Dfalse%26custom1%3Dce2df1bd3a8f7ba59848b10e77422a50f4a7a8419f83e75fadde8363e7ed7dcf&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100523305%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Tjenstetorget.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=716389374.1665545963&tid=UA-168544891-6&_gid=781077912.1665545963&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1665545963802_3802856&cd3=100523305&cd4=a4c629a-183ca468917-22fb1&cd5=&cd6=96965886%7C100523305%7C&z=65692570 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Wed, 12 Oct 2022 03:39:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash befa75dbbe9d5dfa501f9c1f03b7cdfa
73814c47bdcd6bebffc963b71d0a20fb361fad50
76b8f843416709a64e030343fbea3e04b9ee9faf2872ddba29f7c8ea28041e28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 03:39:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash befa75dbbe9d5dfa501f9c1f03b7cdfa
73814c47bdcd6bebffc963b71d0a20fb361fad50
76b8f843416709a64e030343fbea3e04b9ee9faf2872ddba29f7c8ea28041e28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 03:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=22019885&Ver=2
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=22019885&Ver=2
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=22019885&Ver=2 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.googletagmanager.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3C3F009D857C6D50247D12A6842B6C86; domain=.bing.com; expires=Mon, 06-Nov-2023 03:39:25 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8168A3093AA24C6C80F8C33CBC4BFE30 Ref B: OSL30EDGE0411 Ref C: 2022-10-12T03:39:25Z
date: Wed, 12 Oct 2022 03:39:25 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 1b5fa7f2d9bf7b7c3d615d81b4c27762
104f0a987cca9d56fd392a38cf2c3168ee0f1347
d02700acd3225d2073db90ca3aa4eb4a04d491287aa822ccba6b66ceb8c3225f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170280
Date: Wed, 12 Oct 2022 03:39:25 GMT
Etag: "63461e61-1d7"
Expires: Fri, 14 Oct 2022 02:57:25 GMT
Last-Modified: Wed, 12 Oct 2022 01:54:41 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ujGMj8sy1w5681yt4JcaXwbDQaFOYiRAP4pi7lk2CbWxJg6v0hMwyg==
Age: 3764
eupips.lordoftheentertainingostriches.com/sxp/i/1faaa7b3f526381f63795cd0f1bde2f5.js
54.230.111.96200 OK 29 kB URL HTTP/2 eupips.lordoftheentertainingostriches.com/sxp/i/1faaa7b3f526381f63795cd0f1bde2f5.js
IP 54.230.111.96:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash e5ee2a14780eaaa8bae4f2be49727463
01587e3d3d0f921f5dc40af8d8766e0b1fd67a8b
d780d020f77814cc2fa9955761e849b2284469505e4cecebc942c5721b949457
GET /sxp/i/1faaa7b3f526381f63795cd0f1bde2f5.js HTTP/1.1
Host: eupips.lordoftheentertainingostriches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 29068
content-encoding: gzip
server: Caddy
date: Tue, 11 Oct 2022 18:32:45 GMT
cache-control: max-age=43200
expires: Wed, 12 Oct 2022 06:32:43 GMT
etag: "136e6-wF1kvo7d5qnwI9fVc0I0w46dwog"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OZUg9zuNf3lMf7OvS4YL8xwqtY_aDUKQtMg3JHzz6FkdMFrhKAfMTQ==
age: 32802
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1216.min.js
151.101.86.137200 OK 17 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (38845)
Hash ea4d3aa68f2e0c1f1d32e21eea6f0c8e
f171004e5f711164f40366acd23a3b31bd98ddd6
cf99e6efed7bf8bc5a5f00d4bd360093844d489445f18bc3fe629542dbc98978
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 12 Oct 2022 03:39:26 GMT
via: 1.1 varnish
x-served-by: cache-bma1624-BMA
x-cache: HIT
x-cache-hits: 104
x-timer: S1665545966.001853,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
kol.lordoftheentertainingostriches.com/ct?id=22416&url=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1665545965971&hl=3&op=0&ag=718972423&rand=04910117728681602091809001001895097921605277905801291015268902806169686212&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=https%3A%2F%2Fpdt.tradedoubler.com%2F&ss=1280x1024&nc=0&at=&di=W1siZWYiLDY4NjRdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDMsMCwwLDAsMCw0LDMsMCwyLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDQsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiOCxJTEhZTEI5QkxUYTJKcVFnM0ZvZWVsMndZYkUyb2dCSUtKNmNSMDAwTUpIUXdZVERHWWFodjN1dDcxVnBYUjlPOCtNNXJWU0tzMWtQQmUvLzk5c25WSkdwVWRQZmR6em4zT2ZjIl0sWy0zLCJbXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcIkNsb3VkZmxhcmVBcHBzXCIsXCJOb3RpZnlQYWludEV2ZW50XCIsXCJfX3JvY2tldExvYWRlckV2ZW50Q3RvclwiLFwiX19yb2NrZXRMb2FkZXJMb2FkUHJvZ3Jlc3NTaW11bGF0b3JcIixcIl9fY2ZRUlwiLFwiTlJFVU1cIixcIm5ld3JlbGljXCIsXCJfX25yX3JlcXVpcmVcIixcImRhdGFMYXllclwiLFwiZ3RhZ1wiLFwiZ2V0Rm9ybUVycm9yc1wiLFwiZ2V0STE4blwiLFwiZ2V0TmV3c2xldHRlckZvcm1EYXRhXCIsXCJsaWJyYXJ5XCIsXCJ3ZWJwYWNrSnNvbnBcIixcIlNFTlRSWV9SRUxFQVNFXCIsXCJsYXp5U2l6ZXNDb25maWdcIixcImxhenlTaXplc1wiLFwiY29yZVwiLFwiX19jb3JlLWpzX3NoYXJlZF9fXCIsXCJfX1NFTlRSWV9fXCIsXCJyZXNldEZvcm1WYWx1ZXNcIixcInJlc2V0RXhwZXJpbWVudHNcIixcInJlc2V0UmVsYXRlZENhdGVnb3J5Rm9ybVZhbHVlc1wiLFwic2hvd1JlY2VpcHRNb2RhbFwiLFwiY2xvc2VSZWNlaXB0TW9kYWxcIixcIl9fY2ZSTFVuYmxvY2tIYW5kbGVyc1wiLFwiX19jdGNnX2N0XzIyNDE2X2V4ZWNcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIl19Il0sWy0xMiwiXCJ1bnNwZWNpZmllZFwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDAyLDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCw5MzksMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCItIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwiLSJdLFstMjcsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIjAiXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjY1NTQ1OTY1OTYxLDBdIl0sWy0zNiwiW1wiNS80XCIsXCI1LzRcIl0iXSxbLTM3LCItIl0sWy0zOCwiYywtMSwtMSw0NywwLDEsMCwxMCwxNCwxMTgxLC0xLDksLDEzNTYsMTc4MSwxNzgwIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjAxMCJdLFsiZGRiIiwiMCw3LDAsMSwxLDMsMCwwLDAsMSwwLDAsMCwwLDYsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwyLDAsMCwwLDIsMCwwLDAsMCwwLDEsMCwyLDIsMCwwLDAsMiwwLDAsMCwwIl0sWyJibmNoIiw1N10sWyJhYm5jaCIsNThdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=qr0HsCHUri&pto=1790&ver=47&gac=-&mei=&ap=&duid=1.1665545965.zy9wVcWofScg6mve&suid=1.1665545965.6dcOQ2c93GfyG9Vd&tuid=1.1665545965.XB4jfpFkFCFNCY60&fbc=->m=W10%3D&it=36%2C1451%2C149&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
3.248.162.96200 OK 864 B URL HTTP/2 kol.lordoftheentertainingostriches.com/ct?id=22416&url=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1665545965971&hl=3&op=0&ag=718972423&rand=04910117728681602091809001001895097921605277905801291015268902806169686212&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=https%3A%2F%2Fpdt.tradedoubler.com%2F&ss=1280x1024&nc=0&at=&di=W1siZWYiLDY4NjRdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDMsMCwwLDAsMCw0LDMsMCwyLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDQsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiOCxJTEhZTEI5QkxUYTJKcVFnM0ZvZWVsMndZYkUyb2dCSUtKNmNSMDAwTUpIUXdZVERHWWFodjN1dDcxVnBYUjlPOCtNNXJWU0tzMWtQQmUvLzk5c25WSkdwVWRQZmR6em4zT2ZjIl0sWy0zLCJbXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcIkNsb3VkZmxhcmVBcHBzXCIsXCJOb3RpZnlQYWludEV2ZW50XCIsXCJfX3JvY2tldExvYWRlckV2ZW50Q3RvclwiLFwiX19yb2NrZXRMb2FkZXJMb2FkUHJvZ3Jlc3NTaW11bGF0b3JcIixcIl9fY2ZRUlwiLFwiTlJFVU1cIixcIm5ld3JlbGljXCIsXCJfX25yX3JlcXVpcmVcIixcImRhdGFMYXllclwiLFwiZ3RhZ1wiLFwiZ2V0Rm9ybUVycm9yc1wiLFwiZ2V0STE4blwiLFwiZ2V0TmV3c2xldHRlckZvcm1EYXRhXCIsXCJsaWJyYXJ5XCIsXCJ3ZWJwYWNrSnNvbnBcIixcIlNFTlRSWV9SRUxFQVNFXCIsXCJsYXp5U2l6ZXNDb25maWdcIixcImxhenlTaXplc1wiLFwiY29yZVwiLFwiX19jb3JlLWpzX3NoYXJlZF9fXCIsXCJfX1NFTlRSWV9fXCIsXCJyZXNldEZvcm1WYWx1ZXNcIixcInJlc2V0RXhwZXJpbWVudHNcIixcInJlc2V0UmVsYXRlZENhdGVnb3J5Rm9ybVZhbHVlc1wiLFwic2hvd1JlY2VpcHRNb2RhbFwiLFwiY2xvc2VSZWNlaXB0TW9kYWxcIixcIl9fY2ZSTFVuYmxvY2tIYW5kbGVyc1wiLFwiX19jdGNnX2N0XzIyNDE2X2V4ZWNcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIl19Il0sWy0xMiwiXCJ1bnNwZWNpZmllZFwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDAyLDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCw5MzksMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCItIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwiLSJdLFstMjcsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIjAiXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjY1NTQ1OTY1OTYxLDBdIl0sWy0zNiwiW1wiNS80XCIsXCI1LzRcIl0iXSxbLTM3LCItIl0sWy0zOCwiYywtMSwtMSw0NywwLDEsMCwxMCwxNCwxMTgxLC0xLDksLDEzNTYsMTc4MSwxNzgwIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjAxMCJdLFsiZGRiIiwiMCw3LDAsMSwxLDMsMCwwLDAsMSwwLDAsMCwwLDYsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwyLDAsMCwwLDIsMCwwLDAsMCwwLDEsMCwyLDIsMCwwLDAsMiwwLDAsMCwwIl0sWyJibmNoIiw1N10sWyJhYm5jaCIsNThdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=qr0HsCHUri&pto=1790&ver=47&gac=-&mei=&ap=&duid=1.1665545965.zy9wVcWofScg6mve&suid=1.1665545965.6dcOQ2c93GfyG9Vd&tuid=1.1665545965.XB4jfpFkFCFNCY60&fbc=->m=W10%3D&it=36%2C1451%2C149&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
IP 3.248.162.96:0
File type ASCII text, with very long lines (2662), with no line terminators
Hash 86e29e2c2b95719f85d4ae67759e6f40
c415245e60de686746d2f609aec8e6308c77c0bf
69bcc448bee3dc8846b416161af34591a1c9131b987683bdaef281e7ad97f8bb
GET /ct?id=22416&url=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1665545965971&hl=3&op=0&ag=718972423&rand=04910117728681602091809001001895097921605277905801291015268902806169686212&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=https%3A%2F%2Fpdt.tradedoubler.com%2F&ss=1280x1024&nc=0&at=&di=W1siZWYiLDY4NjRdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDMsMCwwLDAsMCw0LDMsMCwyLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDQsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiOCxJTEhZTEI5QkxUYTJKcVFnM0ZvZWVsMndZYkUyb2dCSUtKNmNSMDAwTUpIUXdZVERHWWFodjN1dDcxVnBYUjlPOCtNNXJWU0tzMWtQQmUvLzk5c25WSkdwVWRQZmR6em4zT2ZjIl0sWy0zLCJbXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcIkNsb3VkZmxhcmVBcHBzXCIsXCJOb3RpZnlQYWludEV2ZW50XCIsXCJfX3JvY2tldExvYWRlckV2ZW50Q3RvclwiLFwiX19yb2NrZXRMb2FkZXJMb2FkUHJvZ3Jlc3NTaW11bGF0b3JcIixcIl9fY2ZRUlwiLFwiTlJFVU1cIixcIm5ld3JlbGljXCIsXCJfX25yX3JlcXVpcmVcIixcImRhdGFMYXllclwiLFwiZ3RhZ1wiLFwiZ2V0Rm9ybUVycm9yc1wiLFwiZ2V0STE4blwiLFwiZ2V0TmV3c2xldHRlckZvcm1EYXRhXCIsXCJsaWJyYXJ5XCIsXCJ3ZWJwYWNrSnNvbnBcIixcIlNFTlRSWV9SRUxFQVNFXCIsXCJsYXp5U2l6ZXNDb25maWdcIixcImxhenlTaXplc1wiLFwiY29yZVwiLFwiX19jb3JlLWpzX3NoYXJlZF9fXCIsXCJfX1NFTlRSWV9fXCIsXCJyZXNldEZvcm1WYWx1ZXNcIixcInJlc2V0RXhwZXJpbWVudHNcIixcInJlc2V0UmVsYXRlZENhdGVnb3J5Rm9ybVZhbHVlc1wiLFwic2hvd1JlY2VpcHRNb2RhbFwiLFwiY2xvc2VSZWNlaXB0TW9kYWxcIixcIl9fY2ZSTFVuYmxvY2tIYW5kbGVyc1wiLFwiX19jdGNnX2N0XzIyNDE2X2V4ZWNcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIl19Il0sWy0xMiwiXCJ1bnNwZWNpZmllZFwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDAyLDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCw5MzksMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCItIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwiLSJdLFstMjcsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIjAiXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjY1NTQ1OTY1OTYxLDBdIl0sWy0zNiwiW1wiNS80XCIsXCI1LzRcIl0iXSxbLTM3LCItIl0sWy0zOCwiYywtMSwtMSw0NywwLDEsMCwxMCwxNCwxMTgxLC0xLDksLDEzNTYsMTc4MSwxNzgwIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjAxMCJdLFsiZGRiIiwiMCw3LDAsMSwxLDMsMCwwLDAsMSwwLDAsMCwwLDYsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwyLDAsMCwwLDIsMCwwLDAsMCwwLDEsMCwyLDIsMCwwLDAsMiwwLDAsMCwwIl0sWyJibmNoIiw1N10sWyJhYm5jaCIsNThdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=qr0HsCHUri&pto=1790&ver=47&gac=-&mei=&ap=&duid=1.1665545965.zy9wVcWofScg6mve&suid=1.1665545965.6dcOQ2c93GfyG9Vd&tuid=1.1665545965.XB4jfpFkFCFNCY60&fbc=->m=W10%3D&it=36%2C1451%2C149&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0 HTTP/1.1
Host: kol.lordoftheentertainingostriches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Wed, 12 Oct 2022 03:39:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=d7d82ad9c7a3d12e25df75f55972c000; Max-Age=29030400; Path=/; Expires=Wed, 13 Sep 2023 03:39:26 GMT; HttpOnly; Secure; SameSite=None
content-length: 864
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=GTM-TZ5DCXR
142.250.74.46200 OK 43 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=GTM-TZ5DCXR
IP 142.250.74.46:0
File type ASCII text, with very long lines (2071)
Hash 9c06b39efb9289e6836279aa65d91dfa
d0c6cf59def3e6d050d3a144a07091de73c3d569
06bf9a7ba2ec04974d507b11797316651d8fca7c7a91889f8f8ab5c1ecc50b63
GET /optimize.js?id=GTM-TZ5DCXR HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 12 Oct 2022 03:39:26 GMT
expires: Wed, 12 Oct 2022 03:39:26 GMT
cache-control: private, max-age=900
last-modified: Wed, 12 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42672
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kol.lordoftheentertainingostriches.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136cebc231ef4e8c9b9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c13896c2117071a10acf9f29f671d85d781057d6b12ad7f2607d33add37c5016453249604055a3c035d95be6b4f77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a371187c22858128748ed1594f7c4673055aa28f24687956a0a81a2f8eaba47fc1f247604379b9aca7929d7ea2cf9b18b744964a662689a8d9bfe92bd486b735c2704a84bd966e4f43b37f31f78f1b20ba9da2208254aa43e7834bc04f9ecb77953e6192ca758a649784bdf4dcedb54b79f77ab3e8e8354360e9c16991a850f11017428803488fd3cd88c0bcdd70e40790d0f58838b62c3574937b6bccc7df0e37d7ec74bb11e0830dce37a56b545945947bf21fdad1e269a8843ec01aea98dcd5609e154560f213541d3e487487f423b54fd3dfd136b79f25b3d020d996e2fb7e99bbea532626c8e51e0a9bb20a7b0cffebee22dd6e88e04ef2f232a02af242c90a814a93d168d51035f9bc8e747d6372094108400aace18c70cf01b141235f3bacf1168b8a121effa6debcba69c7e9e1f580fdb1bb02467b9d14e1e90f0dd014634691364f6d7eb53ef6220bc8f9c07d8b66d1208eaf29c4be08877d5b725f637e4095c3938d750c5cfc4c5789c19dfee99e410f8cb1a37c90c9767edcd71b3a6ce7f9ab527be167f304e9699541e87bddc801e4a870a2cd9ad8f32a7efda27f3a907ca691a2f255e52c464a5ac7331a0ee6b155d9bd4889ccd6&cri=qr0HsCHUri&ts=278&cb=1665545966249
3.248.162.96200 OK 43 B URL HTTP/2 kol.lordoftheentertainingostriches.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136cebc231ef4e8c9b9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c13896c2117071a10acf9f29f671d85d781057d6b12ad7f2607d33add37c5016453249604055a3c035d95be6b4f77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a371187c22858128748ed1594f7c4673055aa28f24687956a0a81a2f8eaba47fc1f247604379b9aca7929d7ea2cf9b18b744964a662689a8d9bfe92bd486b735c2704a84bd966e4f43b37f31f78f1b20ba9da2208254aa43e7834bc04f9ecb77953e6192ca758a649784bdf4dcedb54b79f77ab3e8e8354360e9c16991a850f11017428803488fd3cd88c0bcdd70e40790d0f58838b62c3574937b6bccc7df0e37d7ec74bb11e0830dce37a56b545945947bf21fdad1e269a8843ec01aea98dcd5609e154560f213541d3e487487f423b54fd3dfd136b79f25b3d020d996e2fb7e99bbea532626c8e51e0a9bb20a7b0cffebee22dd6e88e04ef2f232a02af242c90a814a93d168d51035f9bc8e747d6372094108400aace18c70cf01b141235f3bacf1168b8a121effa6debcba69c7e9e1f580fdb1bb02467b9d14e1e90f0dd014634691364f6d7eb53ef6220bc8f9c07d8b66d1208eaf29c4be08877d5b725f637e4095c3938d750c5cfc4c5789c19dfee99e410f8cb1a37c90c9767edcd71b3a6ce7f9ab527be167f304e9699541e87bddc801e4a870a2cd9ad8f32a7efda27f3a907ca691a2f255e52c464a5ac7331a0ee6b155d9bd4889ccd6&cri=qr0HsCHUri&ts=278&cb=1665545966249
IP 3.248.162.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00136cebc231ef4e8c9b9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c13896c2117071a10acf9f29f671d85d781057d6b12ad7f2607d33add37c5016453249604055a3c035d95be6b4f77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a371187c22858128748ed1594f7c4673055aa28f24687956a0a81a2f8eaba47fc1f247604379b9aca7929d7ea2cf9b18b744964a662689a8d9bfe92bd486b735c2704a84bd966e4f43b37f31f78f1b20ba9da2208254aa43e7834bc04f9ecb77953e6192ca758a649784bdf4dcedb54b79f77ab3e8e8354360e9c16991a850f11017428803488fd3cd88c0bcdd70e40790d0f58838b62c3574937b6bccc7df0e37d7ec74bb11e0830dce37a56b545945947bf21fdad1e269a8843ec01aea98dcd5609e154560f213541d3e487487f423b54fd3dfd136b79f25b3d020d996e2fb7e99bbea532626c8e51e0a9bb20a7b0cffebee22dd6e88e04ef2f232a02af242c90a814a93d168d51035f9bc8e747d6372094108400aace18c70cf01b141235f3bacf1168b8a121effa6debcba69c7e9e1f580fdb1bb02467b9d14e1e90f0dd014634691364f6d7eb53ef6220bc8f9c07d8b66d1208eaf29c4be08877d5b725f637e4095c3938d750c5cfc4c5789c19dfee99e410f8cb1a37c90c9767edcd71b3a6ce7f9ab527be167f304e9699541e87bddc801e4a870a2cd9ad8f32a7efda27f3a907ca691a2f255e52c464a5ac7331a0ee6b155d9bd4889ccd6&cri=qr0HsCHUri&ts=278&cb=1665545966249 HTTP/1.1
