r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15944
Expires: Sat, 10 Dec 2022 13:13:05 GMT
Date: Sat, 10 Dec 2022 08:47:21 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2353
Expires: Sat, 10 Dec 2022 09:26:34 GMT
Date: Sat, 10 Dec 2022 08:47:21 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9663
Expires: Sat, 10 Dec 2022 11:28:24 GMT
Date: Sat, 10 Dec 2022 08:47:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 08:33:20 GMT
content-type: application/json
age: 841
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EsYAA8Kpj0zX18PAHsDggPKRFd5oKs1QHjr0Nt3IRpEHjF4lN96VS8cSslpcSDT0mFfcDgQOP2k=
x-amz-request-id: RXN9T5YN539NAN6B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 07:50:35 GMT
age: 3406
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 08:47:21 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
gcmv.com/
185.53.177.71200 OK 2.4 kB IP 185.53.177.71:0
ASN #61969 Team Internet AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2170)
Hash 0b9e18647dd7673b1acb5e3ad6b70ce4
622ea950b69980d8b393a1f6b1b82f03b23a6959
7aec5b6d6b68a2388ef768a31b02c45229953222070d632f64723144b24ea961
GET / HTTP/1.1
Host: gcmv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 08:47:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Redirect: zeropark_zeroclick
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
d38psrni17bvxu.cloudfront.net/scripts/js3.js
54.230.245.22200 OK 1.1 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/js3.js
IP 54.230.245.22:0
File type ASCII text, with very long lines (506)
Hash 64b79b43df8fbf2c5d082964b9116a68
dc3c763519baf0f4c32bb60bfc429651a491ea01
c57e9feec209e3ea5eb1d75a1ba6fa277242a3df250055be8446052b51e58637
Analyzer Verdict Alert fortinet Malware
GET /scripts/js3.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gcmv.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1134
Connection: keep-alive
Server: nginx
Date: Sat, 10 Dec 2022 04:54:34 GMT
Last-Modified: Tue, 17 Aug 2021 09:17:22 GMT
Accept-Ranges: bytes
ETag: "611b7ea2-46e"
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HD5XS83OEU8TYN6J7piG2_1NPgy0OPrRV2vE7lPCq5yp_yF8qppAug==
Age: 13968
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 08:07:55 GMT
age: 2367
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2094
Cache-Control: max-age=89667
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:22 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:41:49 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.213.75101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.213.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +iN6YnKSipBwHNE92I/g+Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0NXn4sWwGAlYJNpgUy5/UbzK3gY=
gcmv.com/track.php?domain=gcmv.com&toggle=browserjs&uid=MTY3MDY2MjA0MS43NTQyOjA0ZjI2YmZlMmJjNTExODMxNjA1MTQ2ZTY4NjgyYTE3MmRlYWUwMzVkODVlZGJkOWE4YjU2NTc0MWMwYWNhYjg6NjM5NDQ3OTliODIyOQ%3D%3D
185.53.177.71200 OK 20 B URL HTTP/1.1 gcmv.com/track.php?domain=gcmv.com&toggle=browserjs&uid=MTY3MDY2MjA0MS43NTQyOjA0ZjI2YmZlMmJjNTExODMxNjA1MTQ2ZTY4NjgyYTE3MmRlYWUwMzVkODVlZGJkOWE4YjU2NTc0MWMwYWNhYjg6NjM5NDQ3OTliODIyOQ%3D%3D
IP 185.53.177.71:0
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=gcmv.com&toggle=browserjs&uid=MTY3MDY2MjA0MS43NTQyOjA0ZjI2YmZlMmJjNTExODMxNjA1MTQ2ZTY4NjgyYTE3MmRlYWUwMzVkODVlZGJkOWE4YjU2NTc0MWMwYWNhYjg6NjM5NDQ3OTliODIyOQ%3D%3D HTTP/1.1
Host: gcmv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gcmv.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 08:47:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
gcmv.com/ls.php
185.53.177.71201 Created 0 B IP 185.53.177.71:0
ASN #61969 Team Internet AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ls.php HTTP/1.1
Host: gcmv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2122
Origin: http://gcmv.com
Connection: keep-alive
Referer: http://gcmv.com/
HTTP/1.1 201 Created
Server: nginx
Date: Sat, 10 Dec 2022 08:47:22 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 6394479a9262991fc4062082
Charset: utf-8
Access-Control-Allow-Origin: http://gcmv.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_ELuFlHuQg+6ybi0fo5aFuEiOIglHzrSr1yUqFOmI7enx5yhoLi9LacQG3EGiBRlfwVjyZOQYQodRNM0bH4Hrtw==
gcmv.com/favicon.ico
185.53.177.71200 OK 0 B IP 185.53.177.71:0
ASN #61969 Team Internet AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: gcmv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gcmv.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 08:47:23 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
gcmv.com/track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=gcmv.com&uid=MTY3MDY2MjA0MS43NTQyOjA0ZjI2YmZlMmJjNTExODMxNjA1MTQ2ZTY4NjgyYTE3MmRlYWUwMzVkODVlZGJkOWE4YjU2NTc0MWMwYWNhYjg6NjM5NDQ3OTliODIyOQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2Mzk0NDc5OWI4MjBifHx8MTY3MDY2MjA0Mi4wNjE2fDYzZWU4ZmJlNTE4NzBkMDc1NDMyNmQ3ZGRiYTI3MzQyNzVmODE0YzZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxiNGRjYTg3NWFlYzBkYTM2MjYwNDRlODNjOWE3ZTBiMDAxZWY1NzY3fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
185.53.177.71200 OK 20 B URL HTTP/1.1 gcmv.com/track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=gcmv.com&uid=MTY3MDY2MjA0MS43NTQyOjA0ZjI2YmZlMmJjNTExODMxNjA1MTQ2ZTY4NjgyYTE3MmRlYWUwMzVkODVlZGJkOWE4YjU2NTc0MWMwYWNhYjg6NjM5NDQ3OTliODIyOQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2Mzk0NDc5OWI4MjBifHx8MTY3MDY2MjA0Mi4wNjE2fDYzZWU4ZmJlNTE4NzBkMDc1NDMyNmQ3ZGRiYTI3MzQyNzVmODE0YzZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxiNGRjYTg3NWFlYzBkYTM2MjYwNDRlODNjOWE3ZTBiMDAxZWY1NzY3fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
IP 185.53.177.71:0
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=gcmv.com&uid=MTY3MDY2MjA0MS43NTQyOjA0ZjI2YmZlMmJjNTExODMxNjA1MTQ2ZTY4NjgyYTE3MmRlYWUwMzVkODVlZGJkOWE4YjU2NTc0MWMwYWNhYjg6NjM5NDQ3OTliODIyOQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2Mzk0NDc5OWI4MjBifHx8MTY3MDY2MjA0Mi4wNjE2fDYzZWU4ZmJlNTE4NzBkMDc1NDMyNmQ3ZGRiYTI3MzQyNzVmODE0YzZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxiNGRjYTg3NWFlYzBkYTM2MjYwNDRlODNjOWE3ZTBiMDAxZWY1NzY3fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off HTTP/1.1
Host: gcmv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gcmv.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 08:47:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-View-Match: true
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ciar-kep.com/zcvisitor/42fc0292-7867-11ed-b3fd-12d7aaa3c45d/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4307e974-7867-11ed-b3fd-12d7aaa3c45d
3.212.50.125200 1.1 kB URL HTTP/1.1 ciar-kep.com/zcvisitor/42fc0292-7867-11ed-b3fd-12d7aaa3c45d/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4307e974-7867-11ed-b3fd-12d7aaa3c45d
IP 3.212.50.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a670c085c22d709fadabaa874fdceb12
7de217ab339a353fadfea71e430a2af2ec38927e
46d52e4c2a6ad4e229e2e7bb7e8d688889cd4021edd3dc5a40aac10b92cea738
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /zcvisitor/42fc0292-7867-11ed-b3fd-12d7aaa3c45d/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4307e974-7867-11ed-b3fd-12d7aaa3c45d HTTP/1.1
Host: ciar-kep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gcmv.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sat, 10 Dec 2022 08:47:23 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: bogYIeqz
ciar-kep.com/zcredirect?visitid=42fc0292-7867-11ed-b3fd-12d7aaa3c45d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
3.212.50.125200 424 B URL HTTP/1.1 ciar-kep.com/zcredirect?visitid=42fc0292-7867-11ed-b3fd-12d7aaa3c45d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 3.212.50.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash da65d3cdf24cfb12f8a5156f35dcd2fd
dcd2681e6296c5d32e00bad852f9012ccb327602
05a3df923415ddd774aebd19d2197314b44376f8375ac96f4b6b7834b9b3e2f0
Analyzer Verdict Alert quad9 Sinkholed
GET /zcredirect?visitid=42fc0292-7867-11ed-b3fd-12d7aaa3c45d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: ciar-kep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ciar-kep.com/zcvisitor/42fc0292-7867-11ed-b3fd-12d7aaa3c45d/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4307e974-7867-11ed-b3fd-12d7aaa3c45d
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sat, 10 Dec 2022 08:47:23 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: DbUgsKCL
ciar-kep.com/favicon.ico
3.212.50.125404 653 B IP 3.212.50.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: ciar-kep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ciar-kep.com/zcredirect?visitid=42fc0292-7867-11ed-b3fd-12d7aaa3c45d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Sat, 10 Dec 2022 08:47:23 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: bskIKUgB