Host: kol.lordoftheentertainingostriches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Cookie: cg_uuid=d7d82ad9c7a3d12e25df75f55972c000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Wed, 12 Oct 2022 03:39:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
bam.eu01.nr-data.net/1/NRJS-3611eda04c172bfb8e7?a=42818810&v=1216.487a282&to=MhBSZQoZWhdZBkMNCwtacVIMEVsKFwRHFEoNGl1UCBlTAQ%3D%3D&rst=1874&ck=1&ref=https://tjenestetorget.no/&ap=869&be=1580&fe=1683&dc=1659&perf=%7B%22timing%22:%7B%22of%22:1665545964182,%22n%22:0,%22f%22:47,%22dn%22:48,%22dne%22:58,%22c%22:58,%22s%22:61,%22ce%22:72,%22rq%22:72,%22rp%22:1091,%22rpe%22:1253,%22dl%22:1098,%22di%22:1437,%22ds%22:1458,%22de%22:1459,%22dc%22:1577,%22l%22:1577,%22le%22:1586%7D,%22navigation%22:%7B%7D%7D&fcp=1356&at=HldRE0IDSRk%3D&jsonp=NREUM.setToken
185.221.85.3200 OK 73 B URL HTTP/1.1 bam.eu01.nr-data.net/1/NRJS-3611eda04c172bfb8e7?a=42818810&v=1216.487a282&to=MhBSZQoZWhdZBkMNCwtacVIMEVsKFwRHFEoNGl1UCBlTAQ%3D%3D&rst=1874&ck=1&ref=https://tjenestetorget.no/&ap=869&be=1580&fe=1683&dc=1659&perf=%7B%22timing%22:%7B%22of%22:1665545964182,%22n%22:0,%22f%22:47,%22dn%22:48,%22dne%22:58,%22c%22:58,%22s%22:61,%22ce%22:72,%22rq%22:72,%22rp%22:1091,%22rpe%22:1253,%22dl%22:1098,%22di%22:1437,%22ds%22:1458,%22de%22:1459,%22dc%22:1577,%22l%22:1577,%22le%22:1586%7D,%22navigation%22:%7B%7D%7D&fcp=1356&at=HldRE0IDSRk%3D&jsonp=NREUM.setToken
IP 185.221.85.3:0
ASN #206998 New Relic International Limited
File type ASCII text, with no line terminators
Hash 814f8120cdf5a972bdb0fd5521a92a5d
47f7b3cd340d1fe91766ff27602e319a79bcd14c
5f520e553ae6a634e84b7c8c8d36908d2efa441d716834fd98c012c402b1c3c8
GET /1/NRJS-3611eda04c172bfb8e7?a=42818810&v=1216.487a282&to=MhBSZQoZWhdZBkMNCwtacVIMEVsKFwRHFEoNGl1UCBlTAQ%3D%3D&rst=1874&ck=1&ref=https://tjenestetorget.no/&ap=869&be=1580&fe=1683&dc=1659&perf=%7B%22timing%22:%7B%22of%22:1665545964182,%22n%22:0,%22f%22:47,%22dn%22:48,%22dne%22:58,%22c%22:58,%22s%22:61,%22ce%22:72,%22rq%22:72,%22rp%22:1091,%22rpe%22:1253,%22dl%22:1098,%22di%22:1437,%22ds%22:1458,%22de%22:1459,%22dc%22:1577,%22l%22:1577,%22le%22:1586%7D,%22navigation%22:%7B%7D%7D&fcp=1356&at=HldRE0IDSRk%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.eu01.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 03:39:26 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 758ccef14e6d9908-ARN
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=81822a9839f46899; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
cross-origin-resource-policy: cross-origin
x-envoy-upstream-service-time: 2
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E28cipGuKJN57B5oaIzEifm%2FKjXNKJ%2BzrQr4upr6OkRW93oCQpjroi2wYNg%2Boyo6oxUmKhhzsboj7sOor7V6Hw5xxi01vr7SCs72cU5ToUtVteNUwGqAFfGgJqHphHnYZQO2yYwX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 65d3f1f4c7648ba119d0abcad64df0e0
e50fc028514994ae3386c1d6a5faefc1cc901963
968c064e7c957e7d8b4e7358b4de67c200c73d423f994fd7180e8be2ed602f89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "968C064E7C957E7D8B4E7358B4DE67C200C73D423F994FD7180E8BE2ED602F89"
Last-Modified: Tue, 11 Oct 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5353
Expires: Wed, 12 Oct 2022 05:08:39 GMT
Date: Wed, 12 Oct 2022 03:39:26 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9045885902afb286eef41988716895
550fd256897d4f483d00768972f56cd8c35e09e8
c3a8ae68f7eece41a71cd344042b97c99a12c61c5a40b29117fc3f6a8aa9eabd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5472
Cache-Control: max-age=141740
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 03:39:26 GMT
Etag: "6345a83a-1d7"
Expires: Thu, 13 Oct 2022 19:01:46 GMT
Last-Modified: Tue, 11 Oct 2022 17:30:34 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=20873B494ACD66DF020B29724B9A6704; domain=.bing.com; expires=Mon, 06-Nov-2023 03:39:26 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3C757C5939544CB5B9CB58C3E76898A6 Ref B: OSL30EDGE0411 Ref C: 2022-10-12T03:39:26Z
date: Wed, 12 Oct 2022 03:39:25 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d565b143467fdf5f93382b73d0d67a50
53a62c83f10ca1dae1298f1b0eb23a300b6bccd2
b73db4ceefbd553ba3dfec23754c6696545d835b4560b280a7512114afdaaffc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1811
Cache-Control: max-age=142753
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 03:39:26 GMT
Etag: "6345ba7c-1d7"
Expires: Thu, 13 Oct 2022 19:18:39 GMT
Last-Modified: Tue, 11 Oct 2022 18:48:28 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: JWecLwvXTIOjtoMq5EPrd2iYF5l8m432U2UovmxpLJJUgsTM3/hEznNmeD6Mue5AXtXNisbEczjM7PTv2ggtjg==
content-length: 26840
x-fb-trip-id: 1904183273
date: Wed, 12 Oct 2022 03:39:26 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nyhetsbrev.tjenestetorget.no/script/ga.js?v=2&grid=pBFoDXSpY
188.114.80.141200 OK 236 B URL HTTP/1.1 nyhetsbrev.tjenestetorget.no/script/ga.js?v=2&grid=pBFoDXSpY
IP 188.114.80.141:0
ASN #198881 GETRESPONSE Sp.z o.o.