r.redirekted.com/redirect?redirect_id=f457e9b3aa2bde47d62ada2f6ad9f095&request_id=4a446d1e8c217c60ed103df0aeb8db3e
66.165.243.160200 OK 794 B URL HTTP/1.1 r.redirekted.com/redirect?redirect_id=f457e9b3aa2bde47d62ada2f6ad9f095&request_id=4a446d1e8c217c60ed103df0aeb8db3e
IP 66.165.243.160:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (303)
Hash dc1dcd6de17acd0fab6bad73333998d5
e362d49b6c07c9d43d0ce7ce8e49a45bf37c516a
7afd808618eeb17d1cfbdcac99aa76ee6f00f7aad314664508578ca7c156a36b
GET /redirect?redirect_id=f457e9b3aa2bde47d62ada2f6ad9f095&request_id=4a446d1e8c217c60ed103df0aeb8db3e HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ciar-kep.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Sat, 10 Dec 2022 08:47:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.14
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9845
Expires: Sat, 10 Dec 2022 11:31:29 GMT
Date: Sat, 10 Dec 2022 08:47:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9845
Expires: Sat, 10 Dec 2022 11:31:29 GMT
Date: Sat, 10 Dec 2022 08:47:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9845
Expires: Sat, 10 Dec 2022 11:31:29 GMT
Date: Sat, 10 Dec 2022 08:47:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9845
Expires: Sat, 10 Dec 2022 11:31:29 GMT
Date: Sat, 10 Dec 2022 08:47:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9845
Expires: Sat, 10 Dec 2022 11:31:29 GMT
Date: Sat, 10 Dec 2022 08:47:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3fb520-edaa-4af1-9369-2e90ba97fadd.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3fb520-edaa-4af1-9369-2e90ba97fadd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7abc253f87be063c8bccb9dcf8c1ccfa
088c938e8807779f1f9d3113d89a152d8c9389c3
a07c81bff4bda55ae45f3cbdbdd1f91d761582a7eb3c75d4d82a6c6ff56b7a37
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3fb520-edaa-4af1-9369-2e90ba97fadd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6818
x-amzn-requestid: f4de5113-c58a-4dc5-a3a5-fb3cf023b679
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw46AEQsoAMFu8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903b73-12594da83576d6b74640ea1a;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:06:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: u0zRqQte0Zzxlq3nDnNbNmfV0S5w-JKfeKj3NNnT_vaXyuN0v9cKVw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 08:13:27 GMT
age: 2037
etag: "088c938e8807779f1f9d3113d89a152d8c9389c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0cb823bf2991a7047962ee388f00dc0
4a0377cd21b6ab69f7e45392a547c9846e607464
86e8e629ffd2efe7c4c86a7e140412dae81a35376cb7f03ee511c6e1d023c788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9948
x-amzn-requestid: 0b1400a6-7791-468f-a1d5-b46836e7b164
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMEGNZoAMF7ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4d-124f9a6f03db01a67784657f;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oTKfu5W6CwOWjb8xOm9ZTu_X_w4JXU7uz4BstlwXZ9k8strPr9H4vg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:22 GMT
age: 39242
etag: "4a0377cd21b6ab69f7e45392a547c9846e607464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0df452512aae4c4c1f4a2cd263b16dfd
68bac75574641febc463bd0819392dae2da15811
e0a9301c5be849e116f1d98b819c2eb91f73e74d836f3e099f2cd266e8f0bb36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: YTqJN92gTy04q3obEXe4P1gmG2h9b2IQjjSkkUXyqnfFOL67uobN4Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:58:18 GMT
age: 38946
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3acf5a494a6bb8b26858974ede70a33
4bccc3032f7427d881a49250e576c05dd7d5614f
786db0da1198986aeba9aa420a7c89b5b27a09bc48c3806769342159f116705d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12047
x-amzn-requestid: 87cb3342-c784-4ea1-a96e-d1e581a86bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czqP1Fd0IAMFdww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63915731-178eb2960448312e146f5bd4;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 03:17:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BjbkkmxxwK9xut7yloGC9fRwhMLQRtfcU1JWiyqAUfMNk-WPQab1Cg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:03:10 GMT
age: 38654
etag: "4bccc3032f7427d881a49250e576c05dd7d5614f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 052b61a3bd1c839e1f5ce37834cad817
1fbbf8fb328a1406904d6346004e2c89c6ba2419
96dcb266eaec98f6305071598df3b49ca93234e0e8b1c8c9801a1a99d7f5c817
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7811
x-amzn-requestid: dc97f86e-a29c-4139-887a-e775a0327280
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4EH_oAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-3a38086160ac180b3f8cf5d8;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TM_0Q_GmJDuXth6JpRvm_JAZXwT-xFZEjzuMeIzfzBu1J5jQ_Tng9A==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:15:38 GMT
etag: "1fbbf8fb328a1406904d6346004e2c89c6ba2419"
content-type: image/jpeg
age: 37906
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 05:47:56 GMT
age: 10768
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r.redirekted.com/css/adren.css?n=2641516170
66.165.243.160200 OK 243 B URL HTTP/1.1 r.redirekted.com/css/adren.css?n=2641516170
IP 66.165.243.160:0
Hash f72acd3fece9f7cf58643616c745b2ea
92bc529a83c5466fbf6b9e702eef1e59644687a1
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
GET /css/adren.css?n=2641516170 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=f457e9b3aa2bde47d62ada2f6ad9f095&request_id=4a446d1e8c217c60ed103df0aeb8db3e
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Sat, 10 Dec 2022 08:47:24 GMT
Content-Type: text/css
Content-Length: 243
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-f3"
Accept-Ranges: bytes
r.redirekted.com/js/adren.min.js?n=2641516170
66.165.243.160200 OK 7.5 kB URL HTTP/1.1 r.redirekted.com/js/adren.min.js?n=2641516170
IP 66.165.243.160:0
File type ASCII text, with very long lines (7528), with no line terminators
Hash 9a9ec61d7e275f25fe83f0aa93bd2e41
8a3a23c432b601e9f8f8fe2b61f0fedbc341c9ac
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
GET /js/adren.min.js?n=2641516170 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=f457e9b3aa2bde47d62ada2f6ad9f095&request_id=4a446d1e8c217c60ed103df0aeb8db3e
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Sat, 10 Dec 2022 08:47:24 GMT
Content-Type: application/javascript
Content-Length: 7528
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-1d68"
Accept-Ranges: bytes
r.redirekted.com/favicon.ico
66.165.243.160200 OK 0 B URL HTTP/1.1 r.redirekted.com/favicon.ico
IP 66.165.243.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=f457e9b3aa2bde47d62ada2f6ad9f095&request_id=4a446d1e8c217c60ed103df0aeb8db3e
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Sat, 10 Dec 2022 08:47:24 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-0"
Accept-Ranges: bytes
r.redirekted.com/go?e=04mWWSFWwxGsmWFLeZKq94aq8cRsyHmB9gGp9flp0uRsuAvC8MKq9blB5jwX70KC59Gr8RPXd8IsyHGC-uPrYcPX0cxX-ZFC9AKA803B5ymX2EaFefmX5flp94QsmkQL59Gr-RPX58IA3OKM7cRn7VQX1c0rbHHC0VUM7ZGLsqHr-ZTn8gwXskKWzxHs7DaL8W3X7VmFtMHAbxRE55QMYImq4uJsmOaCmtvVtEwLwbHVbVFL9AaWxk3Bk1QsYkQLe4mW8bPXvVzX-xaBetvVVgPX9yQsugFC85wWVy3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW
66.165.243.160200 OK 1.7 kB URL HTTP/1.1 r.redirekted.com/go?e=04mWWSFWwxGsmWFLeZKq94aq8cRsyHmB9gGp9flp0uRsuAvC8MKq9blB5jwX70KC59Gr8RPXd8IsyHGC-uPrYcPX0cxX-ZFC9AKA803B5ymX2EaFefmX5flp94QsmkQL59Gr-RPX58IA3OKM7cRn7VQX1c0rbHHC0VUM7ZGLsqHr-ZTn8gwXskKWzxHs7DaL8W3X7VmFtMHAbxRE55QMYImq4uJsmOaCmtvVtEwLwbHVbVFL9AaWxk3Bk1QsYkQLe4mW8bPXvVzX-xaBetvVVgPX9yQsugFC85wWVy3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW
IP 66.165.243.160:0
File type HTML document, ASCII text, with very long lines (459)
Hash 1ed8b0a2013335969e5e3bdb147d718f
7e45c3f1cda15b46821d888bda25d433bab973b1
7ff553b17cbc5369c0869a05a5ee1ac3d94bc3d4fe4ecc50d6aa2464e8296ff3
GET /go?e=04mWWSFWwxGsmWFLeZKq94aq8cRsyHmB9gGp9flp0uRsuAvC8MKq9blB5jwX70KC59Gr8RPXd8IsyHGC-uPrYcPX0cxX-ZFC9AKA803B5ymX2EaFefmX5flp94QsmkQL59Gr-RPX58IA3OKM7cRn7VQX1c0rbHHC0VUM7ZGLsqHr-ZTn8gwXskKWzxHs7DaL8W3X7VmFtMHAbxRE55QMYImq4uJsmOaCmtvVtEwLwbHVbVFL9AaWxk3Bk1QsYkQLe4mW8bPXvVzX-xaBetvVVgPX9yQsugFC85wWVy3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=f457e9b3aa2bde47d62ada2f6ad9f095&request_id=4a446d1e8c217c60ed103df0aeb8db3e
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Sat, 10 Dec 2022 08:47:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.14
Set-Cookie: uuid=8203267089578637312; expires=Sun, 11-Dec-2022 08:47:24 GMT; Max-Age=86400
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Sat, 10 Dec 2022 08:13:43 GMT