Hash 5235c57f4ea3c6df8dbc284ef4166d7b
84d66522772b8ff81c209d698fae2109e099973b
5c5dbeb50459207869f08cdc441d60948b0d35705b8258a3197d2e52a6951845
GET /script/ga.js?v=2&grid=pBFoDXSpY HTTP/1.1
Host: nyhetsbrev.tjenestetorget.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Cookie: new_tt_session=eyJpdiI6Ikdsb0c1cWlJVStaUjJibnNIVkd5MEE9PSIsInZhbHVlIjoiWnRJNXVxSXZEQjFSamxpSjdpQ0RxZTU5WG84alE0K1BQYk91cGdVb1orYXdRYVdCSENzcXkrWkkrdHdiMHFiOTJWQ0h5eFJ3Z2Y2YzVTSm10ZCsrZVl4bEFXRStrc0lDRGJ5UDYvdjA0alZaNUhHSlZRTTQ3QXB5MUhXSzZRRzYiLCJtYWMiOiIxNzQ0NzVkYzkwMzBiNmI1YThlOWE1YjZiZTE1MTNjNjk4OGQzMGIzYzBhMmM2YmJlMWJmMDc0YmNjOWI5YTM4IiwidGFnIjoiIn0%3D; _cq_duid=1.1665545965.zy9wVcWofScg6mve; _cq_suid=1.1665545965.6dcOQ2c93GfyG9Vd; _gcl_au=1.1.901675895.1665545966
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 03:39:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Feature-Policy: accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
Csrf-Token: a50406f5-a5b4-4f4a-8836-540d6842f7f1
Server-Timing: dtSInfo;desc="1"
Set-Cookie: dtCookie=v_4_srv_4_sn_B78EC6428727CD70F5E97989069028A9_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0_rcs-3Acss_0; Path=/; Domain=.tjenestetorget.no
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9045885902afb286eef41988716895
550fd256897d4f483d00768972f56cd8c35e09e8
c3a8ae68f7eece41a71cd344042b97c99a12c61c5a40b29117fc3f6a8aa9eabd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5472
Cache-Control: max-age=141740
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 03:39:26 GMT
Etag: "6345a83a-1d7"
Expires: Thu, 13 Oct 2022 19:01:46 GMT
Last-Modified: Tue, 11 Oct 2022 17:30:34 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
bat.bing.com/action/0?ti=22019885&tm=gtm002&Ver=2&mid=e57a6316-4302-44cf-9111-f1bdc3425b67&sid=78635d6049df11ed8caa11b7203d943d&vid=7863502049df11ed9ea297302f9fe469&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Sammenlign%20tilbud%20p%C3%A5%20flere%20tjenester%20p%C3%A5%20TjenesteTorget&p=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&r=https%3A%2F%2Fpdt.tradedoubler.com%2F<=1586&evt=pageLoad&sv=1&rn=74441
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=22019885&tm=gtm002&Ver=2&mid=e57a6316-4302-44cf-9111-f1bdc3425b67&sid=78635d6049df11ed8caa11b7203d943d&vid=7863502049df11ed9ea297302f9fe469&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Sammenlign%20tilbud%20p%C3%A5%20flere%20tjenester%20p%C3%A5%20TjenesteTorget&p=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&r=https%3A%2F%2Fpdt.tradedoubler.com%2F<=1586&evt=pageLoad&sv=1&rn=74441
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=22019885&tm=gtm002&Ver=2&mid=e57a6316-4302-44cf-9111-f1bdc3425b67&sid=78635d6049df11ed8caa11b7203d943d&vid=7863502049df11ed9ea297302f9fe469&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Sammenlign%20tilbud%20p%C3%A5%20flere%20tjenester%20p%C3%A5%20TjenesteTorget&p=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&r=https%3A%2F%2Fpdt.tradedoubler.com%2F<=1586&evt=pageLoad&sv=1&rn=74441 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1F12BBA1BA17662D3D70A99ABB406736; domain=.bing.com; expires=Mon, 06-Nov-2023 03:39:26 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A4B058472D334E8D846A30E07EF80180 Ref B: OSL30EDGE0411 Ref C: 2022-10-12T03:39:26Z
date: Wed, 12 Oct 2022 03:39:25 GMT
X-Firefox-Spdy: h2
track.adform.net/serving/scripts/trackpoint/async/
37.157.4.23301 Moved Permanently 20 kB URL HTTP/2 track.adform.net/serving/scripts/trackpoint/async/
IP 37.157.4.23:0
Hash 0d1f2ba98643b58fe984b9c56d0f84c1
8c158ab6cc33f954f88750aadab79361bca75f90
f7a6891ff91ed3e8e82ceaf8b3ce578afe83c7a5b9ee5a7331b30ba0206d49e1
GET /serving/scripts/trackpoint/async/ HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Oct 2022 03:39:26 GMT
content-type: text/html
location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5d0a0ed90364e0eea045f6e6cbc6521d
f76cac3b64a0310a0f5dc859cd2310802c024426
26caffaa8fc4b28a0fbe229d64d4f14c621178610521c58881b5cc5b39102382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 03:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.taboola.com/libtrc/unip/1183637/tfa.js
151.101.85.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1183637/tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58488)
Hash 2fe1d28ebc1b0198bb8ac08562b85472
e2f71290d615ec53a6a208bb6f183c356ed84e51
358bd0a0c53fab8f4df7fd015309dd8953d01130b98f53a544b9f77ea11b78e0
GET /libtrc/unip/1183637/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9CwfLUnXnELIY+MH/Plmp5OsBX1Mg0I7EK5sJlcEutY6iaAiytV5UUlsFRuZs4eZTUc1B9FTTqA=
x-amz-request-id: 09VDKNHTK3JKXNAA
x-amz-replication-status: PENDING
last-modified: Sun, 09 Oct 2022 11:03:57 GMT
etag: "a59ec1310859b9dfad8581ed66bd09dd"
x-amz-version-id: UYU6jvp2I0NNl3MOR6k2GmPU.nKEarAu
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 12 Oct 2022 03:39:26 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1665545966.490795,VS0,VE125
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 91
content-length: 17950
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-768D3XXKB3&cid=696757107.1665545966>m=2oeaa0&aip=1&z=1693774572
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-768D3XXKB3&cid=696757107.1665545966>m=2oeaa0&aip=1&z=1693774572
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-768D3XXKB3&cid=696757107.1665545966>m=2oeaa0&aip=1&z=1693774572 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 03:39:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5d0a0ed90364e0eea045f6e6cbc6521d
f76cac3b64a0310a0f5dc859cd2310802c024426
26caffaa8fc4b28a0fbe229d64d4f14c621178610521c58881b5cc5b39102382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 03:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/22019885.js
13.107.21.200200 OK 667 B URL HTTP/2 bat.bing.com/p/action/22019885.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 55904443c29ec5640233b1d7c4ed3a39
bc2f1e9f9ef1f3b5b4adfd9a1a4eec1b7cac9cf5
5905db05468e3ada9cb4131ff5f2c392204d74896337fde14424f6b769dc70a9
GET /p/action/22019885.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 667
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=12BF6B46BDA6632E3A9A797DBCF16247; domain=.bing.com; expires=Mon, 06-Nov-2023 03:39:26 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1EA5ADA89BC149988467A4554425A702 Ref B: OSL30EDGE0411 Ref C: 2022-10-12T03:39:26Z
date: Wed, 12 Oct 2022 03:39:25 GMT
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1492811/tfa.js
151.101.85.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1492811/tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58500)
Hash f0a7bd319128a722e0503b19552b3e26
d8fe360c838323dac08b4d7c0429d2e0d5f311b6
d766ef3a7a26931f245eeb7c4d196208c3a4170d18fd6ba3b0dd8dbe9a04627e
GET /libtrc/unip/1492811/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pXLIJJQiRw9enuaZVR40pXkKesxKG4utFGUeyi/xYcCWu0cnwSW0KwePN/mr/dzLb+x7OW2utJM=
x-amz-request-id: CAYZNQ8TTKCJ5BGS
x-amz-replication-status: PENDING
last-modified: Sun, 09 Oct 2022 11:05:26 GMT
etag: "c36c25cc9d51be3b62e9a9dd1f1e2700"
x-amz-version-id: sWzW0FFfwMd2AcbTuKvMDvCIi3KhmDMy
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 12 Oct 2022 03:39:26 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1665545966.491565,VS0,VE196
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 91
content-length: 17959
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b328dd45b340d747021ad1da23ede95d
92811e18e93271b7b7fc75b2e0ff9d3617f0417e
8e3a7c1a63d37d561dc08f9cec0863582709bb8248214c0f08586bbf3040cad2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 03:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1099975-1&cid=696757107.1665545966&jid=2083804038&gjid=1919066490&_gid=1717930638.1665545967&_u=YADAAEAAQAAAACAAI~&z=837886351
173.194.73.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1099975-1&cid=696757107.1665545966&jid=2083804038&gjid=1919066490&_gid=1717930638.1665545967&_u=YADAAEAAQAAAACAAI~&z=837886351
IP 173.194.73.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1099975-1&cid=696757107.1665545966&jid=2083804038&gjid=1919066490&_gid=1717930638.1665545967&_u=YADAAEAAQAAAACAAI~&z=837886351 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://tjenestetorget.no
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://tjenestetorget.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 12 Oct 2022 03:39:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 87b1ab1bb7e23ff466cd7a75261211f9
c37b1b133ee74911c4f3f3fa7bbddf2f58404793
9bdde715d440a1afef7d6bf6cebaef114eab105739d6714ea03ec1a34f1bbfad
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 12 Oct 2022 03:39:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 11 Oct 2022 21:21:05 GMT
Expires: Wed, 12 Oct 2022 21:21:05 GMT
ETag: "c37b1b133ee74911c4f3f3fa7bbddf2f58404793"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b328dd45b340d747021ad1da23ede95d
92811e18e93271b7b7fc75b2e0ff9d3617f0417e
8e3a7c1a63d37d561dc08f9cec0863582709bb8248214c0f08586bbf3040cad2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 03:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ga.getresponse.com/script/ga.js?v=2&grid=pBFoDXSpY
178.16.117.14200 OK 417 B URL HTTP/2 ga.getresponse.com/script/ga.js?v=2&grid=pBFoDXSpY
IP 178.16.117.14:0
ASN #198881 GETRESPONSE Sp.z o.o.