Expires: Sat, 10 Dec 2022 10:13:43 GMT
Cache-Control: public, max-age=7200
Age: 2021
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
www.google-analytics.com/collect?v=1&_v=j98&a=1379799045&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWwxGsmWFLeZKq94aq8cRsyHmB9gGp9flp0uRsuAvC8MKq9blB5jwX70KC59Gr8RPXd8IsyHGC-uPrYcPX0cxX-ZFC9AKA803B5ymX2EaFefmX5flp94QsmkQL59Gr-RPX58IA3OKM7cRn7VQX1c0rbHHC0VUM7ZGLsqHr-ZTn8gwXskKWzxHs7DaL8W3X7VmFtMHAbxRE55QMYImq4uJsmOaCmtvVtEwLwbHVbVFL9AaWxk3Bk1QsYkQLe4mW8bPXvVzX-xaBetvVVgPX9yQsugFC85wWVy3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=2125813694.1670662043&tid=UA-32454353-1&_gid=895170391.1670662043&cd1=oz9lo258n2kesUk8sT5ipz9hsTgfn3k8sUj%3D&z=1788655988
142.250.74.14200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j98&a=1379799045&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWwxGsmWFLeZKq94aq8cRsyHmB9gGp9flp0uRsuAvC8MKq9blB5jwX70KC59Gr8RPXd8IsyHGC-uPrYcPX0cxX-ZFC9AKA803B5ymX2EaFefmX5flp94QsmkQL59Gr-RPX58IA3OKM7cRn7VQX1c0rbHHC0VUM7ZGLsqHr-ZTn8gwXskKWzxHs7DaL8W3X7VmFtMHAbxRE55QMYImq4uJsmOaCmtvVtEwLwbHVbVFL9AaWxk3Bk1QsYkQLe4mW8bPXvVzX-xaBetvVVgPX9yQsugFC85wWVy3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=2125813694.1670662043&tid=UA-32454353-1&_gid=895170391.1670662043&cd1=oz9lo258n2kesUk8sT5ipz9hsTgfn3k8sUj%3D&z=1788655988
IP 142.250.74.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j98&a=1379799045&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFWwxGsmWFLeZKq94aq8cRsyHmB9gGp9flp0uRsuAvC8MKq9blB5jwX70KC59Gr8RPXd8IsyHGC-uPrYcPX0cxX-ZFC9AKA803B5ymX2EaFefmX5flp94QsmkQL59Gr-RPX58IA3OKM7cRn7VQX1c0rbHHC0VUM7ZGLsqHr-ZTn8gwXskKWzxHs7DaL8W3X7VmFtMHAbxRE55QMYImq4uJsmOaCmtvVtEwLwbHVbVFL9AaWxk3Bk1QsYkQLe4mW8bPXvVzX-xaBetvVVgPX9yQsugFC85wWVy3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=2125813694.1670662043&tid=UA-32454353-1&_gid=895170391.1670662043&cd1=oz9lo258n2kesUk8sT5ipz9hsTgfn3k8sUj%3D&z=1788655988 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Fri, 09 Dec 2022 13:33:31 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
Age: 69233
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6e810ea7668c1e6f86a5f2dddbd6d3ee
c45ed366e4dd9b313044baee29db0d747125a24f
c8bd3e832ac2c1c8bad035289f4698602b9ad1c69adb5e455b00e459a3d4c08a
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5965
Cache-Control: max-age=123768
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:24 GMT
Etag: "639370c7-1d7"
Expires: Sun, 11 Dec 2022 19:10:12 GMT
Last-Modified: Fri, 09 Dec 2022 17:30:47 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670628077933&.sig=I0vBaGbEIQq2C0vIoXALhuCPu2c-&affiliationId=96965866&comId=100541924&country=no&offerId=74e63af7634f51f1c518cc4fa339ee58&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=Ns7DQM9gHragFL9IHA6D2BmRTLaIPCbqzsyDaE-IPpT13p4MRsyLlK3ZUqVk3pzZTsmuUL&custom2=jKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB
95.211.116.27200 OK 30 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670628077933&.sig=I0vBaGbEIQq2C0vIoXALhuCPu2c-&affiliationId=96965866&comId=100541924&country=no&offerId=74e63af7634f51f1c518cc4fa339ee58&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=Ns7DQM9gHragFL9IHA6D2BmRTLaIPCbqzsyDaE-IPpT13p4MRsyLlK3ZUqVk3pzZTsmuUL&custom2=jKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash d75c4e84dbe9d44aa672ea28922e61f9
b1d1a7de31d8c3a6596bb076658eac4029cab068
61593e8ce7c9214d203e43ddfedbd8d57d1a5f0351d04b181279d04c92308eea
GET /ctl/go/offersearchGo?.ts=1670628077933&.sig=I0vBaGbEIQq2C0vIoXALhuCPu2c-&affiliationId=96965866&comId=100541924&country=no&offerId=74e63af7634f51f1c518cc4fa339ee58&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=Ns7DQM9gHragFL9IHA6D2BmRTLaIPCbqzsyDaE-IPpT13p4MRsyLlK3ZUqVk3pzZTsmuUL&custom2=jKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://r.redirekted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 08:47:24 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670662044676_1078391
clickId: 107698148_1670662044671_2782960
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.015637S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 29995
Set-Cookie: datadome=fnUvVCxzxolEWuZYarNDqKA_HnL5Dgm~jcXknW8lIIYO4dBzvL5JgRFYA-Ab0cDJwZAFa8Gg_pfil00IkP-OwtCzL5ECEpulKg3zOnz3m5Mbe_gpwz3HN14rVPtqY3Q; Max-Age=31536000; Expires=Sun, 10 Dec 2023 08:47:24 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c6294-184fb37bbff-eabe0; Max-Age=31536000; Expires=Sun, 10 Dec 2023 08:47:24 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=97
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c0a30d8df012716a6730459db6d995e58c24eb701f6e24792d684af8ea49c12887b29f7b8a134a8f652025cb66ad77b67238edcf122d8eaca4d8704a5ca307dd7aa4cbb6bf4c5ad15b64ec2a4e828b79c9b25aee6cc6317a69e8bb72b34ca571c5b19b27f1a9d16224193b849e9c84665eb276d3455c3ee1f6eb845d278f5998d20a427a3579489b4c0be821fc644c51b1571a2d520438669b6dd7b0b5fab1d4bfb20511ef8853916ce92509b204e39450570f09500bdf7fe8d297aa46ae13cccd9f907622287cdea3450fbb50289a5ac41714069426b608815ac19d6528f8a04a0eb4d183f320ce017ba1721037758bed73195624ae9dd8f7847060cf9d6f03b109dff3a0565bb678&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670662044676_1078391&clickId=107698148_1670662044671_2782960
95.211.116.27200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c0a30d8df012716a6730459db6d995e58c24eb701f6e24792d684af8ea49c12887b29f7b8a134a8f652025cb66ad77b67238edcf122d8eaca4d8704a5ca307dd7aa4cbb6bf4c5ad15b64ec2a4e828b79c9b25aee6cc6317a69e8bb72b34ca571c5b19b27f1a9d16224193b849e9c84665eb276d3455c3ee1f6eb845d278f5998d20a427a3579489b4c0be821fc644c51b1571a2d520438669b6dd7b0b5fab1d4bfb20511ef8853916ce92509b204e39450570f09500bdf7fe8d297aa46ae13cccd9f907622287cdea3450fbb50289a5ac41714069426b608815ac19d6528f8a04a0eb4d183f320ce017ba1721037758bed73195624ae9dd8f7847060cf9d6f03b109dff3a0565bb678&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670662044676_1078391&clickId=107698148_1670662044671_2782960
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c0a30d8df012716a6730459db6d995e58c24eb701f6e24792d684af8ea49c12887b29f7b8a134a8f652025cb66ad77b67238edcf122d8eaca4d8704a5ca307dd7aa4cbb6bf4c5ad15b64ec2a4e828b79c9b25aee6cc6317a69e8bb72b34ca571c5b19b27f1a9d16224193b849e9c84665eb276d3455c3ee1f6eb845d278f5998d20a427a3579489b4c0be821fc644c51b1571a2d520438669b6dd7b0b5fab1d4bfb20511ef8853916ce92509b204e39450570f09500bdf7fe8d297aa46ae13cccd9f907622287cdea3450fbb50289a5ac41714069426b608815ac19d6528f8a04a0eb4d183f320ce017ba1721037758bed73195624ae9dd8f7847060cf9d6f03b109dff3a0565bb678&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670662044676_1078391&clickId=107698148_1670662044671_2782960 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670628077933&.sig=I0vBaGbEIQq2C0vIoXALhuCPu2c-&affiliationId=96965866&comId=100541924&country=no&offerId=74e63af7634f51f1c518cc4fa339ee58&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=Ns7DQM9gHragFL9IHA6D2BmRTLaIPCbqzsyDaE-IPpT13p4MRsyLlK3ZUqVk3pzZTsmuUL&custom2=jKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB
Connection: keep-alive
Cookie: datadome=fnUvVCxzxolEWuZYarNDqKA_HnL5Dgm~jcXknW8lIIYO4dBzvL5JgRFYA-Ab0cDJwZAFa8Gg_pfil00IkP-OwtCzL5ECEpulKg3zOnz3m5Mbe_gpwz3HN14rVPtqY3Q; kelkooID=a4c6294-184fb37bbff-eabe0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 08:47:24 GMT
Request-Time: PT0.001616S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=80
Connection: Keep-Alive
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c0a30d8df012716a6730459db6d995e58c24eb701f6e24792d684af8ea49c12887b29f7b8a134a8f652025cb66ad77b67238edcf122d8eaca4d8704a5ca307dd7aa4cbb6bf4c5ad15b64ec2a4e828b79c9b25aee6cc6317a69e8bb72b34ca571c5b19b27f1a9d16224193b849e9c84665eb276d3455c3ee1f6eb845d278f5998d20a427a3579489b4c0be821fc644c51b1571a2d520438669b6dd7b0b5fab1d4bfb20511ef8853916ce92509b204e39450570f09500bdf7fe8d297aa46ae13cccd9f907622287cdea3450fbb50289a5ac41714069426b608815ac19d6528f8a04a0eb4d183f320ce017ba1721037758bed73195624ae9dd8f7847060cf9d6f03b109dff3a0565bb678&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670662044676_1078391&clickId=107698148_1670662044671_2782960
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c0a30d8df012716a6730459db6d995e58c24eb701f6e24792d684af8ea49c12887b29f7b8a134a8f652025cb66ad77b67238edcf122d8eaca4d8704a5ca307dd7aa4cbb6bf4c5ad15b64ec2a4e828b79c9b25aee6cc6317a69e8bb72b34ca571c5b19b27f1a9d16224193b849e9c84665eb276d3455c3ee1f6eb845d278f5998d20a427a3579489b4c0be821fc644c51b1571a2d520438669b6dd7b0b5fab1d4bfb20511ef8853916ce92509b204e39450570f09500bdf7fe8d297aa46ae13cccd9f907622287cdea3450fbb50289a5ac41714069426b608815ac19d6528f8a04a0eb4d183f320ce017ba1721037758bed73195624ae9dd8f7847060cf9d6f03b109dff3a0565bb678&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670662044676_1078391&clickId=107698148_1670662044671_2782960
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c0a30d8df012716a6730459db6d995e58c24eb701f6e24792d684af8ea49c12887b29f7b8a134a8f652025cb66ad77b67238edcf122d8eaca4d8704a5ca307dd7aa4cbb6bf4c5ad15b64ec2a4e828b79c9b25aee6cc6317a69e8bb72b34ca571c5b19b27f1a9d16224193b849e9c84665eb276d3455c3ee1f6eb845d278f5998d20a427a3579489b4c0be821fc644c51b1571a2d520438669b6dd7b0b5fab1d4bfb20511ef8853916ce92509b204e39450570f09500bdf7fe8d297aa46ae13cccd9f907622287cdea3450fbb50289a5ac41714069426b608815ac19d6528f8a04a0eb4d183f320ce017ba1721037758bed73195624ae9dd8f7847060cf9d6f03b109dff3a0565bb678&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670662044676_1078391&clickId=107698148_1670662044671_2782960 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670628077933&.sig=I0vBaGbEIQq2C0vIoXALhuCPu2c-&affiliationId=96965866&comId=100541924&country=no&offerId=74e63af7634f51f1c518cc4fa339ee58&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=Ns7DQM9gHragFL9IHA6D2BmRTLaIPCbqzsyDaE-IPpT13p4MRsyLlK3ZUqVk3pzZTsmuUL&custom2=jKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=fnUvVCxzxolEWuZYarNDqKA_HnL5Dgm~jcXknW8lIIYO4dBzvL5JgRFYA-Ab0cDJwZAFa8Gg_pfil00IkP-OwtCzL5ECEpulKg3zOnz3m5Mbe_gpwz3HN14rVPtqY3Q; kelkooID=a4c6294-184fb37bbff-eabe0; _ga=GA1.2.1808273210.1670662043; _gid=GA1.2.524240620.1670662043
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 08:47:24 GMT
Request-Time: PT0.003769S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=86
Connection: Keep-Alive
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c0a30d8df012716a6730459db6d995e58c24eb701f6e24792d684af8ea49c12887b29f7b8a134a8f652025cb66ad77b67238edcf122d8eaca4d8704a5ca307dd7aa4cbb6bf4c5ad15b64ec2a4e828b79c9b25aee6cc6317a69e8bb72b34ca571c5b19b27f1a9d16224193b849e9c84665eb276d3455c3ee1f6eb845d278f5998d20a427a3579489b4c0be821fc644c51b1571a2d520438669b6dd7b0b5fab1d4bfb20511ef8853916ce92509b204e39450570f09500bdf7fe8d297aa46ae13cccd9f907622287cdea3450fbb50289a5ac41714069426b608815ac19d6528f8a04a0eb4d183f320ce017ba1721037758bed73195624ae9dd8f7847060cf9d6f03b109dff3a0565bb678&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670662044676_1078391&clickId=107698148_1670662044671_2782960&url=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Finger-in-dubai%2F%3Fkk%3Da4c6294-184fb37bbff-eabe0%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DTreningsdagbok%2BMed%2BInger%2BIn%2BDubai&initiator=timeout
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c0a30d8df012716a6730459db6d995e58c24eb701f6e24792d684af8ea49c12887b29f7b8a134a8f652025cb66ad77b67238edcf122d8eaca4d8704a5ca307dd7aa4cbb6bf4c5ad15b64ec2a4e828b79c9b25aee6cc6317a69e8bb72b34ca571c5b19b27f1a9d16224193b849e9c84665eb276d3455c3ee1f6eb845d278f5998d20a427a3579489b4c0be821fc644c51b1571a2d520438669b6dd7b0b5fab1d4bfb20511ef8853916ce92509b204e39450570f09500bdf7fe8d297aa46ae13cccd9f907622287cdea3450fbb50289a5ac41714069426b608815ac19d6528f8a04a0eb4d183f320ce017ba1721037758bed73195624ae9dd8f7847060cf9d6f03b109dff3a0565bb678&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670662044676_1078391&clickId=107698148_1670662044671_2782960&url=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Finger-in-dubai%2F%3Fkk%3Da4c6294-184fb37bbff-eabe0%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DTreningsdagbok%2BMed%2BInger%2BIn%2BDubai&initiator=timeout
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eedc72d34123a3320c0a30d8df012716a6730459db6d995e58c24eb701f6e24792d684af8ea49c12887b29f7b8a134a8f652025cb66ad77b67238edcf122d8eaca4d8704a5ca307dd7aa4cbb6bf4c5ad15b64ec2a4e828b79c9b25aee6cc6317a69e8bb72b34ca571c5b19b27f1a9d16224193b849e9c84665eb276d3455c3ee1f6eb845d278f5998d20a427a3579489b4c0be821fc644c51b1571a2d520438669b6dd7b0b5fab1d4bfb20511ef8853916ce92509b204e39450570f09500bdf7fe8d297aa46ae13cccd9f907622287cdea3450fbb50289a5ac41714069426b608815ac19d6528f8a04a0eb4d183f320ce017ba1721037758bed73195624ae9dd8f7847060cf9d6f03b109dff3a0565bb678&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670662044676_1078391&clickId=107698148_1670662044671_2782960&url=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Finger-in-dubai%2F%3Fkk%3Da4c6294-184fb37bbff-eabe0%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DTreningsdagbok%2BMed%2BInger%2BIn%2BDubai&initiator=timeout HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670628077933&.sig=I0vBaGbEIQq2C0vIoXALhuCPu2c-&affiliationId=96965866&comId=100541924&country=no&offerId=74e63af7634f51f1c518cc4fa339ee58&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=Ns7DQM9gHragFL9IHA6D2BmRTLaIPCbqzsyDaE-IPpT13p4MRsyLlK3ZUqVk3pzZTsmuUL&custom2=jKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB
Connection: keep-alive
Cookie: datadome=fnUvVCxzxolEWuZYarNDqKA_HnL5Dgm~jcXknW8lIIYO4dBzvL5JgRFYA-Ab0cDJwZAFa8Gg_pfil00IkP-OwtCzL5ECEpulKg3zOnz3m5Mbe_gpwz3HN14rVPtqY3Q; kelkooID=a4c6294-184fb37bbff-eabe0; _ga=GA1.2.1808273210.1670662043; _gid=GA1.2.524240620.1670662043
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Sat, 10 Dec 2022 08:47:24 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670662044676_1078391
clickId: 107698148_1670662044671_2782960
country: no
Location: https://www.friskforlag.no/produkt/inger-in-dubai/?kk=a4c6294-184fb37bbff-eabe0&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Treningsdagbok+Med+Inger+In+Dubai
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.017659S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=3ZtVerQ_XkmKf~keY99F3yo1DotINAbyT6dDrf-mtOSXbDQd2lkMDA6CkmyHp4TUbmOOlqCFEOiX3vUkAnstcBkgLAeGtswo_TNxieuM0lPqTcNIQeQzQ9NDNRBiig-8; Max-Age=31536000; Expires=Sun, 10 Dec 2023 08:47:24 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=95
Connection: Keep-Alive
Content-Type: text/plain
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 72b194d2f4e7a6f46b0153d92df1c139
688caaf8e47689b2b5140d07aa7d13c7395659e9
6d876036fd92e79f27023edd7b2718d0f168395b4af2cfbe6fbc0dcfb91a1996
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:25 GMT
Etag: "63927f08-117"
Server: ECS (amb/6BA1)
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670628077933%26.sig%3DI0vBaGbEIQq2C0vIoXALhuCPu2c-%26affiliationId%3D96965866%26comId%3D100541924%26country%3Dno%26offerId%3D74e63af7634f51f1c518cc4fa339ee58%26service%3D37%26tokenId%3D35e025c3-2943-4e2d-874f-eaee491f9fab%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3DNs7DQM9gHragFL9IHA6D2BmRTLaIPCbqzsyDaE-IPpT13p4MRsyLlK3ZUqVk3pzZTsmuUL%26custom2%3DjKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965866%7C100541924%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Friskforlag.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1808273210.1670662043&tid=UA-168544891-6&_gid=524240620.1670662043&_r=1&cd1=96965866&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670662044676_1078391&cd3=100541924&cd4=a4c6294-184fb37bbff-eabe0&cd5=&cd6=96965866%7C100541924%7C&z=1501245783
142.250.74.14200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670628077933%26.sig%3DI0vBaGbEIQq2C0vIoXALhuCPu2c-%26affiliationId%3D96965866%26comId%3D100541924%26country%3Dno%26offerId%3D74e63af7634f51f1c518cc4fa339ee58%26service%3D37%26tokenId%3D35e025c3-2943-4e2d-874f-eaee491f9fab%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3DNs7DQM9gHragFL9IHA6D2BmRTLaIPCbqzsyDaE-IPpT13p4MRsyLlK3ZUqVk3pzZTsmuUL%26custom2%3DjKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965866%7C100541924%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Friskforlag.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1808273210.1670662043&tid=UA-168544891-6&_gid=524240620.1670662043&_r=1&cd1=96965866&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670662044676_1078391&cd3=100541924&cd4=a4c6294-184fb37bbff-eabe0&cd5=&cd6=96965866%7C100541924%7C&z=1501245783
IP 142.250.74.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670628077933%26.sig%3DI0vBaGbEIQq2C0vIoXALhuCPu2c-%26affiliationId%3D96965866%26comId%3D100541924%26country%3Dno%26offerId%3D74e63af7634f51f1c518cc4fa339ee58%26service%3D37%26tokenId%3D35e025c3-2943-4e2d-874f-eaee491f9fab%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3DNs7DQM9gHragFL9IHA6D2BmRTLaIPCbqzsyDaE-IPpT13p4MRsyLlK3ZUqVk3pzZTsmuUL%26custom2%3DjKWjuHsyVFF-IPrsqwqSExZvyxEmVJrUAQB&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965866%7C100541924%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Friskforlag.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1808273210.1670662043&tid=UA-168544891-6&_gid=524240620.1670662043&_r=1&cd1=96965866&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670662044676_1078391&cd3=100541924&cd4=a4c6294-184fb37bbff-eabe0&cd5=&cd6=96965866%7C100541924%7C&z=1501245783 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Sat, 10 Dec 2022 08:47:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 72b194d2f4e7a6f46b0153d92df1c139