File type ASCII text, with very long lines (417), with no line terminators
Hash fab60b7a7b63878e22817afffe0c830d
d259724d7b6669265dc9151139ec5b8ccba4dc53
628012b900bc72b6f8e6782015af0c41057f3220d86cbfc3ebb945f23ec532f5
GET /script/ga.js?v=2&grid=pBFoDXSpY HTTP/1.1
Host: ga.getresponse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tjenestetorget.no
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://tjenestetorget.no
content-length: 417
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: application/javascript; charset=utf-8
date: Wed, 12 Oct 2022 03:39:26 GMT
etag: W/"1a1-0llyTXtmaSZdyRUROexbjMuk3FM"
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-response-id: 7a9361f8-6496-4d68-8b1e-dc8334bec7e9
x-xss-protection: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec8c3be288c030a2f21f77da38609a2c
5dce231ac91002054bbdbc6b19f6d1aa0d6c32bc
fa3abfefbd26a9339066ee03360614fc68312aefd2aa7e47e291589f426a7265
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 03:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1099975-1&cid=696757107.1665545966&jid=2083804038&_u=YADAAEAAQAAAACAAI~&z=88001958
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1099975-1&cid=696757107.1665545966&jid=2083804038&_u=YADAAEAAQAAAACAAI~&z=88001958
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1099975-1&cid=696757107.1665545966&jid=2083804038&_u=YADAAEAAQAAAACAAI~&z=88001958 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 03:39:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b8e058c50dbe0871b6ccde4ed4cc8785
06b0c34d584624df99282c1fff1d766b9ed00e64
3319073b74402c41450cc9ca2162140dbe8b231db146cf8e77cb0b43fa461b4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 03:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-768D3XXKB3>m=2oeaa0&_p=1479659270&_gaz=1&cid=696757107.1665545966&ul=en-us&sr=1280x1024&_s=1&sid=1665545966&sct=1&seg=0&dl=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&dr=https%3A%2F%2Fpdt.tradedoubler.com%2F&dt=Sammenlign%20tilbud%20p%C3%A5%20flere%20tjenester%20p%C3%A5%20TjenesteTorget&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-768D3XXKB3>m=2oeaa0&_p=1479659270&_gaz=1&cid=696757107.1665545966&ul=en-us&sr=1280x1024&_s=1&sid=1665545966&sct=1&seg=0&dl=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&dr=https%3A%2F%2Fpdt.tradedoubler.com%2F&dt=Sammenlign%20tilbud%20p%C3%A5%20flere%20tjenester%20p%C3%A5%20TjenesteTorget&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-768D3XXKB3>m=2oeaa0&_p=1479659270&_gaz=1&cid=696757107.1665545966&ul=en-us&sr=1280x1024&_s=1&sid=1665545966&sct=1&seg=0&dl=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&dr=https%3A%2F%2Fpdt.tradedoubler.com%2F&dt=Sammenlign%20tilbud%20p%C3%A5%20flere%20tjenester%20p%C3%A5%20TjenesteTorget&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tjenestetorget.no
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://tjenestetorget.no
date: Wed, 12 Oct 2022 03:39:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1685347128413462&ev=PageView&dl=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&rl=https%3A%2F%2Fpdt.tradedoubler.com%2F&if=false&ts=1665545966920&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665545966919.1604918448&it=1665545966498&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1685347128413462&ev=PageView&dl=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&rl=https%3A%2F%2Fpdt.tradedoubler.com%2F&if=false&ts=1665545966920&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665545966919.1604918448&it=1665545966498&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1685347128413462&ev=PageView&dl=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&rl=https%3A%2F%2Fpdt.tradedoubler.com%2F&if=false&ts=1665545966920&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665545966919.1604918448&it=1665545966498&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 12 Oct 2022 03:39:27 GMT
X-Firefox-Spdy: h2
us-an.gr-cdn.com/v2.1.20.0.umd.js
205.185.216.42200 OK 5.8 kB URL HTTP/2 us-an.gr-cdn.com/v2.1.20.0.umd.js
IP 205.185.216.42:0
File type Unicode text, UTF-8 text, with very long lines (17833)
Hash 74bc4c68d2e32c7dbc7131c7c0b262cb
1343c83b90b47be3999356d04102ca5ae141b195
997978f84e01567e4d6cb83a4831d0ea92a555cab221b724d85dc7d4ab5359f9
GET /v2.1.20.0.umd.js HTTP/1.1
Host: us-an.gr-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 12 Oct 2022 03:39:27 GMT
cache-control: max-age=30909318
content-encoding: gzip
content-length: 5821
content-type: application/javascript
last-modified: Tue, 04 Oct 2022 21:30:41 GMT
accept-ranges: bytes
x-amz-id-2: jAkr28U3w2XaZ1MIl0oMJK8ruRjhMLaLalAhBWWns5O2K95YDV/Sc2wS9RA5QjgMW5YUO3lLd6M=
x-amz-request-id: HMYC7HC5R0ENVY36
etag: "2a848c2d095e64873b7fba972c2e4b87"
server: AmazonS3
x-hw: 1665545967.dop227.sk1.t,1665545967.cds071.sk1.hn,1665545967.cds237.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=EA55EE6306E54254ACC865152963A977&RedC=c.clarity.ms&MXFR=07B9E4F668D56DFA3990F6CD6CD563FE
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=07B9E4F668D56DFA3990F6CD6CD563FE; domain=.clarity.ms; expires=Mon, 06-Nov-2023 03:39:27 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 12 Oct 2022 03:39:26 GMT
content-length: 0
X-Firefox-Spdy: h2
kol.lordoftheentertainingostriches.com/mon
3.248.162.96200 OK 0 B URL HTTP/2 kol.lordoftheentertainingostriches.com/mon
IP 3.248.162.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: kol.lordoftheentertainingostriches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1417
Origin: https://tjenestetorget.no
Connection: keep-alive
Referer: https://tjenestetorget.no/
Cookie: cg_uuid=d7d82ad9c7a3d12e25df75f55972c000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://tjenestetorget.no
content-type: application/json
date: Wed, 12 Oct 2022 03:39:27 GMT
content-length: 0
X-Firefox-Spdy: h2
kol.lordoftheentertainingostriches.com/mon
3.248.162.96200 OK 0 B URL HTTP/2 kol.lordoftheentertainingostriches.com/mon
IP 3.248.162.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: kol.lordoftheentertainingostriches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1412
Origin: https://tjenestetorget.no
Connection: keep-alive
Referer: https://tjenestetorget.no/
Cookie: cg_uuid=d7d82ad9c7a3d12e25df75f55972c000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://tjenestetorget.no
content-type: application/json
date: Wed, 12 Oct 2022 03:39:27 GMT
content-length: 0
X-Firefox-Spdy: h2
ga2.getresponse.com/index.php?ver=3&urlRef=https%3A%2F%2Fpdt.tradedoubler.com%2F&url=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&uid=%7B%22uuid%22%3A%2250e9a6c3-f1ed-435b-b647-1902d25a6862%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22tjenestetorget.no%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2C%22pBFoDXSpY%22%5D%2C%222%22%3A%5B%22aid%22%2C%2243f995d2-3706-4564-9447-ec12f6e9b6c7%22%5D%7D&h=3&m=39&s=27&res=1280x1024>_ms=1019
178.16.117.14204 No Content 0 B URL HTTP/2 ga2.getresponse.com/index.php?ver=3&urlRef=https%3A%2F%2Fpdt.tradedoubler.com%2F&url=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&uid=%7B%22uuid%22%3A%2250e9a6c3-f1ed-435b-b647-1902d25a6862%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22tjenestetorget.no%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2C%22pBFoDXSpY%22%5D%2C%222%22%3A%5B%22aid%22%2C%2243f995d2-3706-4564-9447-ec12f6e9b6c7%22%5D%7D&h=3&m=39&s=27&res=1280x1024>_ms=1019
IP 178.16.117.14:0
ASN #198881 GETRESPONSE Sp.z o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /index.php?ver=3&urlRef=https%3A%2F%2Fpdt.tradedoubler.com%2F&url=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&uid=%7B%22uuid%22%3A%2250e9a6c3-f1ed-435b-b647-1902d25a6862%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22tjenestetorget.no%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2C%22pBFoDXSpY%22%5D%2C%222%22%3A%5B%22aid%22%2C%2243f995d2-3706-4564-9447-ec12f6e9b6c7%22%5D%7D&h=3&m=39&s=27&res=1280x1024>_ms=1019 HTTP/1.1