688caaf8e47689b2b5140d07aa7d13c7395659e9
6d876036fd92e79f27023edd7b2718d0f168395b4af2cfbe6fbc0dcfb91a1996
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:25 GMT
Etag: "63927f08-117"
Last-Modified: Sat, 10 Dec 2022 08:47:25 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.2 kB IP 142.250.74.131:0
Hash 22aefe6ce00123e4c7da67a21737a18e
c3fbe97932462edff0a1512f17a56421bc2175e1
d902e07bee1b6875015870db719935237ff3c8219bb1b8fb4da1b709ecc7b0e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.kk-resources.com/leadtag.js
143.204.55.57200 OK 2.6 kB URL HTTP/1.1 s.kk-resources.com/leadtag.js
IP 143.204.55.57:0
File type C source, ASCII text, with very long lines (6910)
Hash b9c7aa9898d0e7b5d8dfa27c81eda1ac
3e22a4f4ac1fd469128de60e1a80433513242071
980531f0a81016e3a7a4c3fa56f75e7b791f1f4c09296992221bd766b91a53a0
GET /leadtag.js HTTP/1.1
Host: s.kk-resources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2595
Connection: keep-alive
X-Gravitee-Transaction-Id: eec88ab9-5fe1-47d4-888a-b95fe137d49f
X-Gravitee-Request-Id: eec88ab9-5fe1-47d4-888a-b95fe137d49f
Request-Time: 7
Accept-Ranges: bytes
Last-Modified: Tue, 12 Jul 2022 13:48:05 GMT
Content-Encoding: gzip
Date: Sat, 10 Dec 2022 08:01:39 GMT
Cache-Control: public, max-age=3600
ETag: "01eb894c46b26432f1c6dc225e35b2f1bfc24a0c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vHHcOu-AK0z9FVR3yyGmRVyGMZo0LwNoK6ohfPmUStwDqHxj8cP8mQ==
Age: 2746
www.friskforlag.no/produkt/inger-in-dubai/?kk=a4c6294-184fb37bbff-eabe0&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Treningsdagbok+Med+Inger+In+Dubai
162.159.152.23200 OK 102 kB URL HTTP/2 www.friskforlag.no/produkt/inger-in-dubai/?kk=a4c6294-184fb37bbff-eabe0&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Treningsdagbok+Med+Inger+In+Dubai
IP 162.159.152.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (61953), with CRLF, LF line terminators
Size 102 kB (101776 bytes)
Hash b9db9a37de789da950a3ff341ea475da
44bbf983e1cbebe1decc9e714b38c0e24a262a51
7a3bc54f29038fa9fbd00b28d0fa332aac28299a587364bee0f74afce003783f
GET /produkt/inger-in-dubai/?kk=a4c6294-184fb37bbff-eabe0&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Treningsdagbok+Med+Inger+In+Dubai HTTP/1.1
Host: www.friskforlag.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:25 GMT
content-type: text/html; charset=UTF-8
cf-ray: 7774b736cdc0b500-OSL
cache-control: max-age=600, public, s-maxage=3600
expires: Sat, 10 Dec 2022 08:57:25 GMT
link: <https://www.friskforlag.no/wp-json/>; rel="https://api.w.org/", <https://www.friskforlag.no/wp-json/wp/v2/product/228439>; rel="alternate"; type="application/json"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: BYPASS
cdn-cache-control: max-age=3600
pragma: public
x-acd-cms: wordpress
x-acd-status: BYPASS, set-cookie
x-acd-ttl: 3600
x-content-type-options: nosniff
x-servebolt-plugin: active
set-cookie: mailchimp_landing_site=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Finger-in-dubai%2F%3Fkk%3Da4c6294-184fb37bbff-eabe0; expires=Sat, 07-Jan-2023 08:47:25 GMT; Max-Age=2419200; path=/; secure; SameSite=Strict
__cf_bm=CMElHAptqQijBgR5sYOHQN648bLh5NAZdgqJaxd3pvc-1670662045-0-AU19xqCQjGFSMGqe33xWPrrMp+Fubon2zpiRACqfJ7tb710bPrer8DL+WA28BEk4gmBUVK+rask/oh0Y6pe50Wg=; path=/; expires=Sat, 10-Dec-22 09:17:25 GMT; domain=.www.friskforlag.no; HttpOnly; Secure; SameSite=None
servebolt: acd
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 3.7 kB IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5aaa10eec8f66a875368d951d85e5c7a
4e13421e4503086c7b1d7d0d1baf5c8188650608
4f0b4a384259a224a65fa1070c27177d4beb9f1afc6b7af94e2e520879d7dccc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E36FE3C53F7C4207C48010121E5B9E6B57F17E0B3A4D1DA64603894737AB241"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11688
Expires: Sat, 10 Dec 2022 12:02:14 GMT
Date: Sat, 10 Dec 2022 08:47:26 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 6.3 kB IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ee915b44f8f6973165e2a4786b2f5fcc
13987d7bf80586abfba4176a2ad5b4a4191140a4
e9f05857cba427799e1cf172bc14f6b03a0e2283918369f42140fa18c7ca4e33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E36FE3C53F7C4207C48010121E5B9E6B57F17E0B3A4D1DA64603894737AB241"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11688
Expires: Sat, 10 Dec 2022 12:02:14 GMT
Date: Sat, 10 Dec 2022 08:47:26 GMT
Connection: keep-alive
chimpstatic.com/mcjs-connected/js/users/0a43ad848ac1e83d406be05e8/afff0d0c26b6f387f4dbd3d3b.js
96.6.17.210200 OK 874 B URL HTTP/1.1 chimpstatic.com/mcjs-connected/js/users/0a43ad848ac1e83d406be05e8/afff0d0c26b6f387f4dbd3d3b.js
IP 96.6.17.210:0
Hash 2be8b8372f48c8023f189aeb56f2c89b
d6d4dfb1b6585bdeb69a0f0aefd9e0876c08861b
e3b6fca3ff3efdb3dc59ee04d81f47cae4b5547beb7013021e8f96c759e5c7af
GET /mcjs-connected/js/users/0a43ad848ac1e83d406be05e8/afff0d0c26b6f387f4dbd3d3b.js HTTP/1.1
Host: chimpstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 8RujfYVcoiJE0hmZ4rl57V7+eR+thZXQeKTjgWUYN/d3Bvntu7I+b01R4JiByyUzh9IbHRhoUTs=
x-amz-request-id: 79C8343880B502A7
Last-Modified: Wed, 06 Mar 2019 18:47:02 GMT
ETag: "104d46a3208b40e8ded389332f5a78a3"
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 50
Server: AmazonS3
X-EdgeConnect-MidMile-RTT: 40
X-EdgeConnect-Origin-MEX-Latency: 89
Unused62: 8096267
Cache-Control: max-age=1117
Expires: Sat, 10 Dec 2022 09:06:03 GMT
Date: Sat, 10 Dec 2022 08:47:26 GMT
Connection: keep-alive
www.googletagmanager.com/gtm.js?id=GTM-K64SWW
142.250.74.40200 OK 85 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K64SWW
IP 142.250.74.40:0
File type ASCII text, with very long lines (1241), with no line terminators
Hash acb663e8c04acf4d0a752662d769d7b9
e14ad227f0f669f4239a551bcc3368c4ad37ff0f
ad7e3feb5118562038051972967e4fc33c63ae6237ba3c90561b916278f397c5
GET /gtm.js?id=GTM-K64SWW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Dec 2022 08:47:26 GMT
expires: Sat, 10 Dec 2022 08:47:26 GMT
cache-control: private, max-age=900
last-modified: Sat, 10 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83165
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 2.2 kB IP 93.184.220.29:0
Hash 095972e9adbee70044d51290cbc322ec
2b624d30f633a23ec27775220079841ac88fc6b5
0e3cbfd0966c71763227db500dab768e86d9b640754d372555cadcd511fc9859
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6289
Cache-Control: max-age=124090
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:26 GMT
Etag: "639370c7-1d7"
Expires: Sun, 11 Dec 2022 19:15:36 GMT
Last-Modified: Fri, 09 Dec 2022 17:30:47 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.friskforlag.no/wp-content/cache/perfmatters/www.friskforlag.no/fonts/13e458115ea1.google-fonts.css
162.159.152.23200 OK 44 kB URL HTTP/2 www.friskforlag.no/wp-content/cache/perfmatters/www.friskforlag.no/fonts/13e458115ea1.google-fonts.css
IP 162.159.152.23:0
File type ASCII text, with very long lines (2244), with no line terminators
Hash 2edbc8593be47f18658df505e951d73e
43976acacdc0c6a64ec26c9eb7d198e972a2d1e4
31c0ec33a3fc6ec0c163b705c018e28b2cbe6fead5ca3d8261a0fdc4058d422e
GET /wp-content/cache/perfmatters/www.friskforlag.no/fonts/13e458115ea1.google-fonts.css HTTP/1.1
Host: www.friskforlag.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/produkt/inger-in-dubai/?kk=a4c6294-184fb37bbff-eabe0&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Treningsdagbok+Med+Inger+In+Dubai
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Finger-in-dubai%2F%3Fkk%3Da4c6294-184fb37bbff-eabe0; __cf_bm=CMElHAptqQijBgR5sYOHQN648bLh5NAZdgqJaxd3pvc-1670662045-0-AU19xqCQjGFSMGqe33xWPrrMp+Fubon2zpiRACqfJ7tb710bPrer8DL+WA28BEk4gmBUVK+rask/oh0Y6pe50Wg=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:25 GMT
content-type: text/css
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=2592
etag: W/"a20-5df4dedac169b"
expires: Sun, 10 Dec 2023 08:47:25 GMT
last-modified: Wed, 18 May 2022 19:04:36 GMT
vary: Accept-Encoding
x-frontend-cache: MISS
cf-cache-status: HIT
age: 1366797
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
servebolt: acd
server: cloudflare
cf-ray: 7774b73aa96eb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.friskforlag.no/wp-content/cache/perfmatters/www.friskforlag.no/fonts/b2479bee511c.google-fonts.css
162.159.152.23200 OK 3.2 kB URL HTTP/2 www.friskforlag.no/wp-content/cache/perfmatters/www.friskforlag.no/fonts/b2479bee511c.google-fonts.css
IP 162.159.152.23:0
File type ASCII text, with very long lines (567), with no line terminators
Hash 89c3626bccaedc30cda213de49945bd8