Host: ga2.getresponse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tjenestetorget.no/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Wed, 12 Oct 2022 03:39:27 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-response-id: 99fe5a42-9dcf-4f64-ad74-6fc142c61546
x-xss-protection: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=EA55EE6306E54254ACC865152963A977&RedC=c.clarity.ms&MXFR=07B9E4F668D56DFA3990F6CD6CD563FE
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=EA55EE6306E54254ACC865152963A977&RedC=c.clarity.ms&MXFR=07B9E4F668D56DFA3990F6CD6CD563FE
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=EA55EE6306E54254ACC865152963A977&RedC=c.clarity.ms&MXFR=07B9E4F668D56DFA3990F6CD6CD563FE HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tjenestetorget.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=EA55EE6306E54254ACC865152963A977&MUID=3ACE6C58B154623E0CAA7E63B003638F
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3ACE6C58B154623E0CAA7E63B003638F; domain=c.bing.com; expires=Mon, 06-Nov-2023 03:39:27 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 83F681DA5C194F2B95F76D48D42FED56 Ref B: OSL30EDGE0411 Ref C: 2022-10-12T03:39:27Z
date: Wed, 12 Oct 2022 03:39:26 GMT
content-length: 0
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?CC=1&pm=344655&ADFdivider=%7C&ord=210056185961&ADFtpmode=2&loc=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&CPref=https%3A%2F%2Fpdt.tradedoubler.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
37.157.4.23200 OK 191 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?CC=1&pm=344655&ADFdivider=%7C&ord=210056185961&ADFtpmode=2&loc=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&CPref=https%3A%2F%2Fpdt.tradedoubler.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 37.157.4.23:0
File type ASCII text, with CRLF line terminators
Hash 308a301e0b0934142678148a1d27dced
6e3ed003000bdab10a1b64e8252c169eaf97d918
9cfa17fd9d07fe227655a18581433cf2c13c89690fd95d586d1778485ebda175
GET /Serving/TrackPoint/?CC=1&pm=344655&ADFdivider=%7C&ord=210056185961&ADFtpmode=2&loc=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&CPref=https%3A%2F%2Fpdt.tradedoubler.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tjenestetorget.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 03:39:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 191
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=EA55EE6306E54254ACC865152963A977&MUID=3ACE6C58B154623E0CAA7E63B003638F
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=EA55EE6306E54254ACC865152963A977&MUID=3ACE6C58B154623E0CAA7E63B003638F
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=EA55EE6306E54254ACC865152963A977&MUID=3ACE6C58B154623E0CAA7E63B003638F HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tjenestetorget.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 12-Oct-2022 03:49:27 GMT; path=/; SameSite=None; Secure;
date: Wed, 12 Oct 2022 03:39:27 GMT
content-length: 42
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1520
Origin: https://tjenestetorget.no
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://tjenestetorget.no
access-control-allow-credentials: true
date: Wed, 12 Oct 2022 03:39:27 GMT
X-Firefox-Spdy: h2
trc-events.taboola.com/1183637/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=13&ssd=1&est=1665545966584&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1665545968139&vi=1665545966583&ri=ee04f27ab80dd3d505f9c4f84c8a12da&ref=https%3A%2F%2Fpdt.tradedoubler.com%2F&cv=20221006-24-RELEASE&item-url=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&ler=other
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1183637/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=13&ssd=1&est=1665545966584&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1665545968139&vi=1665545966583&ri=ee04f27ab80dd3d505f9c4f84c8a12da&ref=https%3A%2F%2Fpdt.tradedoubler.com%2F&cv=20221006-24-RELEASE&item-url=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&ler=other
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1183637/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=13&ssd=1&est=1665545966584&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1665545968139&vi=1665545966583&ri=ee04f27ab80dd3d505f9c4f84c8a12da&ref=https%3A%2F%2Fpdt.tradedoubler.com%2F&cv=20221006-24-RELEASE&item-url=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&ler=other HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tjenestetorget.no
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 12 Oct 2022 03:39:28 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://tjenestetorget.no
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1492811/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=13&ssd=1&est=1665545966584&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1665545968142&vi=1665545966583&ri=f3afc1b3c8cbefbcd57822ab6e0322c8&ref=https%3A%2F%2Fpdt.tradedoubler.com%2F&cv=20221006-24-RELEASE&item-url=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&ler=other
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1492811/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=13&ssd=1&est=1665545966584&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1665545968142&vi=1665545966583&ri=f3afc1b3c8cbefbcd57822ab6e0322c8&ref=https%3A%2F%2Fpdt.tradedoubler.com%2F&cv=20221006-24-RELEASE&item-url=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&ler=other
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1492811/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=13&ssd=1&est=1665545966584&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1665545968142&vi=1665545966583&ri=f3afc1b3c8cbefbcd57822ab6e0322c8&ref=https%3A%2F%2Fpdt.tradedoubler.com%2F&cv=20221006-24-RELEASE&item-url=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&ler=other HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tjenestetorget.no
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 12 Oct 2022 03:39:28 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://tjenestetorget.no
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
kol.lordoftheentertainingostriches.com/mon
3.248.162.96200 OK 0 B URL HTTP/2 kol.lordoftheentertainingostriches.com/mon
IP 3.248.162.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: kol.lordoftheentertainingostriches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1412
Origin: https://tjenestetorget.no
Connection: keep-alive
Referer: https://tjenestetorget.no/
Cookie: cg_uuid=d7d82ad9c7a3d12e25df75f55972c000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://tjenestetorget.no
content-type: application/json
date: Wed, 12 Oct 2022 03:39:29 GMT
content-length: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50df13c8-d4e3-4d87-8794-332894dfce82.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50df13c8-d4e3-4d87-8794-332894dfce82.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5d47115d404a4b49a15c5aa29f132c2
22a32b863ce79c6165cc90e998f1498bf9e74fd0
549725a62e4c15820c47249ae933120bbb091a55331be511b486307e33ec59c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50df13c8-d4e3-4d87-8794-332894dfce82.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7108
x-amzn-requestid: 9f8e92e1-b64f-46b4-8a87-4d0e5c21bdaf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BzOEmzoAMFsoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e347-3ec5e4d50d2e14a17f88a64d;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:42:31 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -PDUkBoSz0m_qAelLTQB5nwXRYx0vZ-U8MVWzN2ZsKutf1CgDDUhCw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:55:11 GMT
age: 20658
etag: "22a32b863ce79c6165cc90e998f1498bf9e74fd0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