22ff855bf685652e861202119c13cc15a3f25f35
4747f635f7cd88be0a7e56798ab93f04bf9fa3552bdeebe101a35c2c80b3f350
GET /wp-content/cache/perfmatters/www.friskforlag.no/fonts/b2479bee511c.google-fonts.css HTTP/1.1
Host: www.friskforlag.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/produkt/inger-in-dubai/?kk=a4c6294-184fb37bbff-eabe0&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Treningsdagbok+Med+Inger+In+Dubai
Cookie: mailchimp_landing_site=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Finger-in-dubai%2F%3Fkk%3Da4c6294-184fb37bbff-eabe0; __cf_bm=CMElHAptqQijBgR5sYOHQN648bLh5NAZdgqJaxd3pvc-1670662045-0-AU19xqCQjGFSMGqe33xWPrrMp+Fubon2zpiRACqfJ7tb710bPrer8DL+WA28BEk4gmBUVK+rask/oh0Y6pe50Wg=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:25 GMT
content-type: text/css
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=670
etag: W/"29e-5ded7ba127ed0"
expires: Sun, 10 Dec 2023 08:47:25 GMT
last-modified: Thu, 12 May 2022 22:03:24 GMT
vary: Accept-Encoding
x-frontend-cache: MISS
cf-cache-status: HIT
age: 1366799
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
servebolt: acd
server: cloudflare
cf-ray: 7774b73aa970b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.kelkoogroup.net/k.gif
185.60.164.26200 OK 0 B IP 185.60.164.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: etag
Referer: https://www.friskforlag.no/
Origin: https://www.friskforlag.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 617e141e-cf2a-45c8-be14-1ecf2a05c87b
X-Gravitee-Request-Id: 617e141e-cf2a-45c8-be14-1ecf2a05c87b
Vary: Origin
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://www.friskforlag.no
Access-Control-Allow-Headers: etag
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Date: Sat, 10 Dec 2022 08:47:26 GMT
content-length: 0
s.kelkoogroup.net/k.gif
185.60.164.26200 OK 43 B IP 185.60.164.26:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
ETag: a2Vsa29vSWQ9YTRjNjI5NC0xODRmYjM3YmJmZi1lYWJlMA==
Origin: https://www.friskforlag.no
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 90a9b739-6467-4eaf-a9b7-3964679eaf34
X-Gravitee-Request-Id: 90a9b739-6467-4eaf-a9b7-3964679eaf34
ETag: a2Vsa29vSWQ9YTRjNjI5NC0xODRmYjM3YmJmZi1lYWJlMA==
Vary: *,Origin
Pragma: no-cache
Expires: 0
Request-Time: 0
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Last-Modified: Fri, 01 Jan 2010 00:00:00 GMT
Access-Control-Allow-Origin: https://www.friskforlag.no
Access-Control-Expose-Headers: ETag
Access-Control-Allow-Credentials: true
Date: Sat, 10 Dec 2022 08:47:26 GMT
Content-Type: image/gif
content-length: 43
a.omappapi.com/app/js/api.min.css
194.242.11.186200 OK 156 kB URL HTTP/2 a.omappapi.com/app/js/api.min.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (17996), with no line terminators
Size 156 kB (156385 bytes)
Hash 0e9a8f3cce9c92411ef126e554bb2675
0bd27bbbe52ddd27228e3f4207dd95c127804b36
9d308ef0c5c77bcad78f84916c829055ba3f9002646eb0b23e88ec0463451546
GET /app/js/api.min.css HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"6378026e-464c"
last-modified: Fri, 18 Nov 2022 22:08:46 GMT
cdn-storageserver: DE-165
cdn-requestpullsuccess: True
cdn-fileserver: 296
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2022 14:13:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5c048f0b1eb2af086800f765a448f5ec
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
54.230.82.240200 OK 12 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (27174), with no line terminators
Hash c2e77894268b6b774d0794484c8d2e8a
7c0f663756f2c886f84d504408a21b5e3870bdb2
69218077f554239b91d61d5008a3e2d81a8ed6f1f8319ab6ee2d96202dcdfafe
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 11844
server: CloudFront
date: Sat, 10 Dec 2022 08:47:26 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Sun, 11 Dec 2022 06:28:34 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HBiNpq10ErGNxA9oMYoYlovwCf3dp4BBHWHmH880lMB1rXF-cZS4Aw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 32f1bc047e54ac927d09e1998818e093
1ca84375422f11213e2a8c6b56191cef6b913583
8f013c209f896fdb08cc36d3381865fdf4245c3b41cdcffb0823b1890cd20c48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6477
Cache-Control: max-age=85777
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:26 GMT
Etag: "6392da62-1d7"
Expires: Sun, 11 Dec 2022 08:37:03 GMT
Last-Modified: Fri, 09 Dec 2022 06:49:06 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 32f1bc047e54ac927d09e1998818e093
1ca84375422f11213e2a8c6b56191cef6b913583
8f013c209f896fdb08cc36d3381865fdf4245c3b41cdcffb0823b1890cd20c48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6477
Cache-Control: max-age=85777
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:26 GMT
Etag: "6392da62-1d7"
Expires: Sun, 11 Dec 2022 08:37:03 GMT
Last-Modified: Fri, 09 Dec 2022 06:49:06 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 32f1bc047e54ac927d09e1998818e093
1ca84375422f11213e2a8c6b56191cef6b913583
8f013c209f896fdb08cc36d3381865fdf4245c3b41cdcffb0823b1890cd20c48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6477
Cache-Control: max-age=85777
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:26 GMT
Etag: "6392da62-1d7"
Expires: Sun, 11 Dec 2022 08:37:03 GMT
Last-Modified: Fri, 09 Dec 2022 06:49:06 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
tr.snapchat.com/cm/i?pid=661a052e-3636-4b22-903e-a7571e814db6&u_scsid=33c6ad53-ba60-4e0a-8085-4cea4aa9168c&u_sclid=244f451c-da80-4539-aafb-be0e713a55ee
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=661a052e-3636-4b22-903e-a7571e814db6&u_scsid=33c6ad53-ba60-4e0a-8085-4cea4aa9168c&u_sclid=244f451c-da80-4539-aafb-be0e713a55ee
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=661a052e-3636-4b22-903e-a7571e814db6&u_scsid=33c6ad53-ba60-4e0a-8085-4cea4aa9168c&u_sclid=244f451c-da80-4539-aafb-be0e713a55ee HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/p?pid=661a052e-3636-4b22-903e-a7571e814db6&ev=PAGE_VIEW&e_ni=%2C&e_pr=%2C&e_iids=%2C&e_desc=%2C&e_cur=NOK&e_ic=%2C&intg=gtm&pl=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Finger-in-dubai%2F%3Fkk%3Da4c6294-184fb37bbff-eabe0%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DTreningsdagbok%2BMed%2BInger%2BIn%2BDubai&bt=1d53c387&if=false&m_dcl=1651&m_fcps=1742&m_pi=1420&m_pl=1708&m_pv=v2&m_rd=1820&m_sl=1817&rf=https%3A%2F%2Fno-go.kelkoogroup.net%2F&trackId=a82acc8b-faf6-4f82-82c3-9560d8dc9106&ts=1670662045545&u_c1=3755bb1b-4ac2-40d3-85fc-8586ba6b092a&u_sclid=244f451c-da80-4539-aafb-be0e713a55ee&u_scsid=33c6ad53-ba60-4e0a-8085-4cea4aa9168c&v=2.0.0
35.190.43.134200 OK 68 B URL HTTP/2 tr.snapchat.com/p?pid=661a052e-3636-4b22-903e-a7571e814db6&ev=PAGE_VIEW&e_ni=%2C&e_pr=%2C&e_iids=%2C&e_desc=%2C&e_cur=NOK&e_ic=%2C&intg=gtm&pl=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Finger-in-dubai%2F%3Fkk%3Da4c6294-184fb37bbff-eabe0%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DTreningsdagbok%2BMed%2BInger%2BIn%2BDubai&bt=1d53c387&if=false&m_dcl=1651&m_fcps=1742&m_pi=1420&m_pl=1708&m_pv=v2&m_rd=1820&m_sl=1817&rf=https%3A%2F%2Fno-go.kelkoogroup.net%2F&trackId=a82acc8b-faf6-4f82-82c3-9560d8dc9106&ts=1670662045545&u_c1=3755bb1b-4ac2-40d3-85fc-8586ba6b092a&u_sclid=244f451c-da80-4539-aafb-be0e713a55ee&u_scsid=33c6ad53-ba60-4e0a-8085-4cea4aa9168c&v=2.0.0
IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /p?pid=661a052e-3636-4b22-903e-a7571e814db6&ev=PAGE_VIEW&e_ni=%2C&e_pr=%2C&e_iids=%2C&e_desc=%2C&e_cur=NOK&e_ic=%2C&intg=gtm&pl=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Finger-in-dubai%2F%3Fkk%3Da4c6294-184fb37bbff-eabe0%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DTreningsdagbok%2BMed%2BInger%2BIn%2BDubai&bt=1d53c387&if=false&m_dcl=1651&m_fcps=1742&m_pi=1420&m_pl=1708&m_pv=v2&m_rd=1820&m_sl=1817&rf=https%3A%2F%2Fno-go.kelkoogroup.net%2F&trackId=a82acc8b-faf6-4f82-82c3-9560d8dc9106&ts=1670662045545&u_c1=3755bb1b-4ac2-40d3-85fc-8586ba6b092a&u_sclid=244f451c-da80-4539-aafb-be0e713a55ee&u_scsid=33c6ad53-ba60-4e0a-8085-4cea4aa9168c&v=2.0.0 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAA3JyQ0AIAgEwIpIQHEJ5XhtFRSvz8kQbtz9yjpJ8dyUeUdIM8Sxwd9Z9aFAU0fpA2oxKxEyAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.omappapi.com/app/js/moment.js/2.29.4/moment.min.js
194.242.11.186200 OK 21 kB URL HTTP/2 a.omappapi.com/app/js/moment.js/2.29.4/moment.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (58064), with no line terminators
Hash 6283903fdf63cc64c6e63d992f93b9b4
8e1f276a5765c106b3c5e3a2cb8fe64dcd5568a3
ded7eda3af890e7412b5f1e6eb9e0334c6993206626c6edb3be16f01f64a87ce
GET /app/js/moment.js/2.29.4/moment.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"62ed39ef-e2d0"
last-modified: Fri, 05 Aug 2022 15:40:31 GMT
cdn-storageserver: DE-167
cdn-requestpullsuccess: True
cdn-fileserver: 418
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/26/2022 15:15:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cf0fa885f6cd5dc8ee82006cbf0b1538
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 32f1bc047e54ac927d09e1998818e093
1ca84375422f11213e2a8c6b56191cef6b913583
8f013c209f896fdb08cc36d3381865fdf4245c3b41cdcffb0823b1890cd20c48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6477
Cache-Control: max-age=85777
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:26 GMT
Etag: "6392da62-1d7"
Expires: Sun, 11 Dec 2022 08:37:03 GMT
Last-Modified: Fri, 09 Dec 2022 06:49:06 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
a.omappapi.com/app/js/11.9da7034c.min.js
194.242.11.186200 OK 1.5 kB URL HTTP/2 a.omappapi.com/app/js/11.9da7034c.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (1941)
Hash 529e0c002ce9499116c69917eeec8147
81de193b5f0ed7187f389619c40eb27c2c44a480
b5ae4831515e5f43ccd56fffae1e057448e36d56e8c54b7819ad83897a35d1e1
GET /app/js/11.9da7034c.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"637289e5-7cb"
last-modified: Mon, 14 Nov 2022 18:33:09 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 473
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 23:02:25
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ecf9bdafacd30e89db8c824b3c2a0470
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.omappapi.com/app/js/28.7c2ba7ea.min.js
194.242.11.186200 OK 2.9 kB URL HTTP/2 a.omappapi.com/app/js/28.7c2ba7ea.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (5919)
Hash 8b81774291cbb29c16bab01e6b1a6d13
6fe908a4d4ee4bc278bba734a66b9c9ff7cf0303
38cb24d9530a7503b134165cc3a084ed7d366c56fea6ff9424d43fa80af71ef9
GET /app/js/28.7c2ba7ea.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-1758"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 471
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 23:02:26
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 4d6ce7a959166ba1c02798a1079f0360
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/29.1c75394c.min.js
194.242.11.186200 OK 1.5 kB URL HTTP/2 a.omappapi.com/app/js/29.1c75394c.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (2728)
Hash b78dcf9874ed0ff3f70599b41ac5fa3d
2005e2620807aeba70b40703ea7b9ef2cf4f8730
66f5c7d203af61233eb384bbd0e79cb9e7e88c6d5508348482e7657ab3a7872e
GET /app/js/29.1c75394c.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-adf"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-200
cdn-requestpullsuccess: True
cdn-fileserver: 471
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 23:02:25
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 48ccdfe1540bc688b8986a36e37eee50
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.14200 OK 21 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
Hash 3e0fa956f77d252b5e0d03ac9b90f2e8
fd6d27efa9fa5526d3b62bb99382236d436a4a91
94f0ed30a6481dce38406d6b878dd59dc503deb8aefadc89fd28489803eac3e7
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 10 Dec 2022 07:34:02 GMT
expires: Sat, 10 Dec 2022 09:34:02 GMT
cache-control: public, max-age=7200
age: 4405
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15476, version 1.0\012- data
Hash 083f5cafe748b8ac91823b36986d7fda
0d763699e5bce633aa6adc03370b8630b87c1b31
a3d8afcbc68d3ae65312e50ce252f5eb4cb817d3fe39452bd37a76f896ab5921
GET /s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.friskforlag.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15476
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 20:54:38 GMT
expires: Thu, 07 Dec 2023 20:54:38 GMT
cache-control: public, max-age=31536000
age: 215569
last-modified: Fri, 24 Jun 2022 18:41:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8105b33e4e3af998e9d016e156205c22
dfa2f5cecd72be8ec63d5f833b82cd993a5ce8b9
4a682a72e5d599d48706927cbc0852df5ac36dbb57747681cc2ee91c719c7ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=1571215981.1670662045&url=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Finger-in-dubai%2F>m=2wgbu0K64SWW
142.250.74.98200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=1571215981.1670662045&url=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Finger-in-dubai%2F>m=2wgbu0K64SWW
IP 142.250.74.98:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /pagead/landing?gcs=G100&gcd=G100&rnd=1571215981.1670662045&url=https%3A%2F%2Fwww.friskforlag.no%2Fprodukt%2Finger-in-dubai%2F>m=2wgbu0K64SWW HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.friskforlag.no
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 08:47:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8105b33e4e3af998e9d016e156205c22
dfa2f5cecd72be8ec63d5f833b82cd993a5ce8b9
4a682a72e5d599d48706927cbc0852df5ac36dbb57747681cc2ee91c719c7ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-71666728-1&cid=553593074.1670662046&jid=1839926297&gjid=1532299863&_gid=1468320079.1670662046&_u=qFBAAEAAEAAAACAAI~&z=430472977
108.177.14.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-71666728-1&cid=553593074.1670662046&jid=1839926297&gjid=1532299863&_gid=1468320079.1670662046&_u=qFBAAEAAEAAAACAAI~&z=430472977
IP 108.177.14.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-71666728-1&cid=553593074.1670662046&jid=1839926297&gjid=1532299863&_gid=1468320079.1670662046&_u=qFBAAEAAEAAAACAAI~&z=430472977 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.friskforlag.no
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.friskforlag.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 10 Dec 2022 08:47:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0cf9ee8fd84528d931cd343d295b5f43
15564c0b3e9c92e10d1a3ebf728a255e580e6959
737e3ef7c008bcacc39276d362f631365ccd3a27a7b0d843b3e3eba9c381fb4e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "737E3EF7C008BCACC39276D362F631365CCD3A27A7B0D843B3E3EBA9C381FB4E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3783
Expires: Sat, 10 Dec 2022 09:50:30 GMT
Date: Sat, 10 Dec 2022 08:47:27 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c33a1d5d0fc5fe73ec55ac938817ea4
bfc100af7973feb3a7c3501dda66589f08bc6bde
668f1beac80500f1748643c27de6e413b0676a2fa94b0fbb7ef94b1cbab16e50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a49ab5ecc317aa7e4724050053737549
3ffff77715bf8c5dbcbb5e17abbbc2c683c36f60
844f25237f9906c3fb977d58259e132c41dacbbe546adc8b45e9992e6ee711c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-71666728-1&cid=553593074.1670662046&jid=1839926297&_u=qFBAAEAAEAAAACAAI~&z=158183845
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-71666728-1&cid=553593074.1670662046&jid=1839926297&_u=qFBAAEAAEAAAACAAI~&z=158183845
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-71666728-1&cid=553593074.1670662046&jid=1839926297&_u=qFBAAEAAEAAAACAAI~&z=158183845 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 08:47:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-71666728-1&cid=553593074.1670662046&jid=1839926297&_u=qFBAAEAAEAAAACAAI~&z=158183845
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-71666728-1&cid=553593074.1670662046&jid=1839926297&_u=qFBAAEAAEAAAACAAI~&z=158183845
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-71666728-1&cid=553593074.1670662046&jid=1839926297&_u=qFBAAEAAEAAAACAAI~&z=158183845 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 08:47:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c33a1d5d0fc5fe73ec55ac938817ea4
bfc100af7973feb3a7c3501dda66589f08bc6bde
668f1beac80500f1748643c27de6e413b0676a2fa94b0fbb7ef94b1cbab16e50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
z.omappapi.com/v3/i?aid=171696&cid=wwgz4evjisosc3fzbjk3&sid=6244443d4d1c0&rt=false&dv=desktop&cty=floating&url=produkt%2Finger-in-dubai&v=5
178.128.135.232204 No Content 1.7 kB URL HTTP/1.1 z.omappapi.com/v3/i?aid=171696&cid=wwgz4evjisosc3fzbjk3&sid=6244443d4d1c0&rt=false&dv=desktop&cty=floating&url=produkt%2Finger-in-dubai&v=5
IP 178.128.135.232:0
ASN #14061 DIGITALOCEAN-ASN
Hash 96b9df39a0687a4c19b3de0df40605dd
9049a6c12ee1244e7712e93a7cf4363c8c83dce3
5c424876ac506a1faeab02400f03235ec8da32c2e2c902f2b4cf505bda90e123
GET /v3/i?aid=171696&cid=wwgz4evjisosc3fzbjk3&sid=6244443d4d1c0&rt=false&dv=desktop&cty=floating&url=produkt%2Finger-in-dubai&v=5 HTTP/1.1
Host: z.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.friskforlag.no
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 10 Dec 2022 08:47:27 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.friskforlag.no
Access-Control-Allow-Credentials: true
Server: kong/0.14.1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5496e18a30e039b44989d9a0e932d4bc
c5bfb1b9ce711e38d69e78486017f07cc47fe04a