trc.taboola.com/1183637/trc/3/json?tim=1665545966927&data=%7B%22id%22%3A265%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1665545966583%2C%22cv%22%3A%2220221006-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftjenestetorget.no%2F%22%2C%22e%22%3A%22https%3A%2F%2Fpdt.tradedoubler.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtjenestetorgetas%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1665545966591%2C%22ref%22%3A%22https%3A%2F%2Fpdt.tradedoubler.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A13%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/1183637/trc/3/json?tim=1665545966927&data=%7B%22id%22%3A265%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1665545966583%2C%22cv%22%3A%2220221006-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftjenestetorget.no%2F%22%2C%22e%22%3A%22https%3A%2F%2Fpdt.tradedoubler.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtjenestetorgetas%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1665545966591%2C%22ref%22%3A%22https%3A%2F%2Fpdt.tradedoubler.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A13%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
GET /1183637/trc/3/json?tim=1665545966927&data=%7B%22id%22%3A265%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1665545966583%2C%22cv%22%3A%2220221006-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftjenestetorget.no%2F%22%2C%22e%22%3A%22https%3A%2F%2Fpdt.tradedoubler.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtjenestetorgetas%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1665545966591%2C%22ref%22%3A%22https%3A%2F%2Fpdt.tradedoubler.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A13%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 12 Oct 2022 03:39:27 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1665545967.144796,VS0,VE96
vary: Accept-Encoding
x-vcl-time-ms: 96
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.42/clarity.js
13.107.213.53200 OK 0 B URL HTTP/2 www.clarity.ms/eus2/s/0.6.42/clarity.js
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus2/s/0.6.42/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8da7270bdf0d4"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 07zZGYwAAAAD3kgLmMvDiQI1rtTmD+c2AU1ZHMjBFREdFMDYxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 12 Oct 2022 03:39:26 GMT
X-Firefox-Spdy: h2
s2.adform.net/banners/scripts/st/trackpoint-async.js
37.157.6.234200 OK 0 B URL HTTP/2 s2.adform.net/banners/scripts/st/trackpoint-async.js
IP 37.157.6.234:0
GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tjenestetorget.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 03:39:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 05 Oct 2022 12:23:24 GMT
x-rgw-object-type: Normal
etag: W/"4cb8e818a3c8dda5fd80d6d9a55d958d"
x-amz-request-id: tx00000c98c590b9425ff0c-006346215d-329354d9-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?pm=344655&ADFdivider=%7C&ord=210056185961&ADFtpmode=2&loc=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&CPref=https%3A%2F%2Fpdt.tradedoubler.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
37.157.4.23302 Found 0 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=344655&ADFdivider=%7C&ord=210056185961&ADFtpmode=2&loc=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&CPref=https%3A%2F%2Fpdt.tradedoubler.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 37.157.4.23:0
GET /Serving/TrackPoint/?pm=344655&ADFdivider=%7C&ord=210056185961&ADFtpmode=2&loc=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&CPref=https%3A%2F%2Fpdt.tradedoubler.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 12 Oct 2022 03:39:27 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=344655&ADFdivider=%7C&ord=210056185961&ADFtpmode=2&loc=https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c&CPref=https%3A%2F%2Fpdt.tradedoubler.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Sat, 12-Nov-2022 04:39:27 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
tjenestetorget.no/?tduid=be5e7c20e48a6d4cbb17fe7c2fbc1e5c
104.26.0.71200 OK 0 B URL HTTP/2 tjenestetorget.no/?tduid=be5e7c20e48a6d4cbb17fe7c2fbc1e5c
IP 104.26.0.71:0
GET /?tduid=be5e7c20e48a6d4cbb17fe7c2fbc1e5c HTTP/1.1
Host: tjenestetorget.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pdt.tradedoubler.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 12 Oct 2022 03:39:25 GMT
content-type: text/html; charset=UTF-8
cf-ray: 758ccee4fcd3b4f1-OSL
cache-control: no-cache, private
set-cookie: new_tt_session=eyJpdiI6Ikdsb0c1cWlJVStaUjJibnNIVkd5MEE9PSIsInZhbHVlIjoiWnRJNXVxSXZEQjFSamxpSjdpQ0RxZTU5WG84alE0K1BQYk91cGdVb1orYXdRYVdCSENzcXkrWkkrdHdiMHFiOTJWQ0h5eFJ3Z2Y2YzVTSm10ZCsrZVl4bEFXRStrc0lDRGJ5UDYvdjA0alZaNUhHSlZRTTQ3QXB5MUhXSzZRRzYiLCJtYWMiOiIxNzQ0NzVkYzkwMzBiNmI1YThlOWE1YjZiZTE1MTNjNjk4OGQzMGIzYzBhMmM2YmJlMWJmMDc0YmNjOWI5YTM4IiwidGFnIjoiIn0%3D; expires=Wed, 26-Oct-2022 03:39:25 GMT; Max-Age=1209600; path=/; domain=.tjenestetorget.no; secure; httponly
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-CSRF-TOKEN, Cache-Control
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Bbm4zypET2CBHMVoAZUtSVXqsd%2F2K7t3Py0lcS31eIEZwcFnTovckc9HQeE7iqYTtd%2BYeLr4b%2FfqAv%2BTOILcfp07K6eMR6cMEqXE0cwldEU%2FRWIdC5DQo8UZBtULPqrFrb2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trc.taboola.com/1492811/trc/3/json?tim=1665545966588&data=%7B%22id%22%3A88%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1665545966583%2C%22cv%22%3A%2220221006-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftjenestetorget.no%2F%22%2C%22e%22%3A%22https%3A%2F%2Fpdt.tradedoubler.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtjenestetorgetas%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1665545966587%2C%22ref%22%3A%22https%3A%2F%2Fpdt.tradedoubler.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A13%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/1492811/trc/3/json?tim=1665545966588&data=%7B%22id%22%3A88%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1665545966583%2C%22cv%22%3A%2220221006-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftjenestetorget.no%2F%22%2C%22e%22%3A%22https%3A%2F%2Fpdt.tradedoubler.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtjenestetorgetas%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1665545966587%2C%22ref%22%3A%22https%3A%2F%2Fpdt.tradedoubler.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A13%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
GET /1492811/trc/3/json?tim=1665545966588&data=%7B%22id%22%3A88%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1665545966583%2C%22cv%22%3A%2220221006-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftjenestetorget.no%2F%22%2C%22e%22%3A%22https%3A%2F%2Fpdt.tradedoubler.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtjenestetorgetas%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1665545966587%2C%22ref%22%3A%22https%3A%2F%2Fpdt.tradedoubler.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Ftjenestetorget.no%2F%3Ftduid%3Dbe5e7c20e48a6d4cbb17fe7c2fbc1e5c%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A13%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 12 Oct 2022 03:39:26 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1665545967.856376,VS0,VE101
vary: Accept-Encoding
x-vcl-time-ms: 101
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/22019885
13.107.213.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/uet/22019885
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/uet/22019885 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tjenestetorget.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=be7b048cd7c94a478082d1c33262646d.20221012.20231012; expires=Thu, 12 Oct 2023 03:39:26 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
x-cache: CONFIG_NOCACHE
x-azure-ref: 07jZGYwAAAACt40SSUhr6T77wKU/WXiBoU1ZHMjBFREdFMDYxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 12 Oct 2022 03:39:26 GMT
X-Firefox-Spdy: h2