26a3ad286e479cdabfcbb5a9d3fada211c73650628a35c80944b0e7e8aad27e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 08:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.omappapi.com/app/js/api.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/api.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/api.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"6378026b-13ef5"
last-modified: Fri, 18 Nov 2022 22:08:43 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 492
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/25/2022 21:21:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 860f7ee73dd0d2ee1b3e661fdb8fdfc4
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/4.f2ffe9e7.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/4.f2ffe9e7.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/4.f2ffe9e7.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"637289e2-4f7e"
last-modified: Mon, 14 Nov 2022 18:33:06 GMT
cdn-storageserver: DE-164
cdn-requestpullsuccess: True
cdn-fileserver: 459
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/25/2022 21:21:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cc60a4206c3c8fef77a1c0f1f79569d5
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/10.0f634e82.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/10.0f634e82.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/10.0f634e82.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-6236"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-165
cdn-requestpullsuccess: True
cdn-fileserver: 512
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/25/2022 21:21:38
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 7ba75c2cc3a45609617273562494fc39
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.cookie-script.com/s/d0d874b1ff05d1671a76806430133491.js
78.47.189.205200 OK 0 B URL HTTP/2 cdn.cookie-script.com/s/d0d874b1ff05d1671a76806430133491.js
IP 78.47.189.205:0
ASN #24940 Hetzner Online GmbH
GET /s/d0d874b1ff05d1671a76806430133491.js HTTP/1.1
Host: cdn.cookie-script.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 10 Dec 2022 08:47:26 GMT
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 07:28:31 GMT
etag: W/"b7b58d73688d67f1560519e1873af124"
access-control-allow-origin: *
x-cache-status: HIT
content-type: application/javascript
content-encoding: gzip
X-Firefox-Spdy: h2
a.omappapi.com/app/campaign-views/daf929ba1e80/wwgz4evjisosc3fzbjk3/3af4eec5ed635beef3f4dbb9d59a1443-yesno.json
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/campaign-views/daf929ba1e80/wwgz4evjisosc3fzbjk3/3af4eec5ed635beef3f4dbb9d59a1443-yesno.json
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/campaign-views/daf929ba1e80/wwgz4evjisosc3fzbjk3/3af4eec5ed635beef3f4dbb9d59a1443-yesno.json HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.friskforlag.no
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:27 GMT
content-type: application/json
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"3af4eec5ed635beef3f4dbb9d59a1443"
last-modified: Thu, 08 Dec 2022 06:43:41 GMT
perma-cache: MISS
x-amz-id-2: 3M8pI1ka7tJeyPpoIu6pkN+CBSbUxd6+pi9NswUZ1OBmPiil28+BHS8ZI3tjx0C4D9YcIILXxnk=
x-amz-request-id: ZRNWKAXHFD4HH7TS
x-amz-meta-date: 1670481820
x-amz-meta-level: vbp_pro
x-amz-meta-title: 3af4eec5ed635beef3f4dbb9d59a1443-yesno.json
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/08/2022 06:44:18
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6506e4c0974bfaa82bc261fa8ba1b53a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/171696/wwgz4evjisosc3fzbjk3
54.230.111.48200 OK 0 B URL HTTP/2 api.omappapi.com/v2/embed/171696/wwgz4evjisosc3fzbjk3
IP 54.230.111.48:0
GET /v2/embed/171696/wwgz4evjisosc3fzbjk3 HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.friskforlag.no
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Sat, 10 Dec 2022 08:47:25 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Sat, 10 Dec 2022 08:40:27 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Thu, 08 Dec 2022 06:43:42 GMT
etag: W/"7eef580521079ba2f300ff71c9702968"
x-optinmonster-campaign: wwgz4evjisosc3fzbjk3
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JpbQ6K-pFP2E5UxB-HtdTLqcKF_1CXklGP9j6pAOJwn3768EMk5X2A==
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/171696/hldq9w6jn7wv5jpooc7v
54.230.111.48200 OK 0 B URL HTTP/2 api.omappapi.com/v2/embed/171696/hldq9w6jn7wv5jpooc7v
IP 54.230.111.48:0
GET /v2/embed/171696/hldq9w6jn7wv5jpooc7v HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.friskforlag.no
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Sat, 10 Dec 2022 08:47:25 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Sat, 10 Dec 2022 08:36:50 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Mon, 28 Nov 2022 10:04:42 GMT
etag: W/"892fc3d44420a6f68705fd0a6aca9dd5"
x-optinmonster-campaign: hldq9w6jn7wv5jpooc7v
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7UoR1yP_LSWtKBHVrbuh_L2OQr-Uuug2m3ksbAobtVZOdlq_xqT55g==
X-Firefox-Spdy: h2
a.omappapi.com/app/js/5.cadaa863.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/5.cadaa863.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/5.cadaa863.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"6373fca9-2509"
last-modified: Tue, 15 Nov 2022 20:55:05 GMT
cdn-storageserver: DE-197
cdn-requestpullsuccess: True
cdn-fileserver: 489
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 23:02:25
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6a6d6cb4d6afd327824dac07fcb6cbe0
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/31.33bee250.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/31.33bee250.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/31.33bee250.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-5f2"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-168
cdn-requestpullsuccess: True
cdn-fileserver: 506
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/28/2022 19:08:14
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 0dd6c15bd63a51c10eb927074b1c1c92
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
tr.snapchat.com/config/no/661a052e-3636-4b22-903e-a7571e814db6.js
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/config/no/661a052e-3636-4b22-903e-a7571e814db6.js
IP 35.190.43.134:0
GET /config/no/661a052e-3636-4b22-903e-a7571e814db6.js HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.friskforlag.no
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
access-control-allow-origin: https://www.friskforlag.no
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.omappapi.com/app/js/20.1ca31d61.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/20.1ca31d61.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/20.1ca31d61.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-eca"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-197
cdn-requestpullsuccess: True
cdn-fileserver: 505
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 23:02:25
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 2038a287b56235c66bef09ad6437559a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/webfont/1.5.18/webfont.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/webfont/1.5.18/webfont.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/webfont/1.5.18/webfont.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"62ed37ae-40cb"
last-modified: Fri, 05 Aug 2022 15:30:54 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 419
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/29/2022 21:15:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5944c2c7a7bb1f35d20b473e14bd53f3
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/9.8520b11d.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/9.8520b11d.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/9.8520b11d.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-684"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 505
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/21/2022 23:02:26
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: be82667ca99debd6ea85d1a063cccba2
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/22.7f83f3f7.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/22.7f83f3f7.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/22.7f83f3f7.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.friskforlag.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 08:47:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-613"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-197
cdn-requestpullsuccess: True
cdn-fileserver: 506
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/29/2022 21:15:50
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 304b9f88c5861410d1209a3e405ebcb2
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